mirror of
https://github.com/netsurf-browser/netsurf
synced 2024-11-22 06:21:45 +03:00
box_construct: clamp rowspan and colspan
In order to not blow up on massive rowspan/colspan values (which could be an issue according to #2873) we clamp them according to the HTML spec section 4.9.11 Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
This commit is contained in:
parent
8193a5518e
commit
087f88ae8c
@ -35,6 +35,7 @@
|
||||
#include "utils/string.h"
|
||||
#include "utils/ascii.h"
|
||||
#include "utils/nsurl.h"
|
||||
#include "utils/utils.h"
|
||||
#include "netsurf/misc.h"
|
||||
#include "css/select.h"
|
||||
#include "desktop/gui_internal.h"
|
||||
@ -552,8 +553,9 @@ box_construct_element(struct box_construct_ctx *ctx, bool *convert_children)
|
||||
if (s != NULL) {
|
||||
const char *val = dom_string_data(s);
|
||||
|
||||
/* Convert to a number, clamping to [1,1000] according to 4.9.11 */
|
||||
if ('0' <= val[0] && val[0] <= '9')
|
||||
box->columns = strtol(val, NULL, 10);
|
||||
box->columns = clamp(strtol(val, NULL, 10), 1, 1000);
|
||||
|
||||
dom_string_unref(s);
|
||||
}
|
||||
@ -565,8 +567,9 @@ box_construct_element(struct box_construct_ctx *ctx, bool *convert_children)
|
||||
if (s != NULL) {
|
||||
const char *val = dom_string_data(s);
|
||||
|
||||
/* Convert to a number, clamping to [0,65534] according to 4.9.11 */
|
||||
if ('0' <= val[0] && val[0] <= '9')
|
||||
box->rows = strtol(val, NULL, 10);
|
||||
box->rows = clamp(strtol(val, NULL, 10), 0, 65534);
|
||||
|
||||
dom_string_unref(s);
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user