Bug 236622

Summary: Safari 15.2 crashes when degenerate webp images are decoded with createImageBitmap
Product: WebKit Reporter: ryan.hamley
Component: ImagesAssignee: Nobody <webkit-unassigned>
Status: RESOLVED DUPLICATE    
Severity: Normal CC: johncunningham, sabouhallawa, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: Safari 15   
Hardware: Mac (Intel)   
OS: macOS 12   
See Also: https://bugs.webkit.org/show_bug.cgi?id=219977
Attachments:
Description Flags
Solid black WebP image none

ryan.hamley
Reported 2022-02-14 17:07:37 PST
Created attachment 451964 [details] Solid black WebP image Safari 15.2 and 15.3 crash when decoding certain WebP images with `window.createImageBitmap`. This happens with images that have a channel depth of 1-bit in a channel (e.g. solid color images such as https://bug-219977-attachments.webkit.org/attachment.cgi?id=421723). The underlying WebP issue was logged in https://bugs.webkit.org/show_bug.cgi?id=219977 but previous versions of Safari handled the error gracefully (logging "Cannot decode the data in the argument to createImageBitmap") and error handling in sites/apps could handle the error successfully. Since Safari 15.2, the error isn't handled and causes the tab to crash. https://jsbin.com/cetawaqudo/edit?js,output is a basic reproduction using the black square image from above.
Attachments
Solid black WebP image (54 bytes, image/webp)
2022-02-14 17:07 PST, ryan.hamley 		no flags
Details
View All Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2022-02-14 19:58:42 PST
<rdar://problem/88943597>
Alexey Proskuryakov
Comment 2 2022-02-15 16:59:29 PST
This looks like a duplicate of bug 231794. Can you reproduce this with Safari technology Preview?
ryan.hamley
Comment 3 2022-02-16 13:26:34 PST
I couldn't replicate this in Tech Preview 140 so I think this is likely a duplicate and has been fixed. Thanks!
Alexey Proskuryakov
Comment 4 2022-02-18 14:51:38 PST
Thank you for confirming this! *** This bug has been marked as a duplicate of bug 231794 ***
Note You need to log in before you can comment on or make changes to this bug.