RESOLVED FIXED 170912
[iOS, macOS] Guard against passing nullptr to vImagePremultiplyData 
https://bugs.webkit.org/show_bug.cgi?id=170912
Summary [iOS, macOS] Guard against passing nullptr to vImagePremultiplyData
Brent Fulgham
Reported 2017-04-17 13:35:27 PDT
If the system is under heavy memory pressure, it is possible for a calloc to fail, resulting in an ImageBuffer with a nullptr data member. We should return from an attempt to perform ImageBuffer::putData on a nullptr without taking any action, or perhaps RELEASE_ASSERT that we encountered this case. Since the memory pressure may be transient, it seems reasonable to just bail out early; a future attempt may succeed.
Attachments
Patch (1.38 KB, patch)
2017-04-17 13:38 PDT, Brent Fulgham 		no flags
DetailsFormatted DiffDiff
Patch (2.92 KB, patch)
2017-04-18 17:17 PDT, Brent Fulgham 		beidson: review+
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Brent Fulgham
Comment 1 2017-04-17 13:38:05 PDT
Created attachment 307292 [details] Patch
Brent Fulgham
Comment 2 2017-04-18 13:12:55 PDT
<rdar://problem/30565800>
Brady Eidson
Comment 3 2017-04-18 16:59:42 PDT
Comment on attachment 307292 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=307292&action=review > Source/WebCore/platform/graphics/cg/ImageBufferDataCG.cpp:444 > + ASSERT(data); > + if (!data) > + return; We can't really both expect that is' impossible to have a null data (like the assert says) but also expect it is possible to have a null data (like the early return says) If it's truly impossible, we need to know why. If it's truly possible (such as we commonly get into the case where memory can't be allocated), then the ASSERT should be dropped.
Brent Fulgham
Comment 4 2017-04-18 17:16:58 PDT
Comment on attachment 307292 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=307292&action=review >> Source/WebCore/platform/graphics/cg/ImageBufferDataCG.cpp:444 >> + return; > > We can't really both expect that is' impossible to have a null data (like the assert says) but also expect it is possible to have a null data (like the early return says) > > If it's truly impossible, we need to know why. > > If it's truly possible (such as we commonly get into the case where memory can't be allocated), then the ASSERT should be dropped. Good point. I'll revise.
Brent Fulgham
Comment 5 2017-04-18 17:17:02 PDT
Created attachment 307439 [details] Patch
Brent Fulgham
Comment 6 2017-04-19 09:17:55 PDT
Committed r215514: <http://trac.webkit.org/changeset/215514>
Note You need to log in before you can comment on or make changes to this bug.