[wpt-sync] Sync PR 32836 - Fix nullptr crash when rendering text to an offscreenCanvas with BlinkMacSystemFont or -webkit-body
Categories
(Core :: DOM: Core & HTML, task, P4)
Tracking
()
Tracking | Status | |
---|---|---|
firefox99 | --- | fixed |
People
(Reporter: wpt-sync, Unassigned)
References
()
Details
(Whiteboard: [wptsync downstream])
Sync web-platform-tests PR 32836 into mozilla-central (this bug is closed when the sync is complete).
PR: https://github.com/web-platform-tests/wpt/pull/32836
Details from upstream follow.
Frédéric Wang <fwang@igalia.com> wrote:
Fix nullptr crash when rendering text to an offscreenCanvas with BlinkMacSystemFont or -webkit-body
FontDescription::FamilyDescription ConvertFontFamily(const CSSValue&,
FontBuilder*, const Document*) is called at two places:
- In FontStyleResolver::ComputeFont(), where document_for_count is
always null and additionally FontBuilder's document_ is null.- In StyleBuilderConverter::ConvertFontFamily(), where
document_for_count is always non-null ; and builder is null if and
only if document's setting is null.This means that for FontStyleResolver::ComputeFont():
- ConvertFontFamily() and ConvertFontFamilyName() must null-check
document_for_count when counting for -webkit-body and
BlinkMacSystemFont.- FontBuilder::StandardFontFamilyName() should null-check document_
when it's called via FontBuilder::GenericFontFamilyName().This CL performs the above changes and adds a crash test.
Note that the above problems don't show up from
StyleBuilderConverter::ConvertFontFamily().Bug: 1056386
Change-Id: I18a0b19756d5827a30d70a348475702ce4db47c1
Reviewed-on: https://chromium-review.googlesource.com/3460590
WPT-Export-Revision: c5fb1dc21d7d273b8c1e60cd714f85460253dce6
Assignee | ||
Updated•3 years ago
|
Assignee | ||
Updated•3 years ago
|
Assignee | ||
Updated•3 years ago
|
Assignee | ||
Comment 1•3 years ago
|
||
CI Results
Ran 0 Firefox configurations based on mozilla-central, and Firefox, Chrome, and Safari on GitHub CI
Total 1 tests
Status Summary
Firefox
PASS : 1
Chrome
CRASH: 1
Safari
PASS : 1
Links
Comment 3•3 years ago
|
||
bugherder |
Description
•