66563 – [Chromium] Crash when allocation of very large canvas fails

Bug 66563 - [Chromium] Crash when allocation of very large canvas fails

Summary: [Chromium] Crash when allocation of very large canvas fails

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	Canvas (show other bugs)
Version:	528+ (Nightly build)
Hardware:	Unspecified Windows XP

Importance:	P2 Major
Assignee:	Justin Novosad

URL:	http://www.atopon.org/maze/
Keywords:

Depends on:
Blocks:

Reported:	2011-08-19 08:40 PDT by Justin Novosad
Modified:	2011-08-22 09:02 PDT (History)
CC List:	5 users (show)

See Also:

Attachments
Patch (1.59 KB, patch) 2011-08-19 10:44 PDT, Justin Novosad	no flags	Details \| Formatted Diff \| Diff
Patch (1.94 KB, patch) 2011-08-19 10:54 PDT, Justin Novosad	no flags	Details \| Formatted Diff \| Diff
Patch (2.66 KB, patch) 2011-08-19 11:18 PDT, Justin Novosad	no flags	Details \| Formatted Diff \| Diff
Show Obsolete (2) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Justin Novosad 2011-08-19 08:40:22 PDT

This is in reference to Chromium bug: http://code.google.com/p/chromium/issues/detail?id=88038

A patch soon to land in Chromium will introduce a non-crashing version of the canvas factory function CreateBitmapCanvas.  The constructor of ImageBuffer in ImageBufferSkia.cpp must be modified to use the non-crashing version, and gracefully fail when it returns NULL.

Comment 1 Justin Novosad 2011-08-19 10:44:41 PDT

Created attachment 104525 [details]
Patch

Comment 2 WebKit Review Bot 2011-08-19 10:52:07 PDT

Comment on attachment 104525 [details]
Patch

Attachment 104525 [details] did not pass chromium-ews (chromium-xvfb):
Output: http://queues.webkit.org/results/9439367

Comment 3 Justin Novosad 2011-08-19 10:54:50 PDT

Created attachment 104527 [details]
Patch

Comment 4 Justin Novosad 2011-08-19 11:18:09 PDT

Created attachment 104529 [details]
Patch

Comment 5 Stephen White 2011-08-22 07:30:09 PDT

Comment on attachment 104529 [details]
Patch

Looks good.  r=me

Comment 6 WebKit Review Bot 2011-08-22 09:02:23 PDT

Comment on attachment 104529 [details]
Patch

Clearing flags on attachment: 104529

Committed r93512: <http://trac.webkit.org/changeset/93512>

Comment 7 WebKit Review Bot 2011-08-22 09:02:28 PDT

All reviewed patches have been landed.  Closing bug.