Diff
Modified: trunk/Source/WebCore/ChangeLog (174464 => 174465)
--- trunk/Source/WebCore/ChangeLog 2014-10-08 18:31:14 UTC (rev 174464)
+++ trunk/Source/WebCore/ChangeLog 2014-10-08 18:32:12 UTC (rev 174465)
@@ -1,3 +1,43 @@
+2014-10-08 Brent Fulgham <[email protected]>
+
+ [Win] Resolve various static analyzer warnings in WebCore.
+ https://bugs.webkit.org/show_bug.cgi?id=137526
+
+ Reviewed by Dean Jackson.
+
+ A series of small changes to resolve various issues found by the MSVC static analyzer.
+
+ * inspector/NetworkResourcesData.cpp:
+ (WebCore::NetworkResourcesData::clear): Add assertion that it->value should never be null.
+ * page/SessionIDHash.h:
+ (WTF::HashTraits<WebCore::SessionID>::constructDeletedValue): Add explicit cast to avoid
+ compiler warning.
+ (WTF::HashTraits<WebCore::SessionID>::isDeletedValue): Ditto.
+ * page/win/FrameCGWin.cpp:
+ (WebCore::imageFromRect): Resolve static analyzer warnings by initializing bits, and
+ checking the return value of ::CreateDIBSection, which return nullptr on error.
+ * platform/graphics/ca/win/PlatformCALayerWin.cpp:
+ (printLayer): Use correct MSVC format specifier for size_t.
+ * platform/graphics/win/FontCacheWin.cpp:
+ (WebCore::getLinkedFonts): Handle possibility that a font link key does not exist.
+ (WebCore::FontCache::systemFallbackForCharacters): Handle error case when a valid code page
+ does not exist for a given character.
+ * platform/graphics/win/SimpleFontDataWin.cpp:
+ (WebCore::SimpleFontData::containsCharacters): Handle error cases for mapping to the CP_ACP code page,
+ and related failures when attempting to access the contents of a given code page.
+ * platform/graphics/win/UniscribeController.cpp:
+ (WebCore::UniscribeController::itemizeShapeAndPlace): Handle possible failure in the
+ ScriptItemize API call.
+ (WebCore::UniscribeController::shapeAndPlaceItem): Ditto for ScriptXtoCP API call.
+ * platform/win/BString.h: Use consistent SAL annotations for our typedeof of BSTR as in
+ the system header.
+ * platform/win/COMPtr.h: Ditto for HRESULT.
+ * platform/win/DragImageCGWin.cpp:
+ (WebCore::allocImage): Handle case of failing CreateDIBSection API call.
+ * platform/win/PopupMenuWin.cpp:
+ (WebCore::PopupMenuWin::show): Handle case of failing SystemParamtersInfo API call.
+ (WebCore::PopupMenuWin::wndProc): Ditto.
+
2014-10-07 Jer Noble <[email protected]>
[EME][Mac] Update CDMSessionMediaSourceAVFObjC to match new API provided by AVStreamSession
Modified: trunk/Source/WebCore/inspector/NetworkResourcesData.cpp (174464 => 174465)
--- trunk/Source/WebCore/inspector/NetworkResourcesData.cpp 2014-10-08 18:31:14 UTC (rev 174464)
+++ trunk/Source/WebCore/inspector/NetworkResourcesData.cpp 2014-10-08 18:32:12 UTC (rev 174465)
@@ -338,6 +338,7 @@
ResourceDataMap::iterator end = m_requestIdToResourceDataMap.end();
for (it = m_requestIdToResourceDataMap.begin(); it != end; ++it) {
ResourceData* resourceData = it->value;
+ ASSERT(resourceData);
if (!preservedLoaderId.isNull() && resourceData->loaderId() == preservedLoaderId)
preservedMap.set(it->key, it->value);
else
Modified: trunk/Source/WebCore/page/SessionIDHash.h (174464 => 174465)
--- trunk/Source/WebCore/page/SessionIDHash.h 2014-10-08 18:31:14 UTC (rev 174464)
+++ trunk/Source/WebCore/page/SessionIDHash.h 2014-10-08 18:32:12 UTC (rev 174465)
@@ -32,18 +32,19 @@
namespace WTF {
-// The empty value is emptySessionID(), the deleted value is (-1)
+// The empty value is emptySessionID(), the deleted value is (-2)
struct SessionIDHash {
static unsigned hash(const WebCore::SessionID& p) { return (unsigned)p.sessionID(); }
static bool equal(const WebCore::SessionID& a, const WebCore::SessionID& b) { return a == b; }
static const bool safeToCompareToEmptyOrDeleted = true;
};
template<> struct HashTraits<WebCore::SessionID> : GenericHashTraits<WebCore::SessionID> {
+ static const uint64_t deletedValueIdentifier = 0xFFFFFFFFFFFFFFFE;
static const bool needsDestruction = false;
static WebCore::SessionID emptyValue() { return WebCore::SessionID::emptySessionID(); }
- static void constructDeletedValue(WebCore::SessionID& slot) { slot = WebCore::SessionID(-2); }
- static bool isDeletedValue(const WebCore::SessionID& slot) { return slot == WebCore::SessionID(-2); }
+ static void constructDeletedValue(WebCore::SessionID& slot) { slot = WebCore::SessionID(deletedValueIdentifier); }
+ static bool isDeletedValue(const WebCore::SessionID& slot) { return slot == WebCore::SessionID(deletedValueIdentifier); }
};
template<> struct DefaultHash<WebCore::SessionID> {
typedef SessionIDHash Hash;
Modified: trunk/Source/WebCore/page/win/FrameCGWin.cpp (174464 => 174465)
--- trunk/Source/WebCore/page/win/FrameCGWin.cpp 2014-10-08 18:31:14 UTC (rev 174464)
+++ trunk/Source/WebCore/page/win/FrameCGWin.cpp 2014-10-08 18:32:12 UTC (rev 174465)
@@ -55,13 +55,16 @@
PaintBehavior oldPaintBehavior = frame->view()->paintBehavior();
frame->view()->setPaintBehavior(oldPaintBehavior | PaintBehaviorFlattenCompositingLayers);
- void* bits;
+ void* bits = nullptr;
auto hdc = adoptGDIObject(::CreateCompatibleDC(0));
int w = ir.width();
int h = ir.height();
BitmapInfo bmp = BitmapInfo::create(IntSize(w, h));
GDIObject<HBITMAP> hbmp = adoptGDIObject(::CreateDIBSection(0, &bmp, DIB_RGB_COLORS, static_cast<void**>(&bits), 0, 0));
+ if (!hbmp)
+ return hbmp;
+
HGDIOBJ hbmpOld = SelectObject(hdc.get(), hbmp.get());
CGContextRef context = CGBitmapContextCreate(static_cast<void*>(bits), w, h,
8, w * sizeof(RGBQUAD), deviceRGBColorSpaceRef(), kCGBitmapByteOrder32Little | kCGImageAlphaPremultipliedFirst);
Modified: trunk/Source/WebCore/platform/graphics/ca/win/PlatformCALayerWin.cpp (174464 => 174465)
--- trunk/Source/WebCore/platform/graphics/ca/win/PlatformCALayerWin.cpp 2014-10-08 18:31:14 UTC (rev 174464)
+++ trunk/Source/WebCore/platform/graphics/ca/win/PlatformCALayerWin.cpp 2014-10-08 18:32:12 UTC (rev 174465)
@@ -669,7 +669,7 @@
if (CFGetTypeID(layerContents) == CGImageGetTypeID()) {
CGImageRef imageContents = static_cast<CGImageRef>(const_cast<void*>(layerContents));
printIndent(indent + 1);
- fprintf(stderr, "(contents (image [%d %d]))\n",
+ fprintf(stderr, "(contents (image [%Iu %Iu]))\n",
CGImageGetWidth(imageContents), CGImageGetHeight(imageContents));
}
}
Modified: trunk/Source/WebCore/platform/graphics/win/FontCacheWin.cpp (174464 => 174465)
--- trunk/Source/WebCore/platform/graphics/win/FontCacheWin.cpp 2014-10-08 18:31:14 UTC (rev 174464)
+++ trunk/Source/WebCore/platform/graphics/win/FontCacheWin.cpp 2014-10-08 18:32:12 UTC (rev 174465)
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2006, 2007, 2008, 2013 Apple Inc. All rights reserved.
+ * Copyright (C) 2006, 2007, 2008, 2013-2014 Apple Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -35,6 +35,7 @@
#include <mlang.h>
#include <windows.h>
#include <wtf/StdLibExtras.h>
+#include <wtf/text/CString.h>
#include <wtf/text/StringHash.h>
#include <wtf/text/StringView.h>
#include <wtf/win/GDIObject.h>
@@ -97,12 +98,16 @@
result = new Vector<String>;
systemLinkMap.set(family, result);
- HKEY fontLinkKey;
+ HKEY fontLinkKey = nullptr;
if (FAILED(RegOpenKeyEx(HKEY_LOCAL_MACHINE, L"Software\\Microsoft\\Windows NT\\CurrentVersion\\FontLink\\SystemLink", 0, KEY_READ, &fontLinkKey)))
return result;
DWORD linkedFontsBufferSize = 0;
- RegQueryValueEx(fontLinkKey, family.charactersWithNullTermination().data(), 0, NULL, NULL, &linkedFontsBufferSize);
+ if (::RegQueryValueEx(fontLinkKey, family.charactersWithNullTermination().data(), 0, nullptr, nullptr, &linkedFontsBufferSize) == ERROR_FILE_NOT_FOUND) {
+ WTFLogAlways("The font link key %s does not exist in the registry.", family.utf8().data());
+ return result;
+ }
+
WCHAR* linkedFonts = reinterpret_cast<WCHAR*>(malloc(linkedFontsBufferSize));
if (SUCCEEDED(RegQueryValueEx(fontLinkKey, family.charactersWithNullTermination().data(), 0, NULL, reinterpret_cast<BYTE*>(linkedFonts), &linkedFontsBufferSize))) {
unsigned i = 0;
@@ -200,29 +205,29 @@
if (IMLangFontLinkType* langFontLink = getFontLinkInterface()) {
// Try MLang font linking first.
DWORD codePages = 0;
- langFontLink->GetCharCodePages(character, &codePages);
-
- if (codePages && u_getIntPropertyValue(character, UCHAR_UNIFIED_IDEOGRAPH)) {
- // The CJK character may belong to multiple code pages. We want to
- // do font linking against a single one of them, preferring the default
- // code page for the user's locale.
- const Vector<DWORD, 4>& CJKCodePageMasks = getCJKCodePageMasks();
- unsigned numCodePages = CJKCodePageMasks.size();
- for (unsigned i = 0; i < numCodePages && !hfont; ++i) {
- hfont = createMLangFont(langFontLink, hdc, CJKCodePageMasks[i]);
- if (hfont && !(codePages & CJKCodePageMasks[i])) {
- // We asked about a code page that is not one of the code pages
- // returned by MLang, so the font might not contain the character.
- SelectObject(hdc, hfont);
- if (!currentFontContainsCharacter(hdc, character)) {
- DeleteObject(hfont);
- hfont = 0;
+ if (SUCCEEDED(langFontLink->GetCharCodePages(character, &codePages))) {
+ if (codePages && u_getIntPropertyValue(character, UCHAR_UNIFIED_IDEOGRAPH)) {
+ // The CJK character may belong to multiple code pages. We want to
+ // do font linking against a single one of them, preferring the default
+ // code page for the user's locale.
+ const Vector<DWORD, 4>& CJKCodePageMasks = getCJKCodePageMasks();
+ unsigned numCodePages = CJKCodePageMasks.size();
+ for (unsigned i = 0; i < numCodePages && !hfont; ++i) {
+ hfont = createMLangFont(langFontLink, hdc, CJKCodePageMasks[i]);
+ if (hfont && !(codePages & CJKCodePageMasks[i])) {
+ // We asked about a code page that is not one of the code pages
+ // returned by MLang, so the font might not contain the character.
+ SelectObject(hdc, hfont);
+ if (!currentFontContainsCharacter(hdc, character)) {
+ DeleteObject(hfont);
+ hfont = 0;
+ }
+ SelectObject(hdc, primaryFont);
}
- SelectObject(hdc, primaryFont);
}
- }
- } else
- hfont = createMLangFont(langFontLink, hdc, codePages, character);
+ } else
+ hfont = createMLangFont(langFontLink, hdc, codePages, character);
+ }
}
// A font returned from MLang is trusted to contain the character.
Modified: trunk/Source/WebCore/platform/graphics/win/SimpleFontDataWin.cpp (174464 => 174465)
--- trunk/Source/WebCore/platform/graphics/win/SimpleFontDataWin.cpp 2014-10-08 18:31:14 UTC (rev 174464)
+++ trunk/Source/WebCore/platform/graphics/win/SimpleFontDataWin.cpp 2014-10-08 18:32:12 UTC (rev 174465)
@@ -155,16 +155,23 @@
HWndDC dc(0);
DWORD acpCodePages;
- langFontLink->CodePageToCodePages(CP_ACP, &acpCodePages);
+ if (FAILED(langFontLink->CodePageToCodePages(CP_ACP, &acpCodePages))) {
+ WTFLogAlways("SimpleFontData::containsCharacters: Unable to convert to CP_ACP code page.");
+ return false;
+ }
DWORD fontCodePages;
- langFontLink->GetFontCodePages(dc, m_platformData.hfont(), &fontCodePages);
+ if (FAILED(langFontLink->GetFontCodePages(dc, m_platformData.hfont(), &fontCodePages))) {
+ WTFLogAlways("SimpleFontData::containsCharacters: Unable to find matching code page for specified font.");
+ return false;
+ }
- DWORD actualCodePages;
- long numCharactersProcessed;
+ DWORD actualCodePages = 0;
+ long numCharactersProcessed = 0;
long offset = 0;
while (offset < length) {
- langFontLink->GetStrCodePages(characters, length, acpCodePages, &actualCodePages, &numCharactersProcessed);
+ if (FAILED(langFontLink->GetStrCodePages(characters, length, acpCodePages, &actualCodePages, &numCharactersProcessed)))
+ return false;
if ((actualCodePages & fontCodePages) == 0)
return false;
offset += numCharactersProcessed;
Modified: trunk/Source/WebCore/platform/graphics/win/UniscribeController.cpp (174464 => 174465)
--- trunk/Source/WebCore/platform/graphics/win/UniscribeController.cpp 2014-10-08 18:31:14 UTC (rev 174464)
+++ trunk/Source/WebCore/platform/graphics/win/UniscribeController.cpp 2014-10-08 18:32:12 UTC (rev 174465)
@@ -196,10 +196,15 @@
// hanging out at the end of the array
m_items.resize(6);
int numItems = 0;
- while (ScriptItemize(cp, length, m_items.size() - 1, &m_control, &m_state, m_items.data(), &numItems) == E_OUTOFMEMORY) {
+ HRESULT rc = S_OK;
+ while (rc = ::ScriptItemize(cp, length, m_items.size() - 1, &m_control, &m_state, m_items.data(), &numItems) == E_OUTOFMEMORY) {
m_items.resize(m_items.size() * 2);
resetControlAndState();
}
+ if (FAILED(rc)) {
+ WTFLogAlways("UniscribeController::itemizeShapeAndPlace: ScriptItemize failed, rc=%lx", rc);
+ return;
+ }
m_items.resize(numItems + 1);
if (m_run.rtl()) {
@@ -378,8 +383,12 @@
while (m_computingOffsetPosition && m_offsetX >= leftEdge && m_offsetX < m_runWidthSoFar) {
// The position is somewhere inside this run.
int trailing = 0;
- ScriptXtoCP(m_offsetX - leftEdge, clusters.size(), glyphs.size(), clusters.data(), visualAttributes.data(),
+ HRESULT rc = ::ScriptXtoCP(m_offsetX - leftEdge, clusters.size(), glyphs.size(), clusters.data(), visualAttributes.data(),
advances.data(), &item.a, &m_offsetPosition, &trailing);
+ if (FAILED(rc)) {
+ WTFLogAlways("UniscribeController::shapeAndPlaceItem: ScriptXtoCP failed rc=%lx", rc);
+ return true;
+ }
if (trailing && m_includePartialGlyphs && m_offsetPosition < len - 1) {
m_offsetPosition += m_currentCharacter + m_items[i].iCharPos;
m_offsetX += m_run.rtl() ? -trailing : trailing;
Modified: trunk/Source/WebCore/platform/win/BString.h (174464 => 174465)
--- trunk/Source/WebCore/platform/win/BString.h 2014-10-08 18:31:14 UTC (rev 174464)
+++ trunk/Source/WebCore/platform/win/BString.h 2014-10-08 18:32:12 UTC (rev 174465)
@@ -32,7 +32,11 @@
typedef const struct __CFString * CFStringRef;
#endif
+#ifndef _PREFAST_
typedef wchar_t* BSTR;
+#else // _PREFAST_
+typedef _Null_terminated_ wchar_t* BSTR;
+#endif
namespace WebCore {
Modified: trunk/Source/WebCore/platform/win/COMPtr.h (174464 => 174465)
--- trunk/Source/WebCore/platform/win/COMPtr.h 2014-10-08 18:31:14 UTC (rev 174464)
+++ trunk/Source/WebCore/platform/win/COMPtr.h 2014-10-08 18:32:12 UTC (rev 174465)
@@ -34,7 +34,11 @@
#include <wtf/Assertions.h>
#include <wtf/HashTraits.h>
-typedef long HRESULT;
+#ifdef __midl
+typedef LONG HRESULT;
+#else
+typedef _Return_type_success_(return >= 0) long HRESULT;
+#endif // __midl
// FIXME: Should we put this into the WebCore namespace and use "using" on it
// as we do with things in WTF?
Modified: trunk/Source/WebCore/platform/win/DragImageCGWin.cpp (174464 => 174465)
--- trunk/Source/WebCore/platform/win/DragImageCGWin.cpp 2014-10-08 18:31:14 UTC (rev 174464)
+++ trunk/Source/WebCore/platform/win/DragImageCGWin.cpp 2014-10-08 18:32:12 UTC (rev 174465)
@@ -49,10 +49,10 @@
{
BitmapInfo bmpInfo = BitmapInfo::create(size);
- LPVOID bits;
+ LPVOID bits = nullptr;
auto hbmp = adoptGDIObject(::CreateDIBSection(dc, &bmpInfo, DIB_RGB_COLORS, &bits, 0, 0));
- if (!targetRef)
+ if (!targetRef || !hbmp)
return hbmp;
CGContextRef bitmapContext = CGBitmapContextCreate(bits, bmpInfo.bmiHeader.biWidth, bmpInfo.bmiHeader.biHeight, 8,
Modified: trunk/Source/WebCore/platform/win/PopupMenuWin.cpp (174464 => 174465)
--- trunk/Source/WebCore/platform/win/PopupMenuWin.cpp 2014-10-08 18:31:14 UTC (rev 174464)
+++ trunk/Source/WebCore/platform/win/PopupMenuWin.cpp 2014-10-08 18:32:12 UTC (rev 174465)
@@ -160,7 +160,8 @@
setFocusedIndex(index);
}
- ::SystemParametersInfo(SPI_GETCOMBOBOXANIMATION, 0, &shouldAnimate, 0);
+ if (!::SystemParametersInfo(SPI_GETCOMBOBOXANIMATION, 0, &shouldAnimate, 0))
+ shouldAnimate = FALSE;
if (shouldAnimate) {
RECT viewRect = {0};
@@ -943,7 +944,8 @@
}
BOOL shouldHotTrack = FALSE;
- ::SystemParametersInfo(SPI_GETHOTTRACKING, 0, &shouldHotTrack, 0);
+ if (!::SystemParametersInfo(SPI_GETHOTTRACKING, 0, &shouldHotTrack, 0))
+ shouldHotTrack = FALSE;
RECT bounds;
GetClientRect(popupHandle(), &bounds);
