Bug 219651

Summary: REGRESSION(r254841): Possible null pointer reference in BitmapImage::preTransformedNativeImageForCurrentFrame()
Product: WebKit Reporter: Said Abou-Hallawa <sabouhallawa>
Component: ImagesAssignee: Said Abou-Hallawa <sabouhallawa>
Status: RESOLVED FIXED    
Severity: Normal CC: simon.fraser, thorton, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch none

Description Said Abou-Hallawa 2020-12-08 12:31:45 PST
This function was added in r254841 under the name BitmapImage::nativeImageForCurrentFrameRespectingOrientation() without checking whether the resulted image of nativeImageForCurrentFrame() is null or not. If the ImageSource is corrupted, the decoder might return a null PlatformImagePtr for the current frame. And if this happens most likely ImageSource::densityCorrectedSize() will return WTF::nullopt also. In this case, we end up calling GraphicsContext::drawPlatformImage() with a null PlatformImagePtr.
Comment 1 Said Abou-Hallawa 2020-12-08 12:43:49 PST
<rdar://problem/71907384>
Comment 2 Said Abou-Hallawa 2020-12-08 13:09:39 PST
Created attachment 415666 [details]
Patch
Comment 3 EWS 2020-12-08 16:11:06 PST
Committed r270562: <https://trac.webkit.org/changeset/270562>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 415666 [details].