Bug 230605 - Color keywords in override-color cause a crash
Summary: Color keywords in override-color cause a crash
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: Text (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Myles C. Maxfield
URL:
Keywords: InRadar
Depends on:
Blocks: 230446
  Show dependency treegraph
 
Reported: 2021-09-22 02:05 PDT by Myles C. Maxfield
Modified: 2021-09-24 13:12 PDT (History)
12 users (show)

See Also:

Attachments
WIP, as if resolution needed to be done per-element (11.03 KB, patch)
2021-09-23 23:48 PDT, Myles C. Maxfield 		no flags Details | Formatted Diff | Diff
Patch (7.99 KB, patch)
2021-09-24 00:39 PDT, Myles C. Maxfield 		simon.fraser: review+
mmaxfield: commit-queue+
Details | Formatted Diff | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Myles C. Maxfield 2021-09-22 02:05:45 PDT 
Color keywords in override-color cause a crash
Comment 1 Radar WebKit Bug Importer 2021-09-22 02:06:22 PDT 
<rdar://problem/83389290>
Comment 2 Myles C. Maxfield 2021-09-23 21:13:11 PDT 
Looks like color keywords are idents, otherwise it's a color primitive value.
Comment 3 Myles C. Maxfield 2021-09-23 21:19:45 PDT 
    static void applyValueColor(BuilderState& builderState, CSSValue& value)
    {
        auto& primitiveValue = downcast<CSSPrimitiveValue>(value);
        if (primitiveValue.valueID() == CSSValueCurrentcolor) {
            applyInheritColor(builderState);
            return;
        }
        if (builderState.applyPropertyToRegularStyle())
            builderState.style().setColor(builderState.colorFromPrimitiveValue(primitiveValue, ForVisitedLink::No));
        if (builderState.applyPropertyToVisitedLinkStyle())
            builderState.style().setVisitedLinkColor(builderState.colorFromPrimitiveValue(primitiveValue, ForVisitedLink::Yes));
    }



- and -



Color BuilderState::colorFromPrimitiveValue(const CSSPrimitiveValue& value, ForVisitedLink forVisitedLink) const
{
    if (value.isRGBColor())
        return value.color();

    auto identifier = value.valueID();
    switch (identifier) {
    case CSSValueWebkitText:
        return document().textColor();
    case CSSValueWebkitLink:
        return (element() && element()->isLink() && forVisitedLink == ForVisitedLink::Yes) ? document().visitedLinkColor() : document().linkColor();
    case CSSValueWebkitActivelink:
        return document().activeLinkColor();
    case CSSValueWebkitFocusRingColor:
        return RenderTheme::singleton().focusRingColor(document().styleColorOptions(&m_style));
    case CSSValueCurrentcolor:
        return RenderStyle::currentColor();
    default:
        return StyleColor::colorFromKeyword(identifier, document().styleColorOptions(&m_style));
    }
}
Comment 4 Myles C. Maxfield 2021-09-23 23:11:10 PDT 
See: https://github.com/w3c/csswg-drafts/issues/6680
Comment 5 Myles C. Maxfield 2021-09-23 23:48:02 PDT 
Created attachment 439129 [details]
WIP, as if resolution needed to be done per-element
Comment 6 Myles C. Maxfield 2021-09-24 00:39:05 PDT 
Created attachment 439131 [details]
Patch
Comment 7 EWS Watchlist 2021-09-24 00:40:33 PDT 
This patch modifies the imported WPT tests. Please ensure that any changes on the tests (not coming from a WPT import) are exported to WPT. Please see https://trac.webkit.org/wiki/WPTExportProcess
Comment 8 Myles C. Maxfield 2021-09-24 13:12:31 PDT 
Committed r283053 (242113@main): <https://commits.webkit.org/242113@main>