DescriptionRevert "Rewrite parseFrameSetListOfDimension to match HTML5"
The change has resulted in ASAN failures:
http://build.chromium.org/p/chromium.webkit/builders/WebKit%20Linux%20ASAN/builds/7635/steps/webkit_tests/logs/stdio
==2535==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x604000176835 at pc 0x5b315d5 bp 0x7fffeec0d570 sp 0x7fffeec0d568
READ of size 1 at 0x604000176835 thread T0 (content_shell)
#0 0x5b315d4 in WebCore::Length WebCore::parseDimension<unsigned char>(unsigned char const*, unsigned long, unsigned long) ../third_party/WebKit/Source/core/html/HTMLDimension.cpp:62:0
#1 0x5b3111b in WebCore::parseDimension(WTF::String const&, unsigned long, unsigned long) ../third_party/WebKit/Source/core/html/HTMLDimension.cpp:97:0
#2 0x5b30fab in WebCore::parseListOfDimensions(WTF::String const&) ../third_party/WebKit/Source/core/html/HTMLDimension.cpp:129:0
#3 0x5a4ae7f in WebCore::HTMLFrameSetElement::parseAttribute(WebCore::QualifiedName const&, WTF::AtomicString const&) ../third_party/WebKit/Source/core/html/HTMLFrameSetElement.cpp:84:0
This reverts commit ac7e5c0cbc39fa3899dc556af24157e71a7d789b.
TBR=jchaffraix@chromium.org
Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=154013
Patch Set 1 #
Messages
Total messages: 2 (0 generated)
|