Bug 222402

Summary: REGRESSION(r269957): Empty font names passed to canvas2d cause all text routines to crash
Product: WebKit Reporter: Myles C. Maxfield <mmaxfield>
Component: New BugsAssignee: Myles C. Maxfield <mmaxfield>
Status: RESOLVED FIXED    
Severity: Normal CC: cdumez, changseok, clord, darin, esprehn+autocc, ews-watchlist, gyuyoung.kim, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch
darin: review+
Patch for committing none

Myles C. Maxfield
Reported 2021-02-24 21:11:33 PST
REGRESSION(r269957): Empty font names passed to canvas2d cause all text routines to crash
Attachments
Patch (9.30 KB, patch)
2021-02-24 21:13 PST, Myles C. Maxfield 		darin: review+
DetailsFormatted DiffDiff
Patch for committing (9.27 KB, patch)
2021-02-25 12:04 PST, Myles C. Maxfield 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Myles C. Maxfield
Comment 1 2021-02-24 21:13:07 PST
Created attachment 421497 [details] Patch
Myles C. Maxfield
Comment 2 2021-02-24 21:13:10 PST
<rdar://problem/72621268>
Chris Lord
Comment 3 2021-02-25 01:13:50 PST
Comment on attachment 421497 [details] Patch This looks good to me - I especially like the added assert and tests. Indeed, it was an oversight in the original change, it looks like I missed the `if (parsedStyle->isEmpty()) return` that was previously there... Doh!
Darin Adler
Comment 4 2021-02-25 08:40:11 PST
Comment on attachment 421497 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=421497&action=review > Source/WebCore/html/canvas/CanvasRenderingContext2D.cpp:137 > + modifiableState().unparsedFont = newFontSafeCopy; > + > + modifiableState().font.initialize(document.fontSelector(), *fontStyle); I think this code is easier to understand if these two are in a single paragraph, not two separate ones. > Source/WebCore/html/canvas/CanvasRenderingContext2D.cpp:139 > + ASSERT(state().font.realized() && state().font.isPopulated()); Why not two separate asserts? That way it’s slightly easier to tell which of the two failed. > Source/WebCore/html/canvas/CanvasRenderingContext2DBase.h:238 > + bool isPopulated() const { return m_font.fonts(); } It’s a little frustrating to make something like this public just so we can do an assertion. Minimizing interfaces often makes the code more maintainable in the long run.
Myles C. Maxfield
Comment 5 2021-02-25 12:03:44 PST
Comment on attachment 421497 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=421497&action=review >> Source/WebCore/html/canvas/CanvasRenderingContext2DBase.h:238 >> + bool isPopulated() const { return m_font.fonts(); } > > It’s a little frustrating to make something like this public just so we can do an assertion. Minimizing interfaces often makes the code more maintainable in the long run. I can surround it with #if ASSERT_ENABLED
Myles C. Maxfield
Comment 6 2021-02-25 12:04:37 PST
Created attachment 421551 [details] Patch for committing
Darin Adler
Comment 7 2021-02-25 12:29:08 PST
Comment on attachment 421497 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=421497&action=review >>> Source/WebCore/html/canvas/CanvasRenderingContext2DBase.h:238 >>> + bool isPopulated() const { return m_font.fonts(); } >> >> It’s a little frustrating to make something like this public just so we can do an assertion. Minimizing interfaces often makes the code more maintainable in the long run. > > I can surround it with #if ASSERT_ENABLED Well, I don’t think that makes it better, but I don’t object to doing that if you do think it does.
EWS
Comment 8 2021-02-25 14:14:22 PST
Committed r273512: <https://commits.webkit.org/r273512> All reviewed patches have been landed. Closing bug and clearing flags on attachment 421551 [details].
Note You need to log in before you can comment on or make changes to this bug.