From 1f6e13d8fe735a9c0427991bb9be356d3a1417c2 Mon Sep 17 00:00:00 2001 From: Sam Atkins Date: Tue, 21 Nov 2023 11:40:10 +0000 Subject: [PATCH] LibWeb: Don't assume repeat() contents are Tokens This stops `grid-template-rows: repeat({})` from crashing. --- .../grid/repeat-non-token-contents-crash.txt | 12 ++++++++++++ .../input/grid/repeat-non-token-contents-crash.html | 1 + Userland/Libraries/LibWeb/CSS/Parser/Parser.cpp | 10 +++++----- 3 files changed, 18 insertions(+), 5 deletions(-) create mode 100644 Tests/LibWeb/Layout/expected/grid/repeat-non-token-contents-crash.txt create mode 100644 Tests/LibWeb/Layout/input/grid/repeat-non-token-contents-crash.html diff --git a/Tests/LibWeb/Layout/expected/grid/repeat-non-token-contents-crash.txt b/Tests/LibWeb/Layout/expected/grid/repeat-non-token-contents-crash.txt new file mode 100644 index 0000000000..9c6f931a1f --- /dev/null +++ b/Tests/LibWeb/Layout/expected/grid/repeat-non-token-contents-crash.txt @@ -0,0 +1,12 @@ +Viewport <#document> at (0,0) content-size 800x600 children: not-inline + BlockContainer at (0,0) content-size 800x600 [BFC] children: not-inline + BlockContainer at (8,8) content-size 784x0 children: not-inline + BlockContainer
at (8,8) content-size 784x0 children: not-inline + BlockContainer <(anonymous)> at (8,16) content-size 784x0 children: inline + TextNode <#text> + +ViewportPaintable (Viewport<#document>) [0,0 800x600] + PaintableWithLines (BlockContainer) [0,0 800x600] + PaintableWithLines (BlockContainer) [8,8 784x0] overflow: [8,16 784x0] + PaintableWithLines (BlockContainer
) [8,8 784x0] + PaintableWithLines (BlockContainer(anonymous)) [8,16 784x0] diff --git a/Tests/LibWeb/Layout/input/grid/repeat-non-token-contents-crash.html b/Tests/LibWeb/Layout/input/grid/repeat-non-token-contents-crash.html new file mode 100644 index 0000000000..63d219da82 --- /dev/null +++ b/Tests/LibWeb/Layout/input/grid/repeat-non-token-contents-crash.html @@ -0,0 +1 @@ +
diff --git a/Userland/Libraries/LibWeb/CSS/Parser/Parser.cpp b/Userland/Libraries/LibWeb/CSS/Parser/Parser.cpp index 4afcbc5b3e..f65dd61cd9 100644 --- a/Userland/Libraries/LibWeb/CSS/Parser/Parser.cpp +++ b/Userland/Libraries/LibWeb/CSS/Parser/Parser.cpp @@ -5102,14 +5102,14 @@ Optional Parser::parse_repeat(Vector const& com part_one_tokens.skip_whitespace(); if (!part_one_tokens.has_next_token()) return {}; - auto current_token = part_one_tokens.next_token().token(); + auto& current_token = part_one_tokens.next_token(); auto repeat_count = 0; - if (current_token.is(Token::Type::Number) && current_token.number().is_integer() && current_token.number_value() > 0) - repeat_count = current_token.number_value(); - else if (current_token.is(Token::Type::Ident) && current_token.ident().equals_ignoring_ascii_case("auto-fill"sv)) + if (current_token.is(Token::Type::Number) && current_token.token().number().is_integer() && current_token.token().number_value() > 0) + repeat_count = current_token.token().number_value(); + else if (current_token.is_ident("auto-fill"sv)) is_auto_fill = true; - else if (current_token.is(Token::Type::Ident) && current_token.ident().equals_ignoring_ascii_case("auto-fit"sv)) + else if (current_token.is_ident("auto-fit"sv)) is_auto_fit = true; // The second argument is a track list, which is repeated that number of times.