If the offset is zero and we're already at the end of the lexer's input
an out of bounds read (m_source[m_position]) would occur.
Also check that the offset is not more than m_position (which should
never be the case, and would result in m_position underflowing).
Fixes#4253.
We were incorrectly hoisting non-inline children of inline-block boxes
to the nearest non-inline ancestor.
Since inline-block boxes are only inline on the *outside*, it's fine
for them to have non-inline children.
Eventually we should clarify these relationships by making the inside
and outside display types more explicit.
That's just silly :)
Also fix that one use of read_line() which assumes it will
null-terminated in mount.cpp (this would've blown up if the IODevice was
at EOF and had a line with the same size as max_size).
There are cases where Lagom will build with GCC but not Clang.
This often goes unnoticed for a while as we don't often build with
Clang.
However, this is now important to test in CI because of the
OSS-Fuzz integration.
Note that this only tests the build, it does not run any tests.
Note that it also only builds LagomCore, Lagom and the fuzzers.
It does not build the other programs that use Lagom.
This is a hack which can be removed once GitHub Actions changes the
default version to clang 11.
This is apparently sometime in mid-December.
Note, clang-11 is not currently available on Ubuntu 20.04. However,
GitHub Actions uses 20.04, which probably means clang-11 will
become available around that time for all 20.04 users.
We added OSS-Fuzz integration in #4154, but documentation about it
is spread across several pull requests, IRC, and issues. Let's collect
the important bits in the ReadMe.
Instead of hiding JS exceptions raised on the web, we now print them to
the debug log. This will make it a bit easier to work out why some web
pages aren't working right. :^)
We didn't notice that the layout tree had disappeared after dispatching
a mousedown event, because we only checked EventHandler::layout_root()
which happily returned the *new* layout tree after a window.reload().
This patch fixes that by verifying that the frame is still showing the
same DOM's layout tree after event dispatch.
Fixes#4224.
We can now build partial layout trees (this happens for example when an
element's "display" property is programmatically toggled from "none" to
something else.)
We can't say that "no replaced boxes can have children", since that
breaks SVG. Instead, let each LayoutNode decide whether it's allowed
to have children.
Fixes#4223.
The JPEG spec allows component IDs to be chosen arbitrarily from the
interval [0, 255]. Storing components in a vector corrupts the decoder
when component IDs are not in the range 0-3. Normally, encoders don't
use IDs outside of that range because JPEG doesn't support more than
4 channels. But since there is a chance that a spec compliant JPEG
would have component IDs outside of [0-3], we should consider replacing
the vector, which enforces serial component access based on component
IDs, with a HashMap<u8, ComponentSpec>.
We were messing up the box tree for tables by hoisting cells up to
become children of the table row group (instead of the table row.)
Table rows are non-block boxes, and it's fine for them to have cell
(block) children.
Fixes#4225.
Problem:
- If `fork()` fails the system tries to call `execl()`. That will
either succeed and replace the running process image or it will fail
and it needs to try again. The `if` is redundant because it will
only be evaluated if `execl()` fails.
Solution:
- Remove the `if`.
