Title: [190490] branches/safari-601-branch/Source/WebCore
- Revision
- 190490
- Author
- [email protected]
- Date
- 2015-10-02 06:56:34 -0700 (Fri, 02 Oct 2015)
Log Message
Merge r188622. rdar://problem/22802016
Modified Paths
Diff
Modified: branches/safari-601-branch/Source/WebCore/ChangeLog (190489 => 190490)
--- branches/safari-601-branch/Source/WebCore/ChangeLog 2015-10-02 13:56:29 UTC (rev 190489)
+++ branches/safari-601-branch/Source/WebCore/ChangeLog 2015-10-02 13:56:34 UTC (rev 190490)
@@ -1,5 +1,29 @@
2015-10-02 Matthew Hanson <[email protected]>
+ Merge r188622. rdar://problem/22802016
+
+ 2015-08-18 Dean Jackson <[email protected]>
+
+ Add null check in ImageBufferData::getData
+ https://bugs.webkit.org/show_bug.cgi?id=148156
+ <rdar://problem/22337157>
+
+ Reviewed by Simon Fraser.
+
+ We're getting a number of crash reports that suggest the allocation
+ of the result buffer has failed, but have been unable to reproduce.
+ This patch adds a null check to the allocation, and logs a message
+ to the system console. This might avoid the crashes, and hopefully
+ we'll see the message.
+
+ No new tests, since we're unable to reproduce this crash.
+
+ * platform/graphics/cg/ImageBufferDataCG.cpp:
+ (WebCore::ImageBufferData::getData): Add a null-check and early
+ return.
+
+2015-10-02 Matthew Hanson <[email protected]>
+
Merge r188298. rdar://problem/22885242
2015-08-11 Zalan Bujtas <[email protected]>
Modified: branches/safari-601-branch/Source/WebCore/platform/graphics/cg/ImageBufferDataCG.cpp (190489 => 190490)
--- branches/safari-601-branch/Source/WebCore/platform/graphics/cg/ImageBufferDataCG.cpp 2015-10-02 13:56:29 UTC (rev 190489)
+++ branches/safari-601-branch/Source/WebCore/platform/graphics/cg/ImageBufferDataCG.cpp 2015-10-02 13:56:34 UTC (rev 190490)
@@ -106,7 +106,11 @@
RefPtr<Uint8ClampedArray> result = Uint8ClampedArray::createUninitialized(area.unsafeGet());
unsigned char* resultData = result->data();
-
+ if (!resultData) {
+ WTFLogAlways("ImageBufferData: Unable to create buffer. Requested size was %d x %d = %u\n", rect.width(), rect.height(), area.unsafeGet());
+ return nullptr;
+ }
+
Checked<int> endx = rect.maxX();
endx *= ceilf(resolutionScale);
Checked<int> endy = rect.maxY();
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
