| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2004, 2005, 2006 Nikolas Zimmermann <zimmermann@kde.org> | 2 * Copyright (C) 2004, 2005, 2006 Nikolas Zimmermann <zimmermann@kde.org> |
| 3 * Copyright (C) 2004, 2005, 2006, 2007 Rob Buis <buis@kde.org> | 3 * Copyright (C) 2004, 2005, 2006, 2007 Rob Buis <buis@kde.org> |
| 4 * Copyright (C) 2007 Apple Inc. All rights reserved. | 4 * Copyright (C) 2007 Apple Inc. All rights reserved. |
| 5 * | 5 * |
| 6 * This library is free software; you can redistribute it and/or | 6 * This library is free software; you can redistribute it and/or |
| 7 * modify it under the terms of the GNU Library General Public | 7 * modify it under the terms of the GNU Library General Public |
| 8 * License as published by the Free Software Foundation; either | 8 * License as published by the Free Software Foundation; either |
| 9 * version 2 of the License, or (at your option) any later version. | 9 * version 2 of the License, or (at your option) any later version. |
| 10 * | 10 * |
| (...skipping 80 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 91 if (secondChar == 't') | 91 if (secondChar == 't') |
| 92 type = LengthTypePT; | 92 type = LengthTypePT; |
| 93 if (secondChar == 'c') | 93 if (secondChar == 'c') |
| 94 type = LengthTypePC; | 94 type = LengthTypePC; |
| 95 } else if (firstChar == 'e') { | 95 } else if (firstChar == 'e') { |
| 96 if (secondChar == 'm') | 96 if (secondChar == 'm') |
| 97 type = LengthTypeEMS; | 97 type = LengthTypeEMS; |
| 98 if (secondChar == 'x') | 98 if (secondChar == 'x') |
| 99 type = LengthTypeEXS; | 99 type = LengthTypeEXS; |
| 100 } else if (firstChar == 'r') { | 100 } else if (firstChar == 'r') { |
| 101 if (secondChar == 'e') { | 101 if (secondChar == 'e' && ptr < end) { |
| 102 const CharType thirdChar = *ptr++; | 102 const CharType thirdChar = *ptr++; |
| 103 if (thirdChar == 'm') | 103 if (thirdChar == 'm') |
| 104 type = LengthTypeREMS; | 104 type = LengthTypeREMS; |
| 105 } | 105 } |
| 106 } else if (firstChar == 'c' && secondChar == 'm') { | 106 } else if (firstChar == 'c' && secondChar == 'm') { |
| 107 type = LengthTypeCM; | 107 type = LengthTypeCM; |
| 108 } else if (firstChar == 'm' && secondChar == 'm') { | 108 } else if (firstChar == 'm' && secondChar == 'm') { |
| 109 type = LengthTypeMM; | 109 type = LengthTypeMM; |
| 110 } else if (firstChar == 'i' && secondChar == 'n') { | 110 } else if (firstChar == 'i' && secondChar == 'n') { |
| 111 type = LengthTypeIN; | 111 type = LengthTypeIN; |
| (...skipping 361 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 473 | 473 |
| 474 float SVGLength::calculateDistance(PassRefPtrWillBeRawPtr<SVGPropertyBase> toVal
ue, SVGElement* contextElement) | 474 float SVGLength::calculateDistance(PassRefPtrWillBeRawPtr<SVGPropertyBase> toVal
ue, SVGElement* contextElement) |
| 475 { | 475 { |
| 476 SVGLengthContext lengthContext(contextElement); | 476 SVGLengthContext lengthContext(contextElement); |
| 477 RefPtrWillBeRawPtr<SVGLength> toLength = toSVGLength(toValue); | 477 RefPtrWillBeRawPtr<SVGLength> toLength = toSVGLength(toValue); |
| 478 | 478 |
| 479 return fabsf(toLength->value(lengthContext) - value(lengthContext)); | 479 return fabsf(toLength->value(lengthContext) - value(lengthContext)); |
| 480 } | 480 } |
| 481 | 481 |
| 482 } | 482 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1069213003:
SVGLength: Avoid reading out-of-bounds when parsing incorrect 'rem' unit (Closed)
Base URL: svn://svn.chromium.org/blink/trunk