Bug 228737

Summary: Crash while reading WebGL drawing buffer if canvas image buffer allocation fails
Product: WebKit Reporter: Kimmo Kinnunen <kkinnunen>
Component: WebGLAssignee: Kimmo Kinnunen <kkinnunen>
Status: RESOLVED FIXED    
Severity: Normal CC: bfulgham, cdumez, changseok, dino, esprehn+autocc, ews-watchlist, gyuyoung.kim, kbr, kkinnunen, kondapallykalyan, sabouhallawa, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Local Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch none

Kimmo Kinnunen
Reported 2021-08-03 06:24:37 PDT
Crash while reading WebGL drawing buffer if canvas image buffer allocation fails
Attachments
Patch (7.05 KB, patch)
2021-08-03 06:32 PDT, Kimmo Kinnunen 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Kimmo Kinnunen
Comment 1 2021-08-03 06:25:15 PDT
<rdar://81150042>
Kimmo Kinnunen
Comment 2 2021-08-03 06:32:31 PDT
Created attachment 434827 [details] Patch
Brent Fulgham
Comment 3 2021-08-03 09:12:08 PDT
Comment on attachment 434827 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=434827&action=review Looks good! r=me > Source/WebCore/html/canvas/WebGLRenderingContextBase.cpp:1221 > + if (auto buffer = base.buffer()) { Is a nullptr buffer something we should report in a log message or something? Or perhaps that allocation failure is logged elsewhere?
Kimmo Kinnunen
Comment 4 2021-08-03 10:26:51 PDT
(In reply to Brent Fulgham from comment #3) > > Source/WebCore/html/canvas/WebGLRenderingContextBase.cpp:1221 > > + if (auto buffer = base.buffer()) { > > Is a nullptr buffer something we should report in a log message or > something? Or perhaps that allocation failure is logged elsewhere? Reported already in void HTMLCanvasElement::createImageBuffer() const
EWS
Comment 5 2021-08-03 10:34:55 PDT
Committed r280601 (240219@main): <https://commits.webkit.org/240219@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 434827 [details].
Note You need to log in before you can comment on or make changes to this bug.