Summary: | Crash while reading WebGL drawing buffer if canvas image buffer allocation fails | ||||||
---|---|---|---|---|---|---|---|
Product: | WebKit | Reporter: | Kimmo Kinnunen <kkinnunen> | ||||
Component: | WebGL | Assignee: | Kimmo Kinnunen <kkinnunen> | ||||
Status: | RESOLVED FIXED | ||||||
Severity: | Normal | CC: | bfulgham, cdumez, changseok, dino, esprehn+autocc, ews-watchlist, gyuyoung.kim, kbr, kkinnunen, kondapallykalyan, sabouhallawa, webkit-bug-importer | ||||
Priority: | P2 | Keywords: | InRadar | ||||
Version: | WebKit Local Build | ||||||
Hardware: | Unspecified | ||||||
OS: | Unspecified | ||||||
Attachments: |
|
Description
Kimmo Kinnunen
2021-08-03 06:24:37 PDT
Created attachment 434827 [details]
Patch
Comment on attachment 434827 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=434827&action=review Looks good! r=me > Source/WebCore/html/canvas/WebGLRenderingContextBase.cpp:1221 > + if (auto buffer = base.buffer()) { Is a nullptr buffer something we should report in a log message or something? Or perhaps that allocation failure is logged elsewhere? (In reply to Brent Fulgham from comment #3) > > Source/WebCore/html/canvas/WebGLRenderingContextBase.cpp:1221 > > + if (auto buffer = base.buffer()) { > > Is a nullptr buffer something we should report in a log message or > something? Or perhaps that allocation failure is logged elsewhere? Reported already in void HTMLCanvasElement::createImageBuffer() const Committed r280601 (240219@main): <https://commits.webkit.org/240219@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 434827 [details]. |