Closed Bug 616401 Opened 9 years ago Closed 7 years ago

nsHTMLCanvasElement::GetContext ignores JS exceptions

Categories

(Core :: DOM: Core & HTML, defect)

defect
Not set

Tracking

()

RESOLVED FIXED
mozilla15

People

(Reporter: luke, Assigned: Ms2ger)

Details

(Whiteboard: webgl-conformance)

Attachments

(2 files)

nsHTMLCanvasElement::GetContext has a loop to the effect:

  for (...) {
    if (!JS_IdToValue(...) && !JS_GetPropertyById(...))
      continue;
    ...
  }

Thus, any exception thrown by JS_GetPropertyById (getter, invalid prop access) will be ignored or overwritten.  I'm no expert in the area, so maybe there is some higher-level design, perhaps some property of aContextOptions, that makes this not a problem.

Also, the return value of JS_ValueToString isn't tested for null.
Neither http://www.whatwg.org/specs/web-apps/current-work/complete/the-canvas-element.html#dom-canvas-getcontext nor https://cvs.khronos.org/svn/repos/registry/trunk/public/webgl/doc/spec/WebGL-spec.html#WEBGLCONTEXTATTRIBUTES seem to consider the possibility of exceptions here, and hence don't define behavior in those situations.  They probably need to do that.

Vlad, the webgl spec is probably where this should live....
QA Contact: canvas.2d → bjacob
Blocking webgl-conformance so we can't forget this.
No longer blocks: webgl-conformance
Whiteboard: webgl-conformance
Attached patch Patch v1Splinter Review
Assignee: nobody → Ms2ger
Status: NEW → ASSIGNED
Attachment #621301 - Flags: review?(bzbarsky)
Comment on attachment 621301 [details] [diff] [review]
Patch v1

diff -w would have been nice....

r=me
Attachment #621301 - Flags: review?(bzbarsky) → review+
https://hg.mozilla.org/mozilla-central/rev/09df0008b156

(In reply to Boris Zbarsky (:bz) from comment #5)
> Comment on attachment 621301 [details] [diff] [review]
> Patch v1
> 
> diff -w would have been nice....
> 
> r=me

Er, attachment 621302 [details] [diff] [review]?
Status: ASSIGNED → RESOLVED
Closed: 7 years ago
Component: Canvas: 2D → DOM: Core & HTML
Resolution: --- → FIXED
Target Milestone: --- → mozilla15
Version: unspecified → Trunk
Er, indeed....
You need to log in before you can comment on or make changes to this bug.