26453 – Null Cairo context will crash Windows Cairo Build

Bug 26453 - Null Cairo context will crash Windows Cairo Build

Summary: Null Cairo context will crash Windows Cairo Build

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	WebKit Misc. (show other bugs)
Version:	528+ (Nightly build)
Hardware:	PC Windows XP

Importance:	P2 Normal
Assignee:	Nobody

URL:
Keywords:

Depends on:
Blocks:

Reported:	2009-06-16 13:07 PDT by Brent Fulgham
Modified:	2009-06-16 13:31 PDT (History)
CC List:	0 users

See Also:

Attachments
Null check. (1.32 KB, patch) 2009-06-16 13:13 PDT, Brent Fulgham	xan.lopez: review+	Details \| Formatted Diff \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Brent Fulgham 2009-06-16 13:07:01 PDT

The DRT test suite identified a crash bug in the Windows Cairo build.

If a null platform graphics context is passed to the GraphicsContext constructor, e.g., from Line 3724 in RenderBlock.cpp:

        GraphicsContext context((PlatformGraphicsContext*)0);

The internal Windows Cairo sync function (which attempts to keep the Windows DC in sync with the Cairo one) will crash when it attempts to retrieve the Cairo surface from the null pointer (see Line 180 in GraphicsContextCairoWin.cpp):

    cairo_surface_t* surface = cairo_get_target(cr);

The fix is to check for a null pointer before attempting to do so.

Comment 1 Brent Fulgham 2009-06-16 13:13:02 PDT

Created attachment 31367 [details]
Null check.

Comment 2 Xan Lopez 2009-06-16 13:24:04 PDT

Comment on attachment 31367 [details]
Null check.

r=me

Comment 3 Brent Fulgham 2009-06-16 13:31:25 PDT

Landed in http://trac.webkit.org/changeset/44734