Title: [248250] releases/WebKitGTK/webkit-2.24/Source/WebCore
- Revision
- 248250
- Author
- [email protected]
- Date
- 2019-08-03 20:23:58 -0700 (Sat, 03 Aug 2019)
Log Message
Merge r247298 - [GStreamer] Protect against null samples and samples with null buffers
https://bugs.webkit.org/show_bug.cgi?id=199619
Reviewed by Philippe Normand.
* platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
(WebCore::GstVideoFrameHolder::GstVideoFrameHolder): Assert to enforce non-null samples.
(WebCore::GstVideoFrameHolder::updateTexture): Protect against null m_buffer and improperly mapped video frame.
Modified Paths
Diff
Modified: releases/WebKitGTK/webkit-2.24/Source/WebCore/ChangeLog (248249 => 248250)
--- releases/WebKitGTK/webkit-2.24/Source/WebCore/ChangeLog 2019-08-04 03:23:55 UTC (rev 248249)
+++ releases/WebKitGTK/webkit-2.24/Source/WebCore/ChangeLog 2019-08-04 03:23:58 UTC (rev 248250)
@@ -1,3 +1,14 @@
+2019-07-10 Enrique Ocaña González <[email protected]>
+
+ [GStreamer] Protect against null samples and samples with null buffers
+ https://bugs.webkit.org/show_bug.cgi?id=199619
+
+ Reviewed by Philippe Normand.
+
+ * platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp:
+ (WebCore::GstVideoFrameHolder::GstVideoFrameHolder): Assert to enforce non-null samples.
+ (WebCore::GstVideoFrameHolder::updateTexture): Protect against null m_buffer and improperly mapped video frame.
+
2019-07-08 Charlie Turner <[email protected]>
REGRESSION(r243197): [GStreamer] Web process hangs when scrolling twitter timeline which contains HLS videos
Modified: releases/WebKitGTK/webkit-2.24/Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp (248249 => 248250)
--- releases/WebKitGTK/webkit-2.24/Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp 2019-08-04 03:23:55 UTC (rev 248249)
+++ releases/WebKitGTK/webkit-2.24/Source/WebCore/platform/graphics/gstreamer/MediaPlayerPrivateGStreamerBase.cpp 2019-08-04 03:23:58 UTC (rev 248250)
@@ -135,6 +135,8 @@
public:
explicit GstVideoFrameHolder(GstSample* sample, TextureMapperGL::Flags flags, bool gstGLEnabled)
{
+ RELEASE_ASSERT(GST_IS_SAMPLE(sample));
+
GstVideoInfo videoInfo;
if (UNLIKELY(!getSampleVideoInfo(sample, videoInfo)))
return;
@@ -185,7 +187,7 @@
{
ASSERT(!m_textureID);
GstVideoGLTextureUploadMeta* meta;
- if ((meta = gst_buffer_get_video_gl_texture_upload_meta(m_buffer))) {
+ if (m_buffer && (meta = gst_buffer_get_video_gl_texture_upload_meta(m_buffer))) {
if (meta->n_textures == 1) { // BRGx & BGRA formats use only one texture.
guint ids[4] = { texture.id(), 0, 0, 0 };
@@ -194,8 +196,15 @@
}
}
+ if (!m_isMapped)
+ return;
+
int stride = GST_VIDEO_FRAME_PLANE_STRIDE(&m_videoFrame, 0);
const void* srcData = GST_VIDEO_FRAME_PLANE_DATA(&m_videoFrame, 0);
+
+ if (!srcData)
+ return;
+
texture.updateContents(srcData, WebCore::IntRect(0, 0, m_size.width(), m_size.height()), WebCore::IntPoint(0, 0), stride);
}
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
