Issue 18565005: Revert "Rewrite parseFrameSetListOfDimension to match HTML5"

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Issue 18565005: Revert "Rewrite parseFrameSetListOfDimension to match HTML5" (Closed)

Created:
7 years, 5 months ago by apavlov

Modified:
7 years, 5 months ago

Reviewers:
Julien - ping for review

CC:
blink-reviews, jeez, dglazkov+blink, eae+blinkwatch, adamk+blink_chromium.org

Base URL:
svn://svn.chromium.org/blink/trunk

Visibility:
Public.

More Reviews

Description

Revert "Rewrite parseFrameSetListOfDimension to match HTML5" The change has resulted in ASAN failures: http://build.chromium.org/p/chromium.webkit/builders/WebKit%20Linux%20ASAN/builds/7635/steps/webkit_tests/logs/stdio ==2535==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x604000176835 at pc 0x5b315d5 bp 0x7fffeec0d570 sp 0x7fffeec0d568 READ of size 1 at 0x604000176835 thread T0 (content_shell) #0 0x5b315d4 in WebCore::Length WebCore::parseDimension<unsigned char>(unsigned char const*, unsigned long, unsigned long) ../third_party/WebKit/Source/core/html/HTMLDimension.cpp:62:0 #1 0x5b3111b in WebCore::parseDimension(WTF::String const&, unsigned long, unsigned long) ../third_party/WebKit/Source/core/html/HTMLDimension.cpp:97:0 #2 0x5b30fab in WebCore::parseListOfDimensions(WTF::String const&) ../third_party/WebKit/Source/core/html/HTMLDimension.cpp:129:0 #3 0x5a4ae7f in WebCore::HTMLFrameSetElement::parseAttribute(WebCore::QualifiedName const&, WTF::AtomicString const&) ../third_party/WebKit/Source/core/html/HTMLFrameSetElement.cpp:84:0 This reverts commit ac7e5c0cbc39fa3899dc556af24157e71a7d789b. TBR=jchaffraix@chromium.org Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=154013

Patch Set 1 #

Created: 7 years, 5 months ago

Download [raw] [tar.bz2]

	Unified diffs	Side-by-side diffs	Stats (+122 lines, -247 lines)			Patch
M	Source/core/core.gypi	View	1 chunk	+0 lines, -2 lines	0 comments	Download
D	Source/core/html/HTMLDimension.h	View	1 chunk	+0 lines, -47 lines	0 comments	Download
D	Source/core/html/HTMLDimension.cpp	View	1 chunk	+0 lines, -133 lines	0 comments	Download
M	Source/core/html/HTMLFrameSetElement.cpp	View	2 chunks	+3 lines, -3 lines	0 comments	Download
M	Source/core/platform/Length.h	View	1 chunk	+1 line, -0 lines	0 comments	Download
M	Source/core/platform/Length.cpp	View	2 chunks	+67 lines, -0 lines	0 comments	Download
M	Source/core/tests/HTMLDimension.cpp	View	2 chunks	+51 lines, -62 lines	0 comments	Download

Messages

Total messages: 2 (0 generated)

Expand Messages | Collapse Messages

apavlov

Committed patchset #1 manually as r154013 (presubmit successful).

7 years, 5 months ago (2013-07-11 16:12:46 UTC) #1

Julien - ping for review

7 years, 5 months ago (2013-07-11 17:59:58 UTC) #2

Message was sent while issue was closed.

On 2013/07/11 16:12:46, apavlov wrote:
> Committed patchset #1 manually as r154013 (presubmit successful).

LGTM, FWIW ClusterFuzz had also picked up the badness. As this must be blocking
the roll, it's better out of the tree, thanks!

Expand Messages | Collapse Messages