From 0176a5bf569d40d048bbf1244766428beb4916bc Mon Sep 17 00:00:00 2001 From: John-Mark Bell Date: Sun, 16 Nov 2025 14:44:15 +0000 Subject: [PATCH 1/2] parse/language: ensure parse stack is unwound handleEndBlockContent invokes handleBlockContent to flush through any pending tokens before unwinding the parse stack. The flush may fail, but the stack unwinding wants to happen anyway, so ensure that it does before returning the original result. --- src/parse/language.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/src/parse/language.c b/src/parse/language.c index 0e4ab7d..16f5d38 100644 --- a/src/parse/language.c +++ b/src/parse/language.c @@ -762,9 +762,6 @@ css_error handleEndBlockContent(css_language *c, const parserutils_vector *vecto * tokens we have left */ ret = handleBlockContent(c, vector); - if (ret != CSS_OK) { - return ret; - } /* Our goal here is to ensure that the language parse stack is in the * right state. We've encountered the end of a BlockContent such as @@ -783,7 +780,7 @@ css_error handleEndBlockContent(css_language *c, const parserutils_vector *vecto entry = parserutils_stack_get_current(c->context); } - return CSS_OK; + return ret; } css_error handleDeclaration(css_language *c, const parserutils_vector *vector) From b17f8d3d74bb2f2cc0c96a4e7e29ab9604c96664 Mon Sep 17 00:00:00 2001 From: Michael Drake Date: Sun, 16 Nov 2025 12:31:51 +0000 Subject: [PATCH 2/2] test: Add test for bad rule in at media block Based on fuzzing test input generated by Aaron Boxer: https://github.com/netsurf-browser/libcss/pull/22 Co-authored-by: John-Mark Bell --- test/data/parse2/dodgy-media-block.dat | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/test/data/parse2/dodgy-media-block.dat b/test/data/parse2/dodgy-media-block.dat index 4b6c220..1022d74 100644 --- a/test/data/parse2/dodgy-media-block.dat +++ b/test/data/parse2/dodgy-media-block.dat @@ -7,3 +7,17 @@ | .outer | top: 0px #reset + +#data +@media screen { b; } +p { padding: 0; } +#errors +#expected +| @media 040 +| b +| p +| padding-top: 0px +| padding-right: 0px +| padding-bottom: 0px +| padding-left: 0px +#reset