Bug 236622

Summary:

Safari 15.2 crashes when degenerate webp images are decoded with createImageBitmap

Product:

WebKit

Reporter:

ryan.hamley

Component:

Images

Assignee:

Nobody <webkit-unassigned>

Status:

RESOLVED DUPLICATE

Severity:

Normal

CC:

johncunningham, sabouhallawa, webkit-bug-importer

Priority:

Keywords:

InRadar

Version:

Safari 15

Hardware:

Mac (Intel)

OS:

macOS 12

See Also:

https://bugs.webkit.org/show_bug.cgi?id=219977

Attachments:

Description	Flags
Solid black WebP image	none

Description ryan.hamley 2022-02-14 17:07:37 PST

Created attachment 451964 [details]
Solid black WebP image

Safari 15.2 and 15.3 crash when decoding certain WebP images with `window.createImageBitmap`. This happens with images that have a channel depth of 1-bit in a channel (e.g. solid color images such as https://bug-219977-attachments.webkit.org/attachment.cgi?id=421723). The underlying WebP issue was logged in https://bugs.webkit.org/show_bug.cgi?id=219977 but previous versions of Safari handled the error gracefully (logging "Cannot decode the data in the argument to createImageBitmap") and error handling in sites/apps could handle the error successfully. Since Safari 15.2, the error isn't handled and causes the tab to crash.

https://jsbin.com/cetawaqudo/edit?js,output is a basic reproduction using the black square image from above.

Comment 1 Radar WebKit Bug Importer 2022-02-14 19:58:42 PST

<rdar://problem/88943597>

Comment 2 Alexey Proskuryakov 2022-02-15 16:59:29 PST

This looks like a duplicate of bug 231794. Can you reproduce this with Safari technology Preview?

Comment 3 ryan.hamley 2022-02-16 13:26:34 PST

I couldn't replicate this in Tech Preview 140 so I think this is likely a duplicate and has been fixed. Thanks!

Comment 4 Alexey Proskuryakov 2022-02-18 14:51:38 PST

Thank you for confirming this!

*** This bug has been marked as a duplicate of bug 231794 ***