45937 – [chromium] ImageLayerChromium texture updates must be clipped to the size of the texture

Bug 45937 - [chromium] ImageLayerChromium texture updates must be clipped to the size of the texture

Summary: [chromium] ImageLayerChromium texture updates must be clipped to the size of ...

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	WebCore Misc. (show other bugs)
Version:	528+ (Nightly build)
Hardware:	All All

Importance:	P2 Normal
Assignee:	Vangelis Kokkevis

URL:
Keywords:

Depends on:
Blocks:

Reported:	2010-09-16 17:40 PDT by Vangelis Kokkevis
Modified:	2010-09-17 09:28 PDT (History)
CC List:	1 user (show)

See Also:

Attachments
Proposed patch (1.64 KB, patch) 2010-09-16 17:47 PDT, Vangelis Kokkevis	jamesr: review+	Details \| Formatted Diff \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Vangelis Kokkevis 2010-09-16 17:40:47 PDT

Currently the dirty rect used to update the texture can be larger than the size of the texture which can result in a crash. Dirty rects can get out of sync with image sizes if the compositor is behind in rendering and the Image has changed size in the meantime.

Comment 1 Vangelis Kokkevis 2010-09-16 17:47:04 PDT

Created attachment 67867 [details]
Proposed patch

Comment 2 Vangelis Kokkevis 2010-09-17 09:28:44 PDT

Committed r67714: <http://trac.webkit.org/changeset/67714>