[webkit-changes] [175187] trunk/Source/WebKit2

[bdakin]

Title: [175187] trunk/Source/WebKit2

Revision

175187

Author

bda...@apple.com

Date

2014-10-24 15:27:27 -0700 (Fri, 24 Oct 2014)

Log Message

Very large images crash in action menu code
https://bugs.webkit.org/show_bug.cgi?id=138059
-and corresponding-
rdar://problem/18767859

Reviewed by Tim Horton.

If the HitTestResult failed to create and image, then don’t go for the image 
action menu.
* UIProcess/mac/WKActionMenuController.mm:
(-[WKActionMenuController _defaultMenuItems]):

ShareableBitmap::createShareable() can fail. The result needs to be null-checked.
* WebProcess/WebPage/WebPage.cpp:
(WebKit::WebPage::performActionMenuHitTestAtLocation):

Modified Paths

• trunk/Source/WebKit2/ChangeLog
• trunk/Source/WebKit2/UIProcess/mac/WKActionMenuController.mm
• trunk/Source/WebKit2/WebProcess/WebPage/WebPage.cpp

Diff

Modified: trunk/Source/WebKit2/ChangeLog (175186 => 175187)

--- trunk/Source/WebKit2/ChangeLog	2014-10-24 22:24:30 UTC (rev 175186)
+++ trunk/Source/WebKit2/ChangeLog	2014-10-24 22:27:27 UTC (rev 175187)
@@ -1,5 +1,23 @@
 2014-10-24  Beth Dakin  <bda...@apple.com>
 
+        Very large images crash in action menu code
+        https://bugs.webkit.org/show_bug.cgi?id=138059
+        -and corresponding-
+        rdar://problem/18767859
+
+        Reviewed by Tim Horton.
+
+        If the HitTestResult failed to create and image, then don’t go for the image 
+        action menu.
+        * UIProcess/mac/WKActionMenuController.mm:
+        (-[WKActionMenuController _defaultMenuItems]):
+
+        ShareableBitmap::createShareable() can fail. The result needs to be null-checked.
+        * WebProcess/WebPage/WebPage.cpp:
+        (WebKit::WebPage::performActionMenuHitTestAtLocation):
+
+2014-10-24  Beth Dakin  <bda...@apple.com>
+
         Build fix.
 
         * UIProcess/mac/WKActionMenuController.h:

Modified: trunk/Source/WebKit2/UIProcess/mac/WKActionMenuController.mm (175186 => 175187)

--- trunk/Source/WebKit2/UIProcess/mac/WKActionMenuController.mm	2014-10-24 22:24:30 UTC (rev 175186)
+++ trunk/Source/WebKit2/UIProcess/mac/WKActionMenuController.mm	2014-10-24 22:27:27 UTC (rev 175187)
@@ -362,7 +362,7 @@
 - (NSArray *)_defaultMenuItems
 {
     if (WebHitTestResult* hitTestResult = _page->activeActionMenuHitTestResult()) {
-        if (!hitTestResult->absoluteImageURL().isEmpty())
+        if (!hitTestResult->absoluteImageURL().isEmpty() && _hitTestResult.image)
             return [self _defaultMenuItemsForImage];
         if (!hitTestResult->absoluteLinkURL().isEmpty())
             return [self _defaultMenuItemsForLink];

Modified: trunk/Source/WebKit2/WebProcess/WebPage/WebPage.cpp (175186 => 175187)

--- trunk/Source/WebKit2/WebProcess/WebPage/WebPage.cpp	2014-10-24 22:24:30 UTC (rev 175186)
+++ trunk/Source/WebKit2/WebProcess/WebPage/WebPage.cpp	2014-10-24 22:27:27 UTC (rev 175187)
@@ -4821,7 +4821,8 @@
 
     if (Image* image = hitTestResult.image()) {
         actionMenuResult.image = ShareableBitmap::createShareable(IntSize(image->size()), ShareableBitmap::SupportsAlpha);
-        actionMenuResult.image->createGraphicsContext()->drawImage(image, ColorSpaceDeviceRGB, IntPoint());
+        if (actionMenuResult.image)
+            actionMenuResult.image->createGraphicsContext()->drawImage(image, ColorSpaceDeviceRGB, IntPoint());
     }
 
     send(Messages::WebPageProxy::DidPerformActionMenuHitTest(actionMenuResult));

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes