Skip to site navigation (Press enter)

[webkit-changes] [289179] releases/WebKitGTK/webkit-2.34

aperez Sun, 06 Feb 2022 12:47:10 -0800

Title: [289179] releases/WebKitGTK/webkit-2.34

Revision: 289179
Author: [email protected]
Date: 2022-02-06 12:46:17 -0800 (Sun, 06 Feb 2022)

Log Message

Merge r288217 - Null check player in taintsOrigin
https://bugs.webkit.org/show_bug.cgi?id=234257


Patch by Rob Buis <[email protected]> on 2022-01-19
Reviewed by Youenn Fablet.

Source/WebCore:

Null check player in taintsOrigin.

Test: fast/media/createImageBitmap-from-video-crash.html

* html/ImageBitmap.cpp:
(WebCore::taintsOrigin):

LayoutTests:

* fast/media/createImageBitmap-from-video-crash-expected.txt: Added.
* fast/media/createImageBitmap-from-video-crash.html: Added.

Modified Paths

releases/WebKitGTK/webkit-2.34/LayoutTests/ChangeLog
releases/WebKitGTK/webkit-2.34/Source/WebCore/ChangeLog
releases/WebKitGTK/webkit-2.34/Source/WebCore/html/ImageBitmap.cpp

Added Paths

releases/WebKitGTK/webkit-2.34/LayoutTests/fast/media/createImageBitmap-from-video-crash-expected.txt
releases/WebKitGTK/webkit-2.34/LayoutTests/fast/media/createImageBitmap-from-video-crash.html

Diff

Modified: releases/WebKitGTK/webkit-2.34/LayoutTests/ChangeLog (289178 => 289179)


--- releases/WebKitGTK/webkit-2.34/LayoutTests/ChangeLog	2022-02-06 20:42:34 UTC (rev 289178)
+++ releases/WebKitGTK/webkit-2.34/LayoutTests/ChangeLog	2022-02-06 20:46:17 UTC (rev 289179)
@@ -1,3 +1,13 @@
+2022-01-19  Rob Buis  <[email protected]>
+
+        Null check player in taintsOrigin
+        https://bugs.webkit.org/show_bug.cgi?id=234257
+
+        Reviewed by Youenn Fablet.
+
+        * fast/media/createImageBitmap-from-video-crash-expected.txt: Added.
+        * fast/media/createImageBitmap-from-video-crash.html: Added.
+
 2021-11-20  Carlos Garcia Campos  <[email protected]>
 
         Report the initiating url instead of the redirected one

Added: releases/WebKitGTK/webkit-2.34/LayoutTests/fast/media/createImageBitmap-from-video-crash-expected.txt (0 => 289179)


--- releases/WebKitGTK/webkit-2.34/LayoutTests/fast/media/createImageBitmap-from-video-crash-expected.txt	                        (rev 0)
+++ releases/WebKitGTK/webkit-2.34/LayoutTests/fast/media/createImageBitmap-from-video-crash-expected.txt	2022-02-06 20:46:17 UTC (rev 289179)
@@ -0,0 +1 @@
+PASS

Added: releases/WebKitGTK/webkit-2.34/LayoutTests/fast/media/createImageBitmap-from-video-crash.html (0 => 289179)


--- releases/WebKitGTK/webkit-2.34/LayoutTests/fast/media/createImageBitmap-from-video-crash.html	                        (rev 0)
+++ releases/WebKitGTK/webkit-2.34/LayoutTests/fast/media/createImageBitmap-from-video-crash.html	2022-02-06 20:46:17 UTC (rev 289179)
@@ -0,0 +1,18 @@
+<script>
+  window.console.log = function() { };
+  if (window.testRunner) {
+    testRunner.dumpAsText();
+  }
+  _onload_ = async () => {
+    let video = document.createElement('video');
+    video.src = ""
+    await RTCPeerConnection.generateCertificate({
+      name: 'RSASSA-PKCS1-v1_5',
+      modulusLength: 2048,
+      publicExponent: new Uint8Array([1, 0, 1]),
+      hash: 'SHA-256'
+    });
+    try { await createImageBitmap(video, 0, 0, 1, 2); } catch (error) {}
+  }
+</script>
+PASS

Modified: releases/WebKitGTK/webkit-2.34/Source/WebCore/ChangeLog (289178 => 289179)


--- releases/WebKitGTK/webkit-2.34/Source/WebCore/ChangeLog	2022-02-06 20:42:34 UTC (rev 289178)
+++ releases/WebKitGTK/webkit-2.34/Source/WebCore/ChangeLog	2022-02-06 20:46:17 UTC (rev 289179)
@@ -1,3 +1,17 @@
+2022-01-19  Rob Buis  <[email protected]>
+
+        Null check player in taintsOrigin
+        https://bugs.webkit.org/show_bug.cgi?id=234257
+
+        Reviewed by Youenn Fablet.
+
+        Null check player in taintsOrigin.
+
+        Test: fast/media/createImageBitmap-from-video-crash.html
+
+        * html/ImageBitmap.cpp:
+        (WebCore::taintsOrigin):
+
 2022-02-04  Alexander Mikhaylenko  <[email protected]>
 
         [GTK] Crash when starting DND on touchscreen

Modified: releases/WebKitGTK/webkit-2.34/Source/WebCore/html/ImageBitmap.cpp (289178 => 289179)


--- releases/WebKitGTK/webkit-2.34/Source/WebCore/html/ImageBitmap.cpp	2022-02-06 20:42:34 UTC (rev 289178)
+++ releases/WebKitGTK/webkit-2.34/Source/WebCore/html/ImageBitmap.cpp	2022-02-06 20:46:17 UTC (rev 289179)
@@ -153,7 +153,7 @@
     if (!video.hasSingleSecurityOrigin())
         return true;
 
-    if (video.player()->didPassCORSAccessCheck())
+    if (!video.player() || video.player()->didPassCORSAccessCheck())
         return false;
 
     auto url = ""

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes