Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(561)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: Source/core/css/SelectorChecker.cpp

Issue 23710067: :-webkit-any pseudo with escaped '(' should not crash. (Closed) Base URL: https://chromium.googlesource.com/chromium/blink.git@master
Patch Set: Removed workaround code for :not() Created 7 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « Source/core/css/CSSSelector.cpp ('k') | no next file » | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: Source/core/css/SelectorChecker.cpp
diff --git a/Source/core/css/SelectorChecker.cpp b/Source/core/css/SelectorChecker.cpp
index 386911cb44b2ca4c7b8ba5327fbac34f74d7e957..6837ffd40fc238ac08ccf3cf233893257dd76013 100644
--- a/Source/core/css/SelectorChecker.cpp
+++ b/Source/core/css/SelectorChecker.cpp
@@ -413,15 +413,10 @@ bool SelectorChecker::checkOne(const SelectorCheckingContext& context, const Sib
if (selector->m_match == CSSSelector::PseudoClass) {
// Handle :not up front.
if (selector->pseudoType() == CSSSelector::PseudoNot) {
- const CSSSelectorList* selectorList = selector->selectorList();
-
- // FIXME: We probably should fix the parser and make it never produce :not rules with missing selector list.
- if (!selectorList)
- return false;
-
SelectorCheckingContext subContext(context);
subContext.isSubSelector = true;
- for (subContext.selector = selectorList->first(); subContext.selector; subContext.selector = subContext.selector->tagHistory()) {
+ ASSERT(selector->selectorList());
+ for (subContext.selector = selector->selectorList()->first(); subContext.selector; subContext.selector = subContext.selector->tagHistory()) {
// :not cannot nest. I don't really know why this is a
// restriction in CSS3, but it is, so let's honor it.
// the parser enforces that this never occurs
@@ -609,6 +604,7 @@ bool SelectorChecker::checkOne(const SelectorCheckingContext& context, const Sib
SelectorCheckingContext subContext(context);
subContext.isSubSelector = true;
PseudoId ignoreDynamicPseudo = NOPSEUDO;
+ ASSERT(selector->selectorList());
for (subContext.selector = selector->selectorList()->first(); subContext.selector; subContext.selector = CSSSelectorList::next(subContext.selector)) {
if (match(subContext, ignoreDynamicPseudo, siblingTraversalStrategy) == SelectorMatches)
return true;
@@ -946,11 +942,8 @@ unsigned SelectorChecker::determineLinkMatchType(const CSSSelector* selector)
case CSSSelector::PseudoNot:
{
// :not(:visited) is equivalent to :link. Parser enforces that :not can't nest.
- const CSSSelectorList* selectorList = selector->selectorList();
- if (!selectorList)
- break;
-
- for (const CSSSelector* subSelector = selectorList->first(); subSelector; subSelector = subSelector->tagHistory()) {
+ ASSERT(selector->selectorList());
+ for (const CSSSelector* subSelector = selector->selectorList()->first(); subSelector; subSelector = subSelector->tagHistory()) {
CSSSelector::PseudoType subType = subSelector->pseudoType();
if (subType == CSSSelector::PseudoVisited)
linkMatchType &= ~SelectorChecker::MatchVisited;
« no previous file with comments | « Source/core/css/CSSSelector.cpp ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698