Title: [88856] trunk/Source/WebKit2
- Revision
- 88856
- Author
- [email protected]
- Date
- 2011-06-14 15:18:05 -0700 (Tue, 14 Jun 2011)
Log Message
<https://bugs.webkit.org/show_bug.cgi?id=62666>
<rdar://problem/9606676>
Callers should be robust against WebImage::create() returning an image with a null snapshot
Reviewed by Dan Bernstein.
* Shared/API/c/cg/WKImageCG.cpp:
(WKImageCreateCGImage):
Return 0 if no bitmap was created.
(WKImageCreateFromCGImage):
Ditto.
* Shared/UserMessageCoders.h:
(WebKit::UserMessageEncoder::baseEncode):
Check for null before dereferencing image->bitmap() in two places.
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::snapshotInViewCoordinates):
Return 0 if no bitmap was created.
(WebKit::WebPage::scaledSnapshotInDocumentCoordinates):
Ditto.
(WebKit::WebPage::createSnapshotOfVisibleContent):
Bail out if no bitmap was created.
Modified Paths
Diff
Modified: trunk/Source/WebKit2/ChangeLog (88855 => 88856)
--- trunk/Source/WebKit2/ChangeLog 2011-06-14 22:07:25 UTC (rev 88855)
+++ trunk/Source/WebKit2/ChangeLog 2011-06-14 22:18:05 UTC (rev 88856)
@@ -1,3 +1,29 @@
+2011-06-14 John Sullivan <[email protected]>
+
+ Reviewed by Dan Bernstein.
+
+ <https://bugs.webkit.org/show_bug.cgi?id=62666>
+ <rdar://problem/9606676>
+ Callers should be robust against WebImage::create() returning an image with a null snapshot
+
+ * Shared/API/c/cg/WKImageCG.cpp:
+ (WKImageCreateCGImage):
+ Return 0 if no bitmap was created.
+ (WKImageCreateFromCGImage):
+ Ditto.
+
+ * Shared/UserMessageCoders.h:
+ (WebKit::UserMessageEncoder::baseEncode):
+ Check for null before dereferencing image->bitmap() in two places.
+
+ * WebProcess/WebPage/WebPage.cpp:
+ (WebKit::WebPage::snapshotInViewCoordinates):
+ Return 0 if no bitmap was created.
+ (WebKit::WebPage::scaledSnapshotInDocumentCoordinates):
+ Ditto.
+ (WebKit::WebPage::createSnapshotOfVisibleContent):
+ Bail out if no bitmap was created.
+
2011-06-14 Anders Carlsson <[email protected]>
Reviewed by Darin Adler.
Modified: trunk/Source/WebKit2/Shared/API/c/cg/WKImageCG.cpp (88855 => 88856)
--- trunk/Source/WebKit2/Shared/API/c/cg/WKImageCG.cpp 2011-06-14 22:07:25 UTC (rev 88855)
+++ trunk/Source/WebKit2/Shared/API/c/cg/WKImageCG.cpp 2011-06-14 22:18:05 UTC (rev 88856)
@@ -36,13 +36,26 @@
CGImageRef WKImageCreateCGImage(WKImageRef imageRef)
{
- return toImpl(imageRef)->bitmap()->makeCGImageCopy().leakRef();
+ if (!imageRef)
+ return 0;
+
+ WebImage* webImage = toImpl(imageRef);
+ if (!webImage || !webImage->bitmap())
+ return 0;
+
+ return webImage->bitmap()->makeCGImageCopy().leakRef();
}
WKImageRef WKImageCreateFromCGImage(CGImageRef imageRef, WKImageOptions options)
{
+ if (!imageRef)
+ return 0;
+
IntSize imageSize(CGImageGetWidth(imageRef), CGImageGetHeight(imageRef));
RefPtr<WebImage> webImage = WebImage::create(imageSize, toImageOptions(options));
+ if (!webImage || !webImage->bitmap())
+ return 0;
+
OwnPtr<GraphicsContext> graphicsContext = webImage->bitmap()->createGraphicsContext();
CGContextDrawImage(graphicsContext->platformContext(), CGRectMake(0, 0, imageSize.width(), imageSize.height()), imageRef);
return toAPI(webImage.release().leakRef());
Modified: trunk/Source/WebKit2/Shared/UserMessageCoders.h (88855 => 88856)
--- trunk/Source/WebKit2/Shared/UserMessageCoders.h 2011-06-14 22:07:25 UTC (rev 88855)
+++ trunk/Source/WebKit2/Shared/UserMessageCoders.h 2011-06-14 22:18:05 UTC (rev 88856)
@@ -127,13 +127,13 @@
}
case APIObject::TypeImage: {
WebImage* image = static_cast<WebImage*>(m_root);
- if (!image->bitmap()->isBackedBySharedMemory()) {
+ if (!image->bitmap() || !image->bitmap()->isBackedBySharedMemory()) {
encoder->encode(false);
return true;
}
ShareableBitmap::Handle handle;
- if (!image->bitmap()->createHandle(handle))
+ if (!image->bitmap() || !image->bitmap()->createHandle(handle))
return false;
encoder->encode(true);
Modified: trunk/Source/WebKit2/WebProcess/WebPage/WebPage.cpp (88855 => 88856)
--- trunk/Source/WebKit2/WebProcess/WebPage/WebPage.cpp 2011-06-14 22:07:25 UTC (rev 88855)
+++ trunk/Source/WebKit2/WebProcess/WebPage/WebPage.cpp 2011-06-14 22:18:05 UTC (rev 88856)
@@ -875,6 +875,9 @@
frameView->setPaintBehavior(oldBehavior | PaintBehaviorFlattenCompositingLayers);
RefPtr<WebImage> snapshot = WebImage::create(rect.size(), options);
+ if (!snapshot->bitmap())
+ return 0;
+
OwnPtr<WebCore::GraphicsContext> graphicsContext = snapshot->bitmap()->createGraphicsContext();
graphicsContext->save();
@@ -904,6 +907,9 @@
size = IntSize(ceil(rect.width() * scaleFactor), ceil(rect.height() * scaleFactor));
RefPtr<WebImage> snapshot = WebImage::create(size, options);
+ if (!snapshot->bitmap())
+ return 0;
+
OwnPtr<WebCore::GraphicsContext> graphicsContext = snapshot->bitmap()->createGraphicsContext();
graphicsContext->save();
@@ -929,8 +935,12 @@
FrameView* frameView = m_mainFrame->coreFrame()->view();
if (!frameView)
return;
+
IntRect contentRect = frameView->visibleContentRect(false);
RefPtr<WebImage> snapshotImage = scaledSnapshotInDocumentCoordinates(contentRect, 1, ImageOptionsShareable);
+ if (!snapshotImage->bitmap())
+ return;
+
snapshotImage->bitmap()->createHandle(snapshotHandle);
}
_______________________________________________
webkit-changes mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo.cgi/webkit-changes
