eliott/ladybird
1
0
Fork 0
mirror of https://github.com/LadybirdBrowser/ladybird synced 2026-05-05 06:32:30 +02:00
Code Issues Packages Projects Releases Wiki Activity

LibWeb/CSS: Don't allow negative values in filter functions

Browse Source
This commit is contained in:
Tim Ledbetter
2025-03-11 18:21:07 +00:00
committed by Sam Atkins
parent 3af3799bbc
commit 249de20343
Notes: github-actions[bot] 2025-03-12 09:07:13 +00:00 
Author: https://github.com/tcl3
Commit: https://github.com/LadybirdBrowser/ladybird/commit/249de203431
Pull-request: https://github.com/LadybirdBrowser/ladybird/pull/3906
Reviewed-by: https://github.com/AtkinsSJ
5 changed files with 175 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
Libraries/LibWeb/CSS/Parser/PropertyParsing.cpp
View File

@@ -4432,7 +4432,7 @@ RefPtr<CSSStyleValue> Parser::parse_filter_value_list_value(TokenStream<Componen
return FilterOperation::Blur {};
auto blur_radius = parse_length(tokens);
tokens.discard_whitespace();
if (!blur_radius.has_value())
if (!blur_radius.has_value() || (!blur_radius->is_calculated() && blur_radius->value().raw_value() < 0))
return {};
return if_no_more_tokens_return(FilterOperation::Blur { blur_radius.value() });
} else if (filter_token == FilterToken::DropShadow) {
@@ -4498,6 +4498,12 @@ RefPtr<CSSStyleValue> Parser::parse_filter_value_list_value(TokenStream<Componen
if (!tokens.has_next_token())
return FilterOperation::Color { filter_token_to_operation(filter_token) };
auto amount = parse_number_percentage(tokens);
if (amount.has_value()) {
if (amount->is_percentage() && amount->percentage().value() < 0)
return {};
if (amount->is_number() && amount->number().value() < 0)
return {};
}
return if_no_more_tokens_return(FilterOperation::Color { filter_token_to_operation(filter_token), amount });
}
};