2011-04-11 Simon Fraser <simon.fraser@apple.com>
authorsimon.fraser@apple.com <simon.fraser@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 11 Apr 2011 19:07:22 +0000 (19:07 +0000)
committersimon.fraser@apple.com <simon.fraser@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 11 Apr 2011 19:07:22 +0000 (19:07 +0000)
        Reviewed by Dan Bernstein.

        Divide by zero in calcColumnWidth
        https://bugs.webkit.org/show_bug.cgi?id=58230

        Test: fast/multicol/huge-column-count.html

        Make sure we have at least one column, to avoid divide by zero.

        * rendering/RenderBlock.cpp:
        (WebCore::RenderBlock::calcColumnWidth):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@83470 268f45cc-cd09-0410-ab3c-d52691b4dbfc

LayoutTests/ChangeLog
LayoutTests/fast/multicol/huge-column-count.html [new file with mode: 0644]
LayoutTests/platform/mac/fast/multicol/huge-column-count-expected.txt [new file with mode: 0644]
Source/WebCore/ChangeLog
Source/WebCore/rendering/RenderBlock.cpp

index ba1c1b5..2d2a3a3 100644 (file)
@@ -1,3 +1,15 @@
+2011-04-11  Simon Fraser  <simon.fraser@apple.com>
+
+        Reviewed by Dan Bernstein.
+
+        Divide by zero in calcColumnWidth
+        https://bugs.webkit.org/show_bug.cgi?id=58230
+        
+        Testcase for the bug.
+
+        * fast/multicol/huge-column-count.html: Added.
+        * platform/mac/fast/multicol/huge-column-count-expected.txt: Added.
+
 2011-04-11  Csaba Osztrogon√°c  <ossy@webkit.org>
 
        [Qt][WK2]http/tests/loading/preload-append-scan.php fails
diff --git a/LayoutTests/fast/multicol/huge-column-count.html b/LayoutTests/fast/multicol/huge-column-count.html
new file mode 100644 (file)
index 0000000..8d7c2f7
--- /dev/null
@@ -0,0 +1,6 @@
+<style>
+    html, body { -webkit-column-count: 2000000000; -webkit-column-width: 0; }
+</style>
+<body>
+This test should not crash.
+</body>
\ No newline at end of file
diff --git a/LayoutTests/platform/mac/fast/multicol/huge-column-count-expected.txt b/LayoutTests/platform/mac/fast/multicol/huge-column-count-expected.txt
new file mode 100644 (file)
index 0000000..ed1f990
--- /dev/null
@@ -0,0 +1,4 @@
+layer at (0,0) size 800x600
+  RenderView at (0,0) size 800x600
+layer at (0,0) size 800x600
+  RenderBlock {HTML} at (0,0) size 800x600
index b8afea4..a4c87f2 100644 (file)
@@ -1,3 +1,17 @@
+2011-04-11  Simon Fraser  <simon.fraser@apple.com>
+
+        Reviewed by Dan Bernstein.
+
+        Divide by zero in calcColumnWidth
+        https://bugs.webkit.org/show_bug.cgi?id=58230
+
+        Test: fast/multicol/huge-column-count.html
+        
+        Make sure we have at least one column, to avoid divide by zero.
+
+        * rendering/RenderBlock.cpp:
+        (WebCore::RenderBlock::calcColumnWidth):
+
 2011-04-09  Gavin Barraclough  <barraclough@apple.com>
 
         Reviewed by Sam Weinig.
index b756b1f..8fec803 100644 (file)
@@ -4212,7 +4212,7 @@ void RenderBlock::calcColumnWidth()
         desiredColumnCount = max<int>(1, (float)(availWidth + colGap) / (colWidth + colGap));
         desiredColumnWidth = ((availWidth + colGap) / desiredColumnCount) - colGap;
     } else {
-        desiredColumnCount = min<int>(colCount, (float)(availWidth + colGap) / (colWidth + colGap));
+        desiredColumnCount = max(min<int>(colCount, (float)(availWidth + colGap) / (colWidth + colGap)), 1);
         desiredColumnWidth = ((availWidth + colGap) / desiredColumnCount) - colGap;
     }
     setDesiredColumnCountAndWidth(desiredColumnCount, desiredColumnWidth);