RESOLVED FIXED 231794
Avoid null pointer dereference when creating ImageBitmap from a null image 
https://bugs.webkit.org/show_bug.cgi?id=231794
Summary Avoid null pointer dereference when creating ImageBitmap from a null image
John Cunningham
Reported 2021-10-14 21:40:02 PDT
Reject createImageBitmap request earlier if the image is null. Also, check that the native image is nonnull when requesting the colorspace, otherwise, return a default of SRGB.
Attachments
Patch (2.45 KB, patch)
2021-10-14 21:43 PDT, John Cunningham 		no flags
DetailsFormatted DiffDiff
Patch (4.84 KB, patch)
2021-10-19 20:14 PDT, John Cunningham 		no flags
DetailsFormatted DiffDiff
Patch (4.84 KB, patch)
2021-10-19 20:29 PDT, John Cunningham 		no flags
DetailsFormatted DiffDiff
Show Obsolete (2) View All Add attachment proposed patch, testcase, etc.
John Cunningham
Comment 1 2021-10-14 21:43:50 PDT
Created attachment 441331 [details] Patch
John Cunningham
Comment 2 2021-10-14 21:43:53 PDT
<rdar://problem/83829802>
Cameron McCormack (:heycam)
Comment 3 2021-10-14 21:51:42 PDT
Comment on attachment 441331 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=441331&action=review Non-reviewer r=me. > Source/WebCore/ChangeLog:3 > + Reject createImageBitmap request earlier if the image is null. Also, fix a null ptr deref by checking that the native image is nonnull when requesting the colorspace, otherwise, return a default of SRGB. Nit: Two sentences is a bit long for this line. :-) I would mention the more important fix here like "Avoid null pointer dereference when creating ImageBitmap from a null image", and then put the details about defaulting to sRGB and rejecting the promise earlier below, just below the "Reviewed by" line.
Said Abou-Hallawa
Comment 4 2021-10-18 20:31:33 PDT
Comment on attachment 441331 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=441331&action=review r=me based on Cameron's review. >> Source/WebCore/ChangeLog:3 >> + Reject createImageBitmap request earlier if the image is null. Also, fix a null ptr deref by checking that the native image is nonnull when requesting the colorspace, otherwise, return a default of SRGB. > > Nit: Two sentences is a bit long for this line. :-) I would mention the more important fix here like "Avoid null pointer dereference when creating ImageBitmap from a null image", and then put the details about defaulting to sRGB and rejecting the promise earlier below, just below the "Reviewed by" line. Yes please change it to the shorter description. > Source/WebCore/ChangeLog:9 > + No new tests (OOPS!). This line should be removed before committing. It will be great if we can get a layout test though.
John Cunningham
Comment 5 2021-10-19 20:14:50 PDT
Created attachment 441838 [details] Patch
John Cunningham
Comment 6 2021-10-19 20:29:11 PDT
Created attachment 441840 [details] Patch
EWS
Comment 7 2021-10-20 01:09:02 PDT
Committed r284522 (243265@main): <https://commits.webkit.org/243265@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 441840 [details].
Alexey Proskuryakov
Comment 8 2022-02-18 14:51:38 PST
*** Bug 236622 has been marked as a duplicate of this bug. ***
Note You need to log in before you can comment on or make changes to this bug.