[CSS Parser] Add strict checking for right parens to selector functions like :matches...
authorhyatt@apple.com <hyatt@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 8 Dec 2016 21:49:18 +0000 (21:49 +0000)
committerhyatt@apple.com <hyatt@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 8 Dec 2016 21:49:18 +0000 (21:49 +0000)
https://bugs.webkit.org/show_bug.cgi?id=165624

Reviewed by Dean Jackson.

Source/WebCore:

Unskipped fast/selectors/invalid-functional-pseudo-class.html.

* css/parser/CSSSelectorParser.cpp:
(WebCore::CSSSelectorParser::consumePseudo):
Bail if we don't actually consume a right parenthesis.

LayoutTests:

* TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@209566 268f45cc-cd09-0410-ab3c-d52691b4dbfc

LayoutTests/ChangeLog
LayoutTests/TestExpectations
Source/WebCore/ChangeLog
Source/WebCore/css/parser/CSSSelectorParser.cpp

index 184d7ae..9971447 100644 (file)
@@ -1,3 +1,12 @@
+2016-12-08  Dave Hyatt  <hyatt@apple.com>
+
+        [CSS Parser] Add strict checking for right parens to selector functions like :matches, :not etc.
+        https://bugs.webkit.org/show_bug.cgi?id=165624
+
+        Reviewed by Dean Jackson.
+
+        * TestExpectations:
+
 2016-12-08  Jiewen Tan  <jiewen_tan@apple.com>
 
         [WebCrypto] Replace webkitSubtle with subtle for all crypto/workers/subtle/ tests
index e6a5af9..7720db7 100644 (file)
@@ -972,7 +972,6 @@ webkit.org/b/164797 js/dom/domjit-function-get-element-by-id-changed.html [ Pass
 # new CSS parser is turned on. The tests may be right, and these may be bugs in Blink/Chrome, or
 # the tests may be wrong.
 webkit.org/b/165195 fast/css/parsing-css-allowed-string-characters.html [ Pass Failure ]
-webkit.org/b/165195 fast/selectors/invalid-functional-pseudo-class.html [ Pass Failure ]
 
 # Visual viewports
 webkit.org/b/165460 compositing/repaint/scroll-fixed-layer-no-content.html [ Failure ]
index 2e951d2..5a53f9b 100644 (file)
@@ -1,3 +1,16 @@
+2016-12-08  Dave Hyatt  <hyatt@apple.com>
+
+        [CSS Parser] Add strict checking for right parens to selector functions like :matches, :not etc.
+        https://bugs.webkit.org/show_bug.cgi?id=165624
+
+        Reviewed by Dean Jackson.
+
+        Unskipped fast/selectors/invalid-functional-pseudo-class.html.
+
+        * css/parser/CSSSelectorParser.cpp:
+        (WebCore::CSSSelectorParser::consumePseudo):
+        Bail if we don't actually consume a right parenthesis.
+
 2016-12-08  Jeremy Jones  <jeremyj@apple.com>
 
         Exit fullscreen on escape key down, not up.
index 2480327..7e3bb4a 100644 (file)
@@ -555,6 +555,8 @@ std::unique_ptr<CSSParserSelector> CSSSelectorParser::consumePseudo(CSSParserTok
     }
 
     CSSParserTokenRange block = range.consumeBlock();
+    if (block.end() == range.end())
+        return nullptr; // No ) was found. Be strict about this.
     block.consumeWhitespace();
     if (token.type() != FunctionToken)
         return nullptr;