Bug 219651 - REGRESSION(r254841): Possible null pointer reference in BitmapImage::preTransformedNativeImageForCurrentFrame()
Summary: REGRESSION(r254841): Possible null pointer reference in BitmapImage::preTrans...
Alias: None
Product: WebKit
Classification: Unclassified
Component: Images (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Said Abou-Hallawa
Keywords: InRadar
Depends on:
Reported: 2020-12-08 12:31 PST by Said Abou-Hallawa
Modified: 2020-12-08 16:11 PST (History)
3 users (show)

See Also:

Patch (2.16 KB, patch)
2020-12-08 13:09 PST, Said Abou-Hallawa
no flags Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Said Abou-Hallawa 2020-12-08 12:31:45 PST
This function was added in r254841 under the name BitmapImage::nativeImageForCurrentFrameRespectingOrientation() without checking whether the resulted image of nativeImageForCurrentFrame() is null or not. If the ImageSource is corrupted, the decoder might return a null PlatformImagePtr for the current frame. And if this happens most likely ImageSource::densityCorrectedSize() will return WTF::nullopt also. In this case, we end up calling GraphicsContext::drawPlatformImage() with a null PlatformImagePtr.
Comment 1 Said Abou-Hallawa 2020-12-08 12:43:49 PST
Comment 2 Said Abou-Hallawa 2020-12-08 13:09:39 PST
Created attachment 415666 [details]
Comment 3 EWS 2020-12-08 16:11:06 PST
Committed r270562: <https://trac.webkit.org/changeset/270562>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 415666 [details].