[webkit-changes] [94578] trunk/Source/WebCore

Tue, 06 Sep 2011 10:48:41 -0700

Title: [94578] trunk/Source/WebCore
Revision
94578
Author
[email protected]
Date
2011-09-06 10:49:41 -0700 (Tue, 06 Sep 2011)

Log Message

[EFL] Do not allocate memory for extremely large surfaces.
https://bugs.webkit.org/show_bug.cgi?id=65192

Patch by Raphael Kubo da Costa <[email protected]> on 2011-09-06
Reviewed by Martin Robinson.

So far, RenderThemeEfl tried to allocate a buffer and a cairo surface
the size of the whole form element passed to it.

In the case of
fast/overflow/overflow-height-float-not-removed-crash.html and others,
this meant extremely large widgets, which crashed the code.

We now only render the widgets if they are smaller than some hardcoded
and sufficiently large values which should work in most cases.

No new tests, as this was uncovered by existing ones.

* platform/efl/RenderThemeEfl.cpp:
(WebCore::RenderThemeEfl::isFormElementTooLargeToDisplay):
(WebCore::RenderThemeEfl::cacheThemePartNew):
(WebCore::RenderThemeEfl::paintThemePart):
* platform/efl/RenderThemeEfl.h:

Modified Paths

Diff

Modified: trunk/Source/WebCore/ChangeLog (94577 => 94578)


--- trunk/Source/WebCore/ChangeLog	2011-09-06 17:36:19 UTC (rev 94577)
+++ trunk/Source/WebCore/ChangeLog	2011-09-06 17:49:41 UTC (rev 94578)
@@ -1,3 +1,28 @@
+2011-09-06  Raphael Kubo da Costa  <[email protected]>
+
+        [EFL] Do not allocate memory for extremely large surfaces.
+        https://bugs.webkit.org/show_bug.cgi?id=65192
+
+        Reviewed by Martin Robinson.
+
+        So far, RenderThemeEfl tried to allocate a buffer and a cairo surface
+        the size of the whole form element passed to it.
+
+        In the case of
+        fast/overflow/overflow-height-float-not-removed-crash.html and others,
+        this meant extremely large widgets, which crashed the code.
+
+        We now only render the widgets if they are smaller than some hardcoded
+        and sufficiently large values which should work in most cases.
+
+        No new tests, as this was uncovered by existing ones.
+
+        * platform/efl/RenderThemeEfl.cpp:
+        (WebCore::RenderThemeEfl::isFormElementTooLargeToDisplay):
+        (WebCore::RenderThemeEfl::cacheThemePartNew):
+        (WebCore::RenderThemeEfl::paintThemePart):
+        * platform/efl/RenderThemeEfl.h:
+
 2011-08-30  Pavel Podivilov  <[email protected]>
 
         Web Inspector: implement source map v3 consumer.

Modified: trunk/Source/WebCore/platform/efl/RenderThemeEfl.cpp (94577 => 94578)


--- trunk/Source/WebCore/platform/efl/RenderThemeEfl.cpp	2011-09-06 17:36:19 UTC (rev 94577)
+++ trunk/Source/WebCore/platform/efl/RenderThemeEfl.cpp	2011-09-06 17:49:41 UTC (rev 94578)
@@ -143,11 +143,25 @@
     return true;
 }
 
+bool RenderThemeEfl::isFormElementTooLargeToDisplay(const IntSize& elementSize)
+{
+    // This limit of 20000 pixels is hardcoded inside edje -- anything above this size
+    // will be clipped. This value seems to be reasonable enough so that hardcoding it
+    // here won't be a problem.
+    static const int maxEdjeDimension = 20000;
+
+    return elementSize.width() > maxEdjeDimension || elementSize.height() > maxEdjeDimension;
+}
+
 // allocate a new entry and fill it with edje group
 struct RenderThemeEfl::ThemePartCacheEntry* RenderThemeEfl::cacheThemePartNew(FormType type, const IntSize& size)
 {
-    struct ThemePartCacheEntry *entry = new struct ThemePartCacheEntry;
+    if (isFormElementTooLargeToDisplay(size)) {
+        EINA_LOG_ERR("cannot render an element of size %dx%d", size.width(), size.height());
+        return 0;
+    }
 
+    ThemePartCacheEntry* entry = new ThemePartCacheEntry;
     if (!entry) {
         EINA_LOG_ERR("could not allocate ThemePartCacheEntry.");
         return 0;
@@ -297,7 +311,6 @@
     ASSERT(m_edje);
 
     entry = cacheThemePartGet(type, rect.size());
-    ASSERT(entry);
     if (!entry)
         return false;

Modified: trunk/Source/WebCore/platform/efl/RenderThemeEfl.h (94577 => 94578)


--- trunk/Source/WebCore/platform/efl/RenderThemeEfl.h	2011-09-06 17:36:19 UTC (rev 94577)
+++ trunk/Source/WebCore/platform/efl/RenderThemeEfl.h	2011-09-06 17:49:41 UTC (rev 94578)
@@ -200,6 +200,7 @@
     const char* edjeGroupFromFormType(FormType) const;
     void applyEdjeStateFromForm(Evas_Object*, ControlStates);
     bool paintThemePart(RenderObject*, FormType, const PaintInfo&, const IntRect&);
+    bool isFormElementTooLargeToDisplay(const IntSize&);
 
 #if ENABLE(VIDEO)
     bool emitMediaButtonSignal(FormType, MediaControlElementType, const IntRect&);

_______________________________________________
webkit-changes mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo.cgi/webkit-changes

Reply via email to