Bug 240629 - Safari15.4 can be CRASH when exec putImageData when imageData more than 512kb on window.open page.
Summary: Safari15.4 can be CRASH when exec putImageData when imageData more than 512kb...
Status: RESOLVED CONFIGURATION CHANGED
Alias: None
Product: WebKit
Classification: Unclassified
Component: Canvas (show other bugs)
Version: Safari 15
Hardware: All iOS 15
: P2 Blocker
Assignee: Nobody
URL:
Keywords: InRadar
Depends on:
Blocks:
 
Reported: 2022-05-18 23:34 PDT by yao zhang
Modified: 2022-06-23 12:12 PDT (History)
7 users (show)

See Also:

Attachments
crash demo (697 bytes, text/html)
2022-05-21 17:55 PDT, yao zhang 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description yao zhang 2022-05-18 23:34:10 PDT 
I simplify the way to crash on safari15.4.

Step1: window.open a page;
Step2:  CanvasRenderingContext2D.putImageData(imageData, 0, 0), than CRASH!

tip: imageData size more than 524 * 1000.
Comment 1 Alexey Proskuryakov 2022-05-19 19:15:13 PDT 
Could you please provide a test case that reproduces the issue?
Comment 2 yao zhang 2022-05-21 17:55:09 PDT 
Created attachment 459643 [details]
crash demo

Test crash after click "jump to crash".
Comment 3 Radar WebKit Bug Importer 2022-05-21 18:34:03 PDT 
<rdar://problem/93713654>
Comment 4 Bart Corremans 2022-05-23 02:06:06 PDT 
This seems fixed in Technology Preview (at least since 17614.1.11.6).

Related to https://bugs.webkit.org/show_bug.cgi?id=237674 ?