Bug 228737

Summary: Crash while reading WebGL drawing buffer if canvas image buffer allocation fails
Product: WebKit Reporter: Kimmo Kinnunen <kkinnunen>
Component: WebGLAssignee: Kimmo Kinnunen <kkinnunen>
Status: RESOLVED FIXED    
Severity: Normal CC: bfulgham, cdumez, changseok, dino, esprehn+autocc, ews-watchlist, gyuyoung.kim, kbr, kkinnunen, kondapallykalyan, sabouhallawa, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Local Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch none

Description Kimmo Kinnunen 2021-08-03 06:24:37 PDT 
Crash while reading WebGL drawing buffer if canvas image buffer allocation fails
Comment 1 Kimmo Kinnunen 2021-08-03 06:25:15 PDT 
<rdar://81150042>
Comment 2 Kimmo Kinnunen 2021-08-03 06:32:31 PDT 
Created attachment 434827 [details]
Patch
Comment 3 Brent Fulgham 2021-08-03 09:12:08 PDT 
Comment on attachment 434827 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=434827&action=review

Looks good! r=me

> Source/WebCore/html/canvas/WebGLRenderingContextBase.cpp:1221
> +            if (auto buffer = base.buffer()) {

Is a nullptr buffer something we should report in a log message or something? Or perhaps that allocation failure is logged elsewhere?
Comment 4 Kimmo Kinnunen 2021-08-03 10:26:51 PDT 
(In reply to Brent Fulgham from comment #3)
> > Source/WebCore/html/canvas/WebGLRenderingContextBase.cpp:1221
> > +            if (auto buffer = base.buffer()) {
> 
> Is a nullptr buffer something we should report in a log message or
> something? Or perhaps that allocation failure is logged elsewhere?

Reported already in void HTMLCanvasElement::createImageBuffer() const
Comment 5 EWS 2021-08-03 10:34:55 PDT 
Committed r280601 (240219@main): <https://commits.webkit.org/240219@main>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 434827 [details].