Title: [93640] trunk/Source/WebCore
- Revision
- 93640
- Author
- [email protected]
- Date
- 2011-08-23 15:09:23 -0700 (Tue, 23 Aug 2011)
Log Message
[chromium] Fix potential nullptr deref in TiledLayerChromium::pushPropertiesTo
https://bugs.webkit.org/show_bug.cgi?id=66808
Reviewed by James Robinson.
* platform/graphics/chromium/TiledLayerChromium.cpp:
(WebCore::TiledLayerChromium::pushPropertiesTo):
* platform/graphics/chromium/cc/CCTiledLayerImpl.cpp:
(WebCore::CCTiledLayerImpl::draw):
Modified Paths
Diff
Modified: trunk/Source/WebCore/ChangeLog (93639 => 93640)
--- trunk/Source/WebCore/ChangeLog 2011-08-23 22:01:56 UTC (rev 93639)
+++ trunk/Source/WebCore/ChangeLog 2011-08-23 22:09:23 UTC (rev 93640)
@@ -1,3 +1,15 @@
+2011-08-23 Adrienne Walker <[email protected]>
+
+ [chromium] Fix potential nullptr deref in TiledLayerChromium::pushPropertiesTo
+ https://bugs.webkit.org/show_bug.cgi?id=66808
+
+ Reviewed by James Robinson.
+
+ * platform/graphics/chromium/TiledLayerChromium.cpp:
+ (WebCore::TiledLayerChromium::pushPropertiesTo):
+ * platform/graphics/chromium/cc/CCTiledLayerImpl.cpp:
+ (WebCore::CCTiledLayerImpl::draw):
+
2011-08-23 Peter Kasting <[email protected]>
Unreviewed, rolling out r93452.
Modified: trunk/Source/WebCore/platform/graphics/chromium/TiledLayerChromium.cpp (93639 => 93640)
--- trunk/Source/WebCore/platform/graphics/chromium/TiledLayerChromium.cpp 2011-08-23 22:01:56 UTC (rev 93639)
+++ trunk/Source/WebCore/platform/graphics/chromium/TiledLayerChromium.cpp 2011-08-23 22:09:23 UTC (rev 93640)
@@ -241,6 +241,11 @@
LayerChromium::pushPropertiesTo(layer);
CCTiledLayerImpl* tiledLayer = static_cast<CCTiledLayerImpl*>(layer);
+ if (!m_tiler) {
+ tiledLayer->setSkipsDraw(true);
+ return;
+ }
+
tiledLayer->setTilingTransform(tilingTransform());
tiledLayer->setSkipsDraw(m_skipsDraw);
tiledLayer->setTextureOrientation(m_textureOrientation);
Modified: trunk/Source/WebCore/platform/graphics/chromium/cc/CCTiledLayerImpl.cpp (93639 => 93640)
--- trunk/Source/WebCore/platform/graphics/chromium/cc/CCTiledLayerImpl.cpp 2011-08-23 22:01:56 UTC (rev 93639)
+++ trunk/Source/WebCore/platform/graphics/chromium/cc/CCTiledLayerImpl.cpp 2011-08-23 22:09:23 UTC (rev 93640)
@@ -96,7 +96,7 @@
{
const IntRect& layerRect = visibleLayerRect();
- if (m_skipsDraw || m_tiler->isEmpty() || layerRect.isEmpty() || !layerRenderer())
+ if (m_skipsDraw || !m_tiler || m_tiler->isEmpty() || layerRect.isEmpty() || !layerRenderer())
return;
#if defined(OS_CHROMEOS)
_______________________________________________
webkit-changes mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo.cgi/webkit-changes
