Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: f3e9985497a95dccf364dbdb82b52738baffaefa
https://github.com/WebKit/WebKit/commit/f3e9985497a95dccf364dbdb82b52738baffaefa
Author: Taher Ali <taher_...@apple.com>
Date: 2025-04-21 (Mon, 21 Apr 2025)
Changed paths:
A LayoutTests/ipc/insufficient-svgfilter-inputs-crash-expected.txt
A LayoutTests/ipc/insufficient-svgfilter-inputs-crash.html
M Source/WebCore/platform/graphics/filters/FilterEffect.cpp
Log Message:
-----------
FilterEffect::takeImageInputs returns a no-op when insufficient inputs are
provided
https://bugs.webkit.org/show_bug.cgi?id=291826
rdar://147489771
Reviewed by Brent Fulgham.
We prevent a fatal crash in FilterEffect::takeImageInputs when an untrusted
or malformed IPC message results in fewer image inputs than expected.
While this scenario may not occur with valid SVG content, it can be triggered
through direct IPC. Instead of crashing, we now return a no-op,
allowing the filter evaluation to continue safely.
* Source/WebCore/platform/graphics/filters/FilterEffect.cpp:
(WebCore::FilterEffect::takeImageInputs const):
(WebCore::FilterEffect::apply):
Canonical link: https://commits.webkit.org/293928@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
