RESOLVED FIXED 105579
[flexbox] Fix handling of very large flex grow/shrink values 
https://bugs.webkit.org/show_bug.cgi?id=105579
Summary [flexbox] Fix handling of very large flex grow/shrink values
Emil A Eklund
Reported 2012-12-20 14:45:23 PST
Add isfinite to childSize calculation in RenderFlexibleBox::resolveFlexibleLengths to avoid overflow.
Attachments
Patch (3.96 KB, patch)
2012-12-20 14:47 PST, Emil A Eklund 		no flags
DetailsFormatted DiffDiff
Patch (3.98 KB, patch)
2012-12-20 14:57 PST, Emil A Eklund 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Emil A Eklund
Comment 1 2012-12-20 14:47:37 PST
Created attachment 180414 [details] Patch
Tony Chang
Comment 2 2012-12-20 14:51:54 PST
Comment on attachment 180414 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=180414&action=review > Source/WebCore/ChangeLog:11 > + No new tests (OOPS!). Need to remove the OOPS. Maybe mention that this is covered by css3/flexbox/flex-algorithm.html. > Source/WebCore/rendering/RenderFlexibleBox.cpp:988 > + double extraSpace; I think you need to initialize this because it might not be set below.
Emil A Eklund
Comment 3 2012-12-20 14:56:44 PST
(In reply to comment #2) > > Source/WebCore/rendering/RenderFlexibleBox.cpp:988 > > + double extraSpace; > > I think you need to initialize this because it might not be set below. Oops, glad you cough that!
Emil A Eklund
Comment 4 2012-12-20 14:57:08 PST
Created attachment 180416 [details] Patch
Emil A Eklund
Comment 5 2012-12-20 15:55:55 PST
Committed r138312: <http://trac.webkit.org/changeset/138312>
Note You need to log in before you can comment on or make changes to this bug.