Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(24)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: Source/core/css/CSSParser.cpp

Issue 15317009: Fix for CSS Variables tokenisation not checking CSS identifier length (Closed) Base URL: svn://svn.chromium.org/blink/trunk
Patch Set: Added check for extra CSS identifier character plus assert Created 7 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « Source/core/css/CSSParser.h ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* 1 /*
2 * Copyright (C) 2003 Lars Knoll (knoll@kde.org) 2 * Copyright (C) 2003 Lars Knoll (knoll@kde.org)
3 * Copyright (C) 2005 Allan Sandfeld Jensen (kde@carewolf.com) 3 * Copyright (C) 2005 Allan Sandfeld Jensen (kde@carewolf.com)
4 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012 Apple Inc. All rights reserved. 4 * Copyright (C) 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012 Apple Inc. All rights reserved.
5 * Copyright (C) 2007 Nicholas Shanks <webkit@nickshanks.com> 5 * Copyright (C) 2007 Nicholas Shanks <webkit@nickshanks.com>
6 * Copyright (C) 2008 Eric Seidel <eric@webkit.org> 6 * Copyright (C) 2008 Eric Seidel <eric@webkit.org>
7 * Copyright (C) 2009 Torch Mobile Inc. All rights reserved. (http://www.torchmo bile.com/) 7 * Copyright (C) 2009 Torch Mobile Inc. All rights reserved. (http://www.torchmo bile.com/)
8 * Copyright (C) 2012 Adobe Systems Incorporated. All rights reserved. 8 * Copyright (C) 2012 Adobe Systems Incorporated. All rights reserved.
9 * Copyright (C) 2012 Intel Corporation. All rights reserved. 9 * Copyright (C) 2012 Intel Corporation. All rights reserved.
10 * 10 *
(...skipping 10270 matching lines...) Expand 10 before | Expand all | Expand 10 after
10281 if (isASCIIAlphaCaselessEqual(name[0], 'o') && isASCIIAlphaCaselessEqual (name[1], 'r')) 10281 if (isASCIIAlphaCaselessEqual(name[0], 'o') && isASCIIAlphaCaselessEqual (name[1], 'r'))
10282 m_token = SUPPORTS_OR; 10282 m_token = SUPPORTS_OR;
10283 } else if (length == 3) { 10283 } else if (length == 3) {
10284 if (isASCIIAlphaCaselessEqual(name[0], 'a') && isASCIIAlphaCaselessEqual (name[1], 'n') && isASCIIAlphaCaselessEqual(name[2], 'd')) 10284 if (isASCIIAlphaCaselessEqual(name[0], 'a') && isASCIIAlphaCaselessEqual (name[1], 'n') && isASCIIAlphaCaselessEqual(name[2], 'd'))
10285 m_token = SUPPORTS_AND; 10285 m_token = SUPPORTS_AND;
10286 else if (isASCIIAlphaCaselessEqual(name[0], 'n') && isASCIIAlphaCaseless Equal(name[1], 'o') && isASCIIAlphaCaselessEqual(name[2], 't')) 10286 else if (isASCIIAlphaCaselessEqual(name[0], 'n') && isASCIIAlphaCaseless Equal(name[1], 'o') && isASCIIAlphaCaselessEqual(name[2], 't'))
10287 m_token = SUPPORTS_NOT; 10287 m_token = SUPPORTS_NOT;
10288 } 10288 }
10289 } 10289 }
10290 10290
10291 template <typename CharacterType>
10292 inline bool CSSParser::detectCSSVariablesToken(int length)
10293 {
10294 if (length >= 13) {
Steve Block 2013/05/21 04:47:54 if (length < 13) return false;
alancutter (OOO until 2018) 2013/05/21 05:05:15 Done.
10295 CharacterType* name = tokenStart<CharacterType>();
10296 ASSERT(name[0] == '-');
Steve Block 2013/05/21 04:47:54 Can this assert be moved to the top of the functio
alancutter (OOO until 2018) 2013/05/21 05:05:15 Done.
10297 if (name[11] == '-' && isIdentifierStartAfterDash(name + 12) && isEqualT oCSSIdentifier(name + 1, "webkit-var"))
Steve Block 2013/05/21 04:47:54 using sizeof() here as eric suggests would make th
10298 return true;
10299 }
10300 return false;
10301 }
10302
10303
10291 template <typename SrcCharacterType> 10304 template <typename SrcCharacterType>
10292 int CSSParser::realLex(void* yylvalWithoutType) 10305 int CSSParser::realLex(void* yylvalWithoutType)
10293 { 10306 {
10294 YYSTYPE* yylval = static_cast<YYSTYPE*>(yylvalWithoutType); 10307 YYSTYPE* yylval = static_cast<YYSTYPE*>(yylvalWithoutType);
10295 // Write pointer for the next character. 10308 // Write pointer for the next character.
10296 SrcCharacterType* result; 10309 SrcCharacterType* result;
10297 CSSParserString resultString; 10310 CSSParserString resultString;
10298 bool hasEscape; 10311 bool hasEscape;
10299 10312
10300 // The input buffer is terminated by a \0 character, so 10313 // The input buffer is terminated by a \0 character, so
(...skipping 164 matching lines...) Expand 10 before | Expand all | Expand 10 after
10465 m_token = dotSeen ? FLOATTOKEN : INTEGER; 10478 m_token = dotSeen ? FLOATTOKEN : INTEGER;
10466 break; 10479 break;
10467 } 10480 }
10468 10481
10469 case CharacterDash: 10482 case CharacterDash:
10470 if (isIdentifierStartAfterDash(currentCharacter<SrcCharacterType>())) { 10483 if (isIdentifierStartAfterDash(currentCharacter<SrcCharacterType>())) {
10471 --currentCharacter<SrcCharacterType>(); 10484 --currentCharacter<SrcCharacterType>();
10472 parseIdentifier(result, resultString, hasEscape); 10485 parseIdentifier(result, resultString, hasEscape);
10473 m_token = IDENT; 10486 m_token = IDENT;
10474 10487
10475 if (cssVariablesEnabled() && isEqualToCSSIdentifier(tokenStart<SrcCh aracterType>() + 1, "webkit-var") && tokenStart<SrcCharacterType>()[11] == '-' & & isIdentifierStartAfterDash(tokenStart<SrcCharacterType>() + 12)) 10488 if (cssVariablesEnabled() && detectCSSVariablesToken<SrcCharacterTyp e>(result - tokenStart<SrcCharacterType>()))
10476 m_token = VAR_DEFINITION; 10489 m_token = VAR_DEFINITION;
10477 else if (*currentCharacter<SrcCharacterType>() == '(') { 10490 else if (*currentCharacter<SrcCharacterType>() == '(') {
10478 m_token = FUNCTION; 10491 m_token = FUNCTION;
10479 if (!hasEscape) 10492 if (!hasEscape)
10480 detectDashToken<SrcCharacterType>(result - tokenStart<SrcCha racterType>()); 10493 detectDashToken<SrcCharacterType>(result - tokenStart<SrcCha racterType>());
10481 ++currentCharacter<SrcCharacterType>(); 10494 ++currentCharacter<SrcCharacterType>();
10482 ++result; 10495 ++result;
10483 } else if (UNLIKELY(m_parsingMode == NthChildMode) && !hasEscape && isASCIIAlphaCaselessEqual(tokenStart<SrcCharacterType>()[1], 'n')) { 10496 } else if (UNLIKELY(m_parsingMode == NthChildMode) && !hasEscape && isASCIIAlphaCaselessEqual(tokenStart<SrcCharacterType>()[1], 'n')) {
10484 if (result - tokenStart<SrcCharacterType>() == 2) { 10497 if (result - tokenStart<SrcCharacterType>() == 2) {
10485 // String "-n" is IDENT but "-n+1" is NTH. 10498 // String "-n" is IDENT but "-n+1" is NTH.
(...skipping 1225 matching lines...) Expand 10 before | Expand all | Expand 10 after
11711 result.lineNumber = lineNumber; 11724 result.lineNumber = lineNumber;
11712 result.content = content; 11725 result.content = content;
11713 size_t newLength = content.length(); 11726 size_t newLength = content.length();
11714 while (newLength > 0 && isHTMLSpace(result.content[newLength - 1])) 11727 while (newLength > 0 && isHTMLSpace(result.content[newLength - 1]))
11715 --newLength; 11728 --newLength;
11716 result.content.setLength(newLength); 11729 result.content.setLength(newLength);
11717 return result; 11730 return result;
11718 } 11731 }
11719 11732
11720 } 11733 }
OLDNEW
« no previous file with comments | « Source/core/css/CSSParser.h ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698