Bug 1336830 - Pop state immediately after running a template. r=erahm
☠☠ backed out by 112d7a5b1a0d ☠ ☠
authorPeter Van der Beken <peterv@propagandism.org>
Fri, 10 Feb 2017 17:20:08 +0100
changeset 501795 2b0cd920b4fc43c9cd850b335c7de850feabb001
parent 501794 dfa17169cf1f69da44edf276b420eb6af4d0bbef
child 501796 e4062da24f6b02d3d6998088e82d780a07047e63
push id50127
push userna-g@nostrum.com
push dateTue, 21 Mar 2017 00:09:45 +0000
reviewerserahm
bugs1336830
milestone55.0a1
Bug 1336830 - Pop state immediately after running a template. r=erahm
dom/xslt/crashtests/1336830.html
dom/xslt/crashtests/crashtests.list
dom/xslt/xslt/txInstructions.cpp
dom/xslt/xslt/txInstructions.h
dom/xslt/xslt/txStylesheetCompileHandlers.cpp
new file mode 100644
--- /dev/null
+++ b/dom/xslt/crashtests/1336830.html
@@ -0,0 +1,27 @@
+<!DOCTYPE html>
+<html>
+<head>
+<meta charset="UTF-8">
+<script id=o_xml type="text/plain"><?xml version="1.0" encoding="UTF-8"?>
+<tag_name/>
+</script>
+<script id=o_xslt type="text/plain"><?xml version="1.0" encoding="UTF-8"?>
+<xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" version="42">
+  <xsl:template match="*">
+    <xsl:apply-imports/>
+    <xsl:apply-templates select=".">
+      <xsl:with-param name="whatever_1">whatever_2</xsl:with-param>
+    </xsl:apply-templates>
+  </xsl:template>
+</xsl:stylesheet>
+</script>
+<script>
+window.onload = function(){
+  setTimeout(function(){ window.close(); }, 400);
+  let doc = new DOMParser(), proc = new XSLTProcessor();
+  proc.importStylesheet(doc.parseFromString(document.getElementById('o_xslt').textContent, "text/xml"));
+  proc.transformToFragment(doc.parseFromString(document.getElementById('o_xml').textContent, "text/xml"), document);
+};
+</script>
+</head>
+</html>
--- a/dom/xslt/crashtests/crashtests.list
+++ b/dom/xslt/crashtests/crashtests.list
@@ -13,8 +13,9 @@ load 528963.xml
 load 545927.html
 load 601543.html
 load 602115.html
 load 603844.html
 load 667315.xml
 load 1089049.html
 load 1205163.xml
 load 1243337.xml
+load 1336830.html
--- a/dom/xslt/xslt/txInstructions.cpp
+++ b/dom/xslt/xslt/txInstructions.cpp
@@ -32,26 +32,17 @@ txApplyDefaultElementTemplate::execute(t
                                       mode, &aEs, nullptr, &frame);
 
     aEs.pushTemplateRule(frame, mode, aEs.mTemplateParams);
 
     return aEs.runTemplate(templ);
 }
 
 nsresult
-txApplyImportsEnd::execute(txExecutionState& aEs)
-{
-    aEs.popTemplateRule();
-    aEs.popParamMap();
-    
-    return NS_OK;
-}
-
-nsresult
-txApplyImportsStart::execute(txExecutionState& aEs)
+txApplyImports::execute(txExecutionState& aEs)
 {
     txExecutionState::TemplateRule* rule = aEs.getCurrentTemplateRule();
     // The frame is set to null when there is no current template rule, or
     // when the current template rule is a default template. However this
     // instruction isn't used in default templates.
     if (!rule->mFrame) {
         // XXX ErrorReport: apply-imports instantiated without a current rule
         return NS_ERROR_XSLT_EXECUTION_FAILURE;
@@ -63,17 +54,22 @@ txApplyImportsStart::execute(txExecution
     txStylesheet::ImportFrame* frame = 0;
     txExpandedName mode(rule->mModeNsId, rule->mModeLocalName);
     txInstruction* templ =
         aEs.mStylesheet->findTemplate(aEs.getEvalContext()->getContextNode(),
                                       mode, &aEs, rule->mFrame, &frame);
 
     aEs.pushTemplateRule(frame, mode, rule->mParams);
 
-    return aEs.runTemplate(templ);
+    rv = aEs.runTemplate(templ);
+
+    aEs.popTemplateRule();
+    aEs.popParamMap();
+
+    return rv;
 }
 
 txApplyTemplates::txApplyTemplates(const txExpandedName& aMode)
     : mMode(aMode)
 {
 }
 
 nsresult
--- a/dom/xslt/xslt/txInstructions.h
+++ b/dom/xslt/xslt/txInstructions.h
@@ -42,23 +42,17 @@ public:
 
 
 class txApplyDefaultElementTemplate : public txInstruction
 {
 public:
     TX_DECL_TXINSTRUCTION
 };
 
-class txApplyImportsEnd : public txInstruction
-{
-public:
-    TX_DECL_TXINSTRUCTION
-};
-
-class txApplyImportsStart : public txInstruction
+class txApplyImports : public txInstruction
 {
 public:
     TX_DECL_TXINSTRUCTION
 };
 
 class txApplyTemplates : public txInstruction
 {
 public:
--- a/dom/xslt/xslt/txStylesheetCompileHandlers.cpp
+++ b/dom/xslt/xslt/txStylesheetCompileHandlers.cpp
@@ -1307,34 +1307,29 @@ txFnText(const nsAString& aStr, txStyles
     NS_ENSURE_SUCCESS(rv, rv);
 
     return NS_OK;
 }
 
 /*
   xsl:apply-imports
 
-  txApplyImportsStart
-  txApplyImportsEnd
+  txApplyImports
 */
 static nsresult
 txFnStartApplyImports(int32_t aNamespaceID,
                       nsIAtom* aLocalName,
                       nsIAtom* aPrefix,
                       txStylesheetAttr* aAttributes,
                       int32_t aAttrCount,
                       txStylesheetCompilerState& aState)
 {
     nsresult rv = NS_OK;
 
-    nsAutoPtr<txInstruction> instr(new txApplyImportsStart);
-    rv = aState.addInstruction(Move(instr));
-    NS_ENSURE_SUCCESS(rv, rv);
-
-    instr = new txApplyImportsEnd;
+    nsAutoPtr<txInstruction> instr(new txApplyImports);
     rv = aState.addInstruction(Move(instr));
     NS_ENSURE_SUCCESS(rv, rv);
 
     return aState.pushHandlerTable(gTxIgnoreHandler);
 }
 
 static nsresult
 txFnEndApplyImports(txStylesheetCompilerState& aState)