Title: [198243] trunk/Source/WebCore
- Revision
- 198243
- Author
- [email protected]
- Date
- 2016-03-15 16:59:24 -0700 (Tue, 15 Mar 2016)
Log Message
Occasional crash under GraphicsContext::platformContext() when dragging Google maps
https://bugs.webkit.org/show_bug.cgi?id=155521
rdar://problem/24357307
Reviewed by Tim Horton.
It's possible for createDragImageForSelection() to return a null image, if the bounds
of the selection are an empty rect. That would cause a crash under convertImageToBitmap()
because a zero-sized ShareableBitmap will return a null GraphicsContext.
To avoid this, early return from DragController::startDrag() if the dragImage is null.
I wasn't able to come up with a test for this.
* page/DragController.cpp:
(WebCore::DragController::startDrag):
Modified Paths
Diff
Modified: trunk/Source/WebCore/ChangeLog (198242 => 198243)
--- trunk/Source/WebCore/ChangeLog 2016-03-15 23:51:19 UTC (rev 198242)
+++ trunk/Source/WebCore/ChangeLog 2016-03-15 23:59:24 UTC (rev 198243)
@@ -1,3 +1,22 @@
+2016-03-15 Simon Fraser <[email protected]>
+
+ Occasional crash under GraphicsContext::platformContext when dragging Google maps
+ https://bugs.webkit.org/show_bug.cgi?id=155521
+ rdar://problem/24357307
+
+ Reviewed by Tim Horton.
+
+ It's possible for createDragImageForSelection() to return a null image, if the bounds
+ of the selection are an empty rect. That would cause a crash under convertImageToBitmap()
+ because a zero-sized ShareableBitmap will return a null GraphicsContext.
+
+ To avoid this, early return from DragController::startDrag() if the dragImage is null.
+
+ I wasn't able to come up with a test for this.
+
+ * page/DragController.cpp:
+ (WebCore::DragController::startDrag):
+
2016-03-15 Tim Horton <[email protected]>
iOS <attachment> element should allow customization of action text color
Modified: trunk/Source/WebCore/page/DragController.cpp (198242 => 198243)
--- trunk/Source/WebCore/page/DragController.cpp 2016-03-15 23:51:19 UTC (rev 198242)
+++ trunk/Source/WebCore/page/DragController.cpp 2016-03-15 23:59:24 UTC (rev 198243)
@@ -838,6 +838,10 @@
dragLoc = dragLocForSelectionDrag(src);
m_dragOffset = IntPoint(dragOrigin.x() - dragLoc.x(), dragOrigin.y() - dragLoc.y());
}
+
+ if (!dragImage)
+ return false;
+
doSystemDrag(dragImage, dragLoc, dragOrigin, dataTransfer, src, false);
} else if (!src.document()->securityOrigin()->canDisplay(linkURL)) {
src.document()->addConsoleMessage(MessageSource::Security, MessageLevel::Error, "Not allowed to drag local resource: " + linkURL.stringCenterEllipsizedToLength());
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
