Closed Bug 1184452 Opened 9 years ago Closed 9 years ago

@font-face rules allow certain trailing garbage in descriptors, e.g. font-family: foo !cake; src: url("a.ttf") );

Categories

(Core :: CSS Parsing and Computation, defect)

Product:
Core
Component:
CSS Parsing and Computation
Version:
41 Branch
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla42
Tracking Flags:
Tracking Status
firefox42 --- fixed

People

(Reporter: timloh, Assigned: dbaron)

Details

Attachments

(2 files)

reporter's testcase
889 bytes, text/html
Details
Correctly reject @font-face descriptors that have garbage after them
3.56 KB, patch
heycam
: review+
Details | Diff | Splinter Review 
User Agent: Mozilla/5.0 (X11; CrOS x86_64 6946.63.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.130 Safari/537.36

Steps to reproduce:

@font-face rules allow certain trailing garbage in descriptors. For example, the following rule is happily accepted:

@font-face {
 font-family: foo !cake;
 src: url("a.ttf") ) bla;
}

JSFiddle repro: http://jsfiddle.net/8ncb4w8s/4/
Yeah, instead of using ExpectEndProperty (which should go away), ParseFontDescriptor should pass the descID and value back to its caller, which should call aRule->SetDesc() once a correct end of the descriptor has been found.
Assignee: nobody → dbaron
Status: UNCONFIRMED → NEW
Ever confirmed: true
(Actually, no need to move across functions, just get rid of ExpectEndProperty.)
(I have a patch with tests, but can't test it easily until I'm back home.)
I confirmed that the patch fixes the original testcase (attachment
8634600).  I also confirmed that with the whole patch,
layout/style/test/test_descriptor_syntax_errors.html passes, but with
the new tests but not the code change, it reports 12 failures.
Attachment #8636246 - Flags: review?(cam)
Comment on attachment 8636246 [details] [diff] [review]
Correctly reject @font-face descriptors that have garbage after them

Review of attachment 8636246 [details] [diff] [review]:
-----------------------------------------------------------------

Not sure if the text about confirming the patch works needs to go in the commit message.

::: layout/style/nsCSSParser.cpp
@@ +3735,5 @@
>      REPORT_UNEXPECTED_P(PEValueParsingError, descName);
>      return false;
>    }
>  
> +  // Expect termination by either ;, }, or EOF.

s/either // since you don't have two items in the list.
Attachment #8636246 - Flags: review?(cam) → review+
https://hg.mozilla.org/mozilla-central/rev/dfa5748ff086
Status: NEW → RESOLVED
Closed: 9 years ago
status-firefox42: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla42
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: