[SCM] WebKit Debian packaging branch, debian/unstable, updated. debian/1.1.15-1-40151-g37bb677
hyatt
hyatt at 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Sat Sep 26 07:40:27 UTC 2009
The following commit has been merged in the debian/unstable branch:
commit a5744fc16a972199d8a5c2d3d02fc013d5067950
Author: hyatt <hyatt at 268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Date: Mon May 5 17:31:40 2003 +0000
When using the content property in CSS, you can string together
an intermixed list of strings and image URLs. The old code
only supported a single image URL, and if you tried to mix
text in with images, you ended up crashing.
The crash bug is 3248172. The fix is to maintain a list of
ContentData objects instead of just a single object and to
ensure that a whole list of generated content gets made (and
not just a single RenderObject).
Reviewed by john
* khtml/css/cssstyleselector.cpp:
(applyRule)
* khtml/rendering/render_container.cpp:
(RenderContainer::insertPseudoChild):
* khtml/rendering/render_image.cpp:
(RenderImage::setStyle):
(RenderImage::setContentObject):
(RenderImage::updateFromElement):
* khtml/rendering/render_image.h:
* khtml/rendering/render_style.cpp:
(RenderStyle::setContent):
(ContentData::clearContent):
* khtml/rendering/render_style.h:
git-svn-id: http://svn.webkit.org/repository/webkit/trunk@4277 268f45cc-cd09-0410-ab3c-d52691b4dbfc
diff --git a/WebCore/ChangeLog-2003-10-25 b/WebCore/ChangeLog-2003-10-25
index bc74282..8df49d2 100644
--- a/WebCore/ChangeLog-2003-10-25
+++ b/WebCore/ChangeLog-2003-10-25
@@ -1,3 +1,31 @@
+2003-05-04 David Hyatt <hyatt at apple.com>
+
+ When using the content property in CSS, you can string together
+ an intermixed list of strings and image URLs. The old code
+ only supported a single image URL, and if you tried to mix
+ text in with images, you ended up crashing.
+
+ The crash bug is 3248172. The fix is to maintain a list of
+ ContentData objects instead of just a single object and to
+ ensure that a whole list of generated content gets made (and
+ not just a single RenderObject).
+
+ Reviewed by john
+
+ * khtml/css/cssstyleselector.cpp:
+ (applyRule)
+ * khtml/rendering/render_container.cpp:
+ (RenderContainer::insertPseudoChild):
+ * khtml/rendering/render_image.cpp:
+ (RenderImage::setStyle):
+ (RenderImage::setContentObject):
+ (RenderImage::updateFromElement):
+ * khtml/rendering/render_image.h:
+ * khtml/rendering/render_style.cpp:
+ (RenderStyle::setContent):
+ (ContentData::clearContent):
+ * khtml/rendering/render_style.h:
+
2003-05-05 Darin Adler <darin at apple.com>
Reviewed by John.
diff --git a/WebCore/ChangeLog-2005-08-23 b/WebCore/ChangeLog-2005-08-23
index bc74282..8df49d2 100644
--- a/WebCore/ChangeLog-2005-08-23
+++ b/WebCore/ChangeLog-2005-08-23
@@ -1,3 +1,31 @@
+2003-05-04 David Hyatt <hyatt at apple.com>
+
+ When using the content property in CSS, you can string together
+ an intermixed list of strings and image URLs. The old code
+ only supported a single image URL, and if you tried to mix
+ text in with images, you ended up crashing.
+
+ The crash bug is 3248172. The fix is to maintain a list of
+ ContentData objects instead of just a single object and to
+ ensure that a whole list of generated content gets made (and
+ not just a single RenderObject).
+
+ Reviewed by john
+
+ * khtml/css/cssstyleselector.cpp:
+ (applyRule)
+ * khtml/rendering/render_container.cpp:
+ (RenderContainer::insertPseudoChild):
+ * khtml/rendering/render_image.cpp:
+ (RenderImage::setStyle):
+ (RenderImage::setContentObject):
+ (RenderImage::updateFromElement):
+ * khtml/rendering/render_image.h:
+ * khtml/rendering/render_style.cpp:
+ (RenderStyle::setContent):
+ (ContentData::clearContent):
+ * khtml/rendering/render_style.h:
+
2003-05-05 Darin Adler <darin at apple.com>
Reviewed by John.
diff --git a/WebCore/khtml/css/cssstyleselector.cpp b/WebCore/khtml/css/cssstyleselector.cpp
index d8ebf8c..4f0b5fc 100644
--- a/WebCore/khtml/css/cssstyleselector.cpp
+++ b/WebCore/khtml/css/cssstyleselector.cpp
@@ -2851,7 +2851,7 @@ void CSSStyleSelector::applyRule( int id, DOM::CSSValueImpl *value )
else if (val->primitiveType()==CSSPrimitiveValue::CSS_URI)
{
CSSImageValueImpl *image = static_cast<CSSImageValueImpl *>(val);
- style->setContent(image->image());
+ style->setContent(image->image(), i != 0);
}
}
diff --git a/WebCore/khtml/rendering/render_container.cpp b/WebCore/khtml/rendering/render_container.cpp
index b3f18c5..76135e5 100644
--- a/WebCore/khtml/rendering/render_container.cpp
+++ b/WebCore/khtml/rendering/render_container.cpp
@@ -210,34 +210,39 @@ void RenderContainer::insertPseudoChild(RenderStyle::PseudoId type, RenderObject
return; // Generated content is already added. No need to add more.
RenderStyle* pseudo = style()->getPseudoStyle(type);
-
- if (pseudo && pseudo->display() != NONE)
- {
- RenderObject* insertBefore = (type == RenderStyle::BEFORE) ? child : 0;
-
- // From the CSS2 specification:
- // User agents must ignore the following properties with :before and :after
- // pseudo-elements: 'position', 'float', list properties, and table properties.
- // Basically we need to ensure that no RenderLayer gets made for generated
- // content.
- pseudo->setPosition(STATIC);
- pseudo->setFloating(FNONE);
- pseudo->setOverflow(OVISIBLE); // FIXME: Glazman's blog does this. Wacky.
- // This property might need to be allowed if the
- // generated content is a block.
-
- if (isInlineFlow() && pseudo->display() != INLINE)
- // According to the CSS2 spec (the end of section 12.1), the only allowed
- // display values for the pseudo style are NONE and INLINE. Since we already
- // determined that the pseudo is not display NONE, any display other than
- // inline should be mutated to INLINE.
- pseudo->setDisplay(INLINE);
+ if (!pseudo || pseudo->display() == NONE)
+ return; // If we have no pseudo-style or if the pseudo's display type is NONE, then we
+ // have no generated content.
+
+ RenderObject* insertBefore = (type == RenderStyle::BEFORE) ? child : 0;
- if (pseudo->contentType()==CONTENT_TEXT)
+ // From the CSS2 specification:
+ // User agents must ignore the following properties with :before and :after
+ // pseudo-elements: 'position', 'float', list properties, and table properties.
+ // Basically we need to ensure that no RenderLayer gets made for generated
+ // content.
+ pseudo->setPosition(STATIC);
+ pseudo->setFloating(FNONE);
+ pseudo->setOverflow(OVISIBLE); // FIXME: Glazman's blog does this. Wacky.
+ // This property might need to be allowed if the
+ // generated content is a block.
+
+ if (isInlineFlow() && pseudo->display() != INLINE)
+ // According to the CSS2 spec (the end of section 12.1), the only allowed
+ // display values for the pseudo style are NONE and INLINE. Since we already
+ // determined that the pseudo is not display NONE, any display other than
+ // inline should be mutated to INLINE.
+ pseudo->setDisplay(INLINE);
+
+ // Now walk our list of generated content and create render objects for every type
+ // we encounter.
+ for (ContentData* contentData = pseudo->contentData();
+ contentData; contentData = contentData->_nextContent) {
+ if (contentData->contentType() == CONTENT_TEXT)
{
RenderObject* po = RenderFlow::createFlow(0, pseudo, renderArena()); /* anonymous box */
- RenderText* t = new (renderArena()) RenderText(0 /*anonymous object */, pseudo->contentText());
+ RenderText* t = new (renderArena()) RenderText(0 /*anonymous object */, contentData->contentText());
t->setStyle(pseudo);
po->addChild(t);
@@ -245,19 +250,19 @@ void RenderContainer::insertPseudoChild(RenderStyle::PseudoId type, RenderObject
// inside the inline for e.g., first-letter styling.
addChild(po, insertBefore);
-// kdDebug() << DOM::DOMString(pseudo->contentText()).string() << endl;
+// kdDebug() << DOM::DOMString(contentData->contentText()).string() << endl;
t->close();
po->close();
}
- else if (pseudo->contentType()==CONTENT_OBJECT)
+ else if (contentData->contentType() == CONTENT_OBJECT)
{
- RenderObject* po = new (renderArena()) RenderImage(0);
+ RenderImage* po = new (renderArena()) RenderImage(0);
po->setStyle(pseudo);
+ po->setContentObject(contentData->contentObject());
addChild(po, insertBefore);
po->close();
}
-
}
}
diff --git a/WebCore/khtml/rendering/render_image.cpp b/WebCore/khtml/rendering/render_image.cpp
index a87ae1f..57c6c66 100644
--- a/WebCore/khtml/rendering/render_image.cpp
+++ b/WebCore/khtml/rendering/render_image.cpp
@@ -71,11 +71,13 @@ void RenderImage::setStyle(RenderStyle* _style)
setOverhangingContents(style()->height().isPercent());
setShouldPaintBackgroundOrBorder(true);
+}
- CachedObject* co = style()->contentObject();
- if (co && image != co ) {
+void RenderImage::setContentObject(CachedObject* co)
+{
+ if (co && image != co) {
if (image) image->deref(this);
- image = static_cast<CachedImage*>(style()->contentObject());
+ image = static_cast<CachedImage*>(co);
if (image) image->ref(this);
}
}
@@ -418,7 +420,7 @@ void RenderImage::updateFromElement()
new_image = element()->getDocument()->docLoader()->requestImage(khtml::parseURL(attr));
}
- if(new_image && new_image != image && (!style() || !style()->contentObject())) {
+ if(new_image && new_image != image && (!style() || !style()->contentData())) {
loadEventSent = false;
CachedImage *old_image = image;
image = new_image;
diff --git a/WebCore/khtml/rendering/render_image.h b/WebCore/khtml/rendering/render_image.h
index 58f970f..55558d4 100644
--- a/WebCore/khtml/rendering/render_image.h
+++ b/WebCore/khtml/rendering/render_image.h
@@ -71,6 +71,9 @@ public:
virtual void detach(RenderArena *);
+ // Called to set generated content images (e.g., :before/:after generated images).
+ void setContentObject(CachedObject* co);
+
private:
bool isWidthSpecified() const;
bool isHeightSpecified() const;
diff --git a/WebCore/khtml/rendering/render_style.cpp b/WebCore/khtml/rendering/render_style.cpp
index aea1f59..0e1d577 100644
--- a/WebCore/khtml/rendering/render_style.cpp
+++ b/WebCore/khtml/rendering/render_style.cpp
@@ -444,18 +444,6 @@ void RenderStyle::cleanup()
// SharedData::counter = 0;
}
-void RenderStyle::setContent(CachedObject* o)
-{
- if ( !content )
- content = new ContentData;
- else
- content->clearContent();
-// o->ref();
- content->_content.object = o;
- content->_contentType = CONTENT_OBJECT;
-}
-
-
void RenderStyle::setPaletteColor(QPalette::ColorGroup g, QColorGroup::ColorRole r, const QColor& c)
{
visual.access()->palette.setColor(g,r,c);
@@ -470,34 +458,75 @@ void RenderStyle::setClip( Length top, Length right, Length bottom, Length left
data->clip.left = left;
}
-void RenderStyle::setContent(DOMStringImpl* s, bool add)
+void RenderStyle::setContent(CachedObject* o, bool add)
{
- if (add && content && content->_contentType == CONTENT_TEXT) {
- if (!s)
- return;
-
- DOMStringImpl* oldStr = content->_content.text;
- DOMStringImpl* newStr = oldStr->copy();
- oldStr->deref();
- newStr->append(s);
+ if (!o)
+ return; // The object is null. Nothing to do. Just bail.
+
+ ContentData* lastContent = content;
+ while (lastContent && lastContent->_nextContent)
+ lastContent = lastContent->_nextContent;
- content->_content.text = newStr;
+ bool reuseContent = !add;
+ ContentData* newContentData = 0;
+ if (reuseContent && content) {
+ content->clearContent();
+ newContentData = content;
}
- else {
- // FIXME: If we try to add a string, and the old content was an object,
- // then we just clobber the object. This is probably not right, but it's
- // better than just trashing memory the way this code did before we added
- // the check of contentType above.
-
- if (!content)
- content = new ContentData;
- else
- content->clearContent();
- content->_content.text = s ? s : new DOMStringImpl("");
+ else
+ newContentData = new ContentData;
+
+ if (lastContent && !reuseContent)
+ lastContent->_nextContent = newContentData;
+ else
+ content = newContentData;
+
+ // o->ref();
+ newContentData->_content.object = o;
+ newContentData->_contentType = CONTENT_OBJECT;
+}
+
+void RenderStyle::setContent(DOMStringImpl* s, bool add)
+{
+ if (!s)
+ return; // The string is null. Nothing to do. Just bail.
+
+ ContentData* lastContent = content;
+ while (lastContent && lastContent->_nextContent)
+ lastContent = lastContent->_nextContent;
+
+ bool reuseContent = !add;
+ if (add) {
+ if (!lastContent)
+ return; // Something's wrong. We had no previous content, and we should have.
+
+ if (lastContent->_contentType == CONTENT_TEXT) {
+ // We can augment the existing string and share this ContentData node.
+ DOMStringImpl* oldStr = lastContent->_content.text;
+ DOMStringImpl* newStr = oldStr->copy();
+ oldStr->deref();
+ newStr->append(s);
+ lastContent->_content.text = newStr;
+ return;
+ }
}
- content->_content.text->ref();
- content->_contentType = CONTENT_TEXT;
+ ContentData* newContentData = 0;
+ if (reuseContent && content) {
+ content->clearContent();
+ newContentData = content;
+ }
+ else
+ newContentData = new ContentData;
+
+ if (lastContent && !reuseContent)
+ lastContent->_nextContent = newContentData;
+ else
+ content = newContentData;
+
+ newContentData->_content.text = s;
+ newContentData->_content.text->ref();
+ newContentData->_contentType = CONTENT_TEXT;
}
ContentData::~ContentData()
@@ -507,6 +536,9 @@ ContentData::~ContentData()
void ContentData::clearContent()
{
+ delete _nextContent;
+ _nextContent = 0;
+
switch (_contentType)
{
case CONTENT_OBJECT:
@@ -519,5 +551,4 @@ void ContentData::clearContent()
default:
;
}
-
}
diff --git a/WebCore/khtml/rendering/render_style.h b/WebCore/khtml/rendering/render_style.h
index 1f3270d..af548e3 100644
--- a/WebCore/khtml/rendering/render_style.h
+++ b/WebCore/khtml/rendering/render_style.h
@@ -473,9 +473,15 @@ enum ContentType {
};
struct ContentData {
+ ContentData() :_contentType(CONTENT_NONE), _nextContent(0) {}
~ContentData();
void clearContent();
+ ContentType contentType() { return _contentType; }
+
+ DOM::DOMStringImpl* contentText() { if (contentType() == CONTENT_TEXT) return _content.text; return 0; }
+ CachedObject* contentObject() { if (contentType() == CONTENT_OBJECT) return _content.object; return 0; }
+
ContentType _contentType;
union {
@@ -483,6 +489,8 @@ struct ContentData {
DOM::DOMStringImpl* text;
// counters...
} _content ;
+
+ ContentData* _nextContent;
};
//------------------------------------------------
@@ -922,27 +930,9 @@ public:
const_cast<StyleVisualData *>(visual.get())->palette = QApplication::palette();
}
-
- ContentType contentType() { return content ? content->_contentType : CONTENT_NONE; }
-
- DOM::DOMStringImpl* contentText()
- {
- if (content && content->_contentType==CONTENT_TEXT)
- return content->_content.text;
- else
- return 0;
- }
-
- CachedObject* contentObject()
- {
- if (content && content->_contentType==CONTENT_OBJECT)
- return content->_content.object;
- else
- return 0;
- }
-
+ ContentData* contentData() { return content; }
void setContent(DOM::DOMStringImpl* s, bool add = false);
- void setContent(CachedObject* o);
+ void setContent(CachedObject* o, bool add = false);
bool inheritedNotEqual( RenderStyle *other ) const;
--
WebKit Debian packaging
More information about the Pkg-webkit-commits
mailing list