From a02ee29af91927df509df7aaf5dd8883a98505f1 Mon Sep 17 00:00:00 2001
From: CodeforEvolution <secundaja@gmail.com>
Date: Thu, 23 Jun 2022 12:37:21 -0500
Subject: [PATCH] LibWeb/CSS: Check for NULL block statement when parsing
 font-face rule

This prevents font-face rules without a block statement from crashing
LibWeb during CSS parsing.

The issue was discovered by Lubrsi during CSS parser fuzzing. :)
Fixes #14141.
---
 Userland/Libraries/LibWeb/CSS/Parser/Parser.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Userland/Libraries/LibWeb/CSS/Parser/Parser.cpp b/Userland/Libraries/LibWeb/CSS/Parser/Parser.cpp
index 039900a2a1..7e1d648011 100644
--- a/Userland/Libraries/LibWeb/CSS/Parser/Parser.cpp
+++ b/Userland/Libraries/LibWeb/CSS/Parser/Parser.cpp
@@ -2361,7 +2361,7 @@ RefPtr<CSSRule> Parser::convert_to_rule(NonnullRefPtr<Rule> rule)
         if (has_ignored_vendor_prefix(rule->at_rule_name())) {
             return {};
         } else if (rule->at_rule_name().equals_ignoring_case("font-face"sv)) {
-            if (rule->prelude().is_empty() || !rule->block()->is_curly()) {
+            if (rule->prelude().is_empty() || !rule->block() || !rule->block()->is_curly()) {
                 dbgln_if(CSS_PARSER_DEBUG, "@font-face rule is malformed.");
                 return {};
             }