[patch] catch invalid CSS properties (#79107)

Stephan Kulow coolo at kde.org
Tue Aug 24 19:00:45 BST 2004 

Hi!

The test case is 
http://www.w3.org/Style/Examples/010/t0603-colornames-01-f.htm and showed 
that we got a general problem with css properties. I tried to catch this in 
protecting against unexpected values. The attached patch is regression 
tested, please comment on it.

Greetings, Stephan
-------------- next part --------------
? css/p
Index: css/cssparser.cpp
===================================================================
RCS file: /home/kde/kdelibs/khtml/css/cssparser.cpp,v
retrieving revision 1.291
diff -u -3 -p -u -r1.291 cssparser.cpp
--- css/cssparser.cpp	13 Jun 2004 17:08:23 -0000	1.291
+++ css/cssparser.cpp	24 Aug 2004 17:55:53 -0000
@@ -376,7 +376,7 @@ static bool validUnit( Value *value, int
     return b;
 }
 
-bool CSSParser::parseValue( int propId, bool important )
+bool CSSParser::parseValue( int propId, bool important, int expected )
 {
     if ( !valueList ) return false;
 
@@ -388,6 +388,10 @@ bool CSSParser::parseValue( int propId, 
     int id = 0;
     id = value->id;
 
+#ifdef CSS_DEBUG
+    kdDebug() << "parseValue propId=" << propId << " important=" << important << " valueList=" << valueList << " id=" << id << " expected="  << expected <<  endl;
+#endif
+
     if ( id == CSS_VAL_INHERIT ) {
         addProperty( propId, new CSSInheritedValueImpl(), important );
         return true;
@@ -657,12 +661,12 @@ bool CSSParser::parseValue( int propId, 
                          new CSSPrimitiveValueImpl( pos[1], CSSPrimitiveValue::CSS_PERCENTAGE ),
                          important );
         } else {
-            bool ok = parseValue( CSS_PROP_BACKGROUND_POSITION_X, important );
+            bool ok = parseValue( CSS_PROP_BACKGROUND_POSITION_X, important, 2 );
             if ( !ok )
                 break;
             value = valueList->current();
             if ( value )
-                ok = parseValue( CSS_PROP_BACKGROUND_POSITION_Y, important );
+                ok = parseValue( CSS_PROP_BACKGROUND_POSITION_Y, important, 1 );
             if ( !ok )
                 addProperty( CSS_PROP_BACKGROUND_POSITION_Y,
                              new CSSPrimitiveValueImpl( 50, CSSPrimitiveValue::CSS_PERCENTAGE ),
@@ -687,8 +691,8 @@ bool CSSParser::parseValue( int propId, 
             return true;
         }
         else if (num == 2) {
-            if (!parseValue(properties[0], important)) return false;
-            if (!parseValue(properties[1], important)) return false;
+            if (!parseValue(properties[0], important, 2)) return false;
+            if (!parseValue(properties[1], important, 1)) return false;
             return true;
         }
         return false;
@@ -1135,7 +1139,14 @@ bool CSSParser::parseValue( int propId, 
             // qDebug(" new quirks value: value=%.2f, unit=%d", value->fValue, value->unit );
             parsedValue = new CSSQuirkPrimitiveValueImpl( value->fValue, CSSPrimitiveValue::CSS_EMS );
         }
+        --expected;
         valueList->next();
+        if ( valueList->current() && expected == 0)
+        {
+            kdDebug() << "remaining garbage\n";
+            delete parsedValue;
+            parsedValue = 0;
+        }
     }
     if ( parsedValue ) {
         addProperty( propId, parsedValue, important );
@@ -1169,7 +1180,7 @@ bool CSSParser::parseShortHand( const in
 #ifdef CSS_DEBUG
                 kdDebug(6080) << "LOOKING FOR: " << getPropertyName(properties[propIndex]).string() << endl;
 #endif
-                if ( parseValue( properties[propIndex], important ) ) {
+                if ( parseValue( properties[propIndex], important, numProperties ) ) {
                     fnd[propIndex] = found = true;
 #ifdef CSS_DEBUG
                     kdDebug(6080) << "FOUND: " << getPropertyName(properties[propIndex]).string() << endl;
@@ -1212,12 +1223,14 @@ bool CSSParser::parse4Values( const int 
      */
 
     int num = inParseShortHand ? 1 : valueList->numValues;
-    // qDebug("parse4Values: num=%d", num );
+#ifdef CSS_DEBUG
+    qDebug("parse4Values: num=%d %d", num,  valueList->numValues );
+#endif
 
     // the order is top, right, bottom, left
     switch( num ) {
     case 1: {
-        if( !parseValue( properties[0], important ) ) return false;
+        if( !parseValue( properties[0], important, valueList->numValues ) ) return false;
         CSSValueImpl *value = parsedProperties[numParsedProperties-1]->value();
         addProperty( properties[1], value, important );
         addProperty( properties[2], value, important );
@@ -1226,8 +1239,8 @@ bool CSSParser::parse4Values( const int 
     }
     case 2: {
 
-        if( !parseValue( properties[0], important ) ) return false;
-        if( !parseValue( properties[1], important ) ) return false;
+        if( !parseValue( properties[0], important, valueList->numValues ) ) return false;
+        if( !parseValue( properties[1], important, valueList->numValues) ) return false;
         CSSValueImpl *value = parsedProperties[numParsedProperties-2]->value();
         addProperty( properties[2], value, important );
         value = parsedProperties[numParsedProperties-2]->value();
@@ -1235,18 +1248,18 @@ bool CSSParser::parse4Values( const int 
         return true;
     }
     case 3: {
-        if( !parseValue( properties[0], important ) ) return false;
-        if( !parseValue( properties[1], important ) ) return false;
-        if( !parseValue( properties[2], important ) ) return false;
+        if( !parseValue( properties[0], important, valueList->numValues ) ) return false;
+        if( !parseValue( properties[1], important, valueList->numValues ) ) return false;
+        if( !parseValue( properties[2], important, valueList->numValues ) ) return false;
         CSSValueImpl *value = parsedProperties[numParsedProperties-2]->value();
         addProperty( properties[3], value, important );
         return true;
     }
     case 4: {
-        if( !parseValue( properties[0], important ) ) return false;
-        if( !parseValue( properties[1], important ) ) return false;
-        if( !parseValue( properties[2], important ) ) return false;
-        if( !parseValue( properties[3], important ) ) return false;
+        if( !parseValue( properties[0], important, valueList->numValues ) ) return false;
+        if( !parseValue( properties[1], important, valueList->numValues ) ) return false;
+        if( !parseValue( properties[2], important, valueList->numValues ) ) return false;
+        if( !parseValue( properties[3], important, valueList->numValues ) ) return false;
         return true;
     }
     default:
Index: css/cssparser.h
===================================================================
RCS file: /home/kde/kdelibs/khtml/css/cssparser.h,v
retrieving revision 1.75
diff -u -3 -p -u -r1.75 cssparser.h
--- css/cssparser.h	12 Feb 2004 22:47:35 -0000	1.75
+++ css/cssparser.h	24 Aug 2004 17:55:53 -0000
@@ -113,7 +113,7 @@ namespace DOM {
 	CSSStyleDeclarationImpl *createStyleDeclaration( CSSStyleRuleImpl *rule );
 	void clearProperties();
 
-	bool parseValue( int propId, bool important );
+	bool parseValue( int propId, bool important, int expected=1 );
 	bool parseShortHand( const int *properties, int numProperties, bool important );
 	bool parse4Values( const int *properties, bool important );
 	bool parseContent( int propId, bool important );

More information about the kfm-devel mailing list