Diff
Modified: trunk/LayoutTests/ChangeLog (113633 => 113634)
--- trunk/LayoutTests/ChangeLog 2012-04-09 22:40:03 UTC (rev 113633)
+++ trunk/LayoutTests/ChangeLog 2012-04-09 22:40:31 UTC (rev 113634)
@@ -1,3 +1,13 @@
+2012-04-06 Zhenyao Mo <z...@google.com>
+
+ bindAttribLocation should check webgl reserved prefix
+ https://bugs.webkit.org/show_bug.cgi?id=83409
+
+ Reviewed by Kenneth Russell.
+
+ * fast/canvas/webgl/webgl-specific-expected.txt: Added webgl prefix test case for bindAttribLocation.
+ * fast/canvas/webgl/webgl-specific.html:
+
2012-04-09 James Simonsen <simon...@chromium.org>
[Chromium] Unreviewed gardening fix.
Modified: trunk/LayoutTests/fast/canvas/webgl/webgl-specific-expected.txt (113633 => 113634)
--- trunk/LayoutTests/fast/canvas/webgl/webgl-specific-expected.txt 2012-04-09 22:40:03 UTC (rev 113633)
+++ trunk/LayoutTests/fast/canvas/webgl/webgl-specific-expected.txt 2012-04-09 22:40:31 UTC (rev 113634)
@@ -60,6 +60,10 @@
Verify that drawingBufferWidth and drawingBufferHeights are implemented
PASS gl.drawingBufferWidth >= 0 && gl.drawingBufferHeight >= 0 is true
+
+Verify that bindAttribLocation rejects names start with webgl_ or _webgl_
+PASS gl.bindAttribLocation(program, 0, 'webgl_a') generated expected GL error: INVALID_OPERATION.
+PASS gl.bindAttribLocation(program, 0, '_webgl_a') generated expected GL error: INVALID_OPERATION.
PASS successfullyParsed is true
TEST COMPLETE
Modified: trunk/LayoutTests/fast/canvas/webgl/webgl-specific.html (113633 => 113634)
--- trunk/LayoutTests/fast/canvas/webgl/webgl-specific.html 2012-04-09 22:40:03 UTC (rev 113633)
+++ trunk/LayoutTests/fast/canvas/webgl/webgl-specific.html 2012-04-09 22:40:31 UTC (rev 113634)
@@ -89,6 +89,13 @@
debug("");
debug("Verify that drawingBufferWidth and drawingBufferHeights are implemented");
shouldBeTrue("gl.drawingBufferWidth >= 0 && gl.drawingBufferHeight >= 0");
+
+debug("");
+debug("Verify that bindAttribLocation rejects names start with webgl_ or _webgl_");
+shouldGenerateGLError(gl, gl.INVALID_OPERATION, "gl.bindAttribLocation(program, 0, 'webgl_a')");
+shouldGenerateGLError(gl, gl.INVALID_OPERATION, "gl.bindAttribLocation(program, 0, '_webgl_a')");
+
+successfullyParsed = true;
</script>
<script src=""
Modified: trunk/Source/WebCore/ChangeLog (113633 => 113634)
--- trunk/Source/WebCore/ChangeLog 2012-04-09 22:40:03 UTC (rev 113633)
+++ trunk/Source/WebCore/ChangeLog 2012-04-09 22:40:31 UTC (rev 113634)
@@ -1,3 +1,16 @@
+2012-04-06 Zhenyao Mo <z...@google.com>
+
+ bindAttribLocation should check webgl reserved prefix
+ https://bugs.webkit.org/show_bug.cgi?id=83409
+
+ Reviewed by Kenneth Russell.
+
+ * html/canvas/WebGLRenderingContext.cpp: Check for invalid parameters for a few functions.
+ (WebCore):
+ (WebCore::WebGLRenderingContext::bindAttribLocation):
+ (WebCore::WebGLRenderingContext::getAttribLocation):
+ (WebCore::WebGLRenderingContext::getUniformLocation):
+
2012-04-09 Timothy Hatcher <timo...@apple.com>
Fix the assertion in PageScriptDebugServer::didPause.
Modified: trunk/Source/WebCore/html/canvas/WebGLRenderingContext.cpp (113633 => 113634)
--- trunk/Source/WebCore/html/canvas/WebGLRenderingContext.cpp 2012-04-09 22:40:03 UTC (rev 113633)
+++ trunk/Source/WebCore/html/canvas/WebGLRenderingContext.cpp 2012-04-09 22:40:31 UTC (rev 113634)
@@ -165,6 +165,13 @@
return false;
}
+ bool isPrefixReserved(const String& name)
+ {
+ if (name.startsWith("gl_") || name.startsWith("webgl_") || name.startsWith("_webgl_"))
+ return true;
+ return false;
+ }
+
// Strips comments from shader text. This allows non-ASCII characters
// to be used in comments without potentially breaking OpenGL
// implementations not expecting characters outside the GLSL ES set.
@@ -847,6 +854,14 @@
return;
if (!validateString("bindAttribLocation", name))
return;
+ if (isPrefixReserved(name)) {
+ synthesizeGLError(GraphicsContext3D::INVALID_OPERATION, "bindAttribLocation", "reserved prefix");
+ return;
+ }
+ if (index >= m_maxVertexAttribs) {
+ synthesizeGLError(GraphicsContext3D::INVALID_VALUE, "bindAttribLocation", "index out of range");
+ return;
+ }
m_context->bindAttribLocation(objectOrZero(program), index, name);
cleanupAfterGraphicsCall(false);
}
@@ -2176,12 +2191,18 @@
GC3Dint WebGLRenderingContext::getAttribLocation(WebGLProgram* program, const String& name)
{
- if (isContextLost())
+ if (isContextLost() || !validateWebGLObject("getAttribLocation", program))
return -1;
if (!validateLocationLength("getAttribLocation", name))
return -1;
if (!validateString("getAttribLocation", name))
return -1;
+ if (isPrefixReserved(name))
+ return -1;
+ if (!program->getLinkStatus()) {
+ synthesizeGLError(GraphicsContext3D::INVALID_OPERATION, "getAttribLocation", "program not linked");
+ return 0;
+ }
return m_context->getAttribLocation(objectOrZero(program), name);
}
@@ -2944,6 +2965,12 @@
return 0;
if (!validateString("getUniformLocation", name))
return 0;
+ if (isPrefixReserved(name))
+ return 0;
+ if (!program->getLinkStatus()) {
+ synthesizeGLError(GraphicsContext3D::INVALID_OPERATION, "getUniformLocation", "program not linked");
+ return 0;
+ }
WebGLStateRestorer(this, false);
GC3Dint uniformLocation = m_context->getUniformLocation(objectOrZero(program), name);
if (uniformLocation == -1)
