Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(205)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 2003453002: Clamp, not cast length value in CSS length conversion (Closed)

Created:
4 years, 7 months ago by drott
Modified:
4 years, 7 months ago
Reviewers:
CC:
chromium-reviews
Base URL:
https://chromium.googlesource.com/chromium/src.git@2704
Target Ref:
refs/pending/branch-heads/2704
Project:
chromium
Visibility:
Public.

Description

Clamp, not cast length value in CSS length conversion computeLength() in CSSPrimitiveValue was returning only static_cast'ed, but not clamped values, leading to float overflows in font and Skia code down the line. The test result needs to be compared visually as the crash does not trigger using dumpAsText(). BUG=610645 TEST=fast/text/letter-spacing-crash.html Review-Url: https://codereview.chromium.org/1987223002 Cr-Commit-Position: refs/heads/master@{#394390} (cherry picked from commit 6dd652af9ab5089938ce8c24513b4a768d0c5b45) Committed: https://chromium.googlesource.com/chromium/src/+/f48d7f9108d7718324e9c9e5cd7008a8862dc12c

Patch Set 1 #

Unified diffs Side-by-side diffs Delta from patch set Stats (+17 lines, -1 line) Patch
A third_party/WebKit/LayoutTests/fast/text/letter-spacing-crash.html View 1 chunk +8 lines, -0 lines 0 comments Download
A third_party/WebKit/LayoutTests/fast/text/letter-spacing-crash-expected.html View 1 chunk +8 lines, -0 lines 0 comments Download
M third_party/WebKit/Source/core/css/CSSPrimitiveValue.cpp View 1 chunk +1 line, -1 line 0 comments Download

Messages

Total messages: 2 (1 generated)
drott
4 years, 7 months ago (2016-05-20 07:21:39 UTC) #2
Message was sent while issue was closed. 
Committed patchset #1 (id:1) manually as
f48d7f9108d7718324e9c9e5cd7008a8862dc12c.

Powered by Google App Engine
This is Rietveld 408576698