138817 – Avoid re-encoding action menu image data

Bug 138817 - Avoid re-encoding action menu image data

Summary: Avoid re-encoding action menu image data

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	New Bugs (show other bugs)
Version:	528+ (Nightly build)
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Tim Horton

URL:
Keywords:

Depends on:
Blocks:

Reported:	2014-11-17 18:26 PST by Tim Horton
Modified:	2014-11-18 22:10 PST (History)
CC List:	5 users (show)

See Also:

Attachments
Patch (15.29 KB, patch) 2014-11-17 18:27 PST, Tim Horton	andersca: review+	Details \| Formatted Diff \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Tim Horton 2014-11-17 18:26:43 PST

Avoid re-encoding action menu image data

Comment 1 Tim Horton 2014-11-17 18:27:20 PST

Created attachment 241756 [details]
Patch

Comment 2 Beth Dakin 2014-11-17 20:11:00 PST

Do we want to mimic any of this in WK1 code? WebActionMenuController also still hardcodes jpg even though it probably already have enough information to avoid that.

Comment 3 Tim Horton 2014-11-17 23:30:55 PST

(In reply to comment #2)
> Do we want to mimic any of this in WK1 code? WebActionMenuController also
> still hardcodes jpg even though it probably already have enough information
> to avoid that.

This patch fixes both WebKits.

Comment 4 Anders Carlsson 2014-11-18 11:03:27 PST

Comment on attachment 241756 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=241756&action=review

> Source/WebKit/mac/WebView/WebActionMenuController.mm:415
> +    RefPtr<SharedBuffer> buffer = image->data();

Can buffer ever be null here?

Comment 5 Tim Horton 2014-11-18 14:55:07 PST

http://trac.webkit.org/changeset/176288

Comment 6 Alexey Proskuryakov 2014-11-18 22:10:46 PST

Does this bring image codec code execution vulnerabilities into UI process?