Closed Bug 982732 Opened 9 years ago Closed 9 years ago

Prevent ID2D1RenderTarget::CreateGradientStopCollection from being called with a stop count of zero

Tracking

()

Status:

RESOLVED DUPLICATE of bug 919757

People

(Reporter: jwatt, Assigned: jwatt)

References

Details

Jonathan Watt [:jwatt]

Assignee

Description

•

9 years ago

Working on bug 950372 I'm seeing debug assertions due to us calling ID2D1RenderTarget::CreateGradientStopCollection with a stop count of zero, for example while running content/canvas/test/test_canvas.html subtest test_2d.gradient.empty.html. The assertion is originating from d2d1debug1.dll under the stack:

  mozilla::gfx::DrawTargetD2D::CreateGradientStops
  mozilla::gfx::gfxGradientCache::GetOrCreateGradientStops
  mozilla::dom::CanvasGradient::GetGradientStopsForTarget
  mozilla::dom::CanvasRenderingContext2D::FillRect
  mozilla::dom::CanvasRenderingContext2DBinding::fillRect

The documentation for ID2D1RenderTarget::CreateGradientStopCollection says about the "gradientStopsCount" parameter "A value greater than or equal to 1 that specifies the number of gradient stops in the gradientStops array", so we should protect against passing is zero.

http://msdn.microsoft.com/en-us/library/windows/desktop/dd371830%28v=vs.85%29.aspx

Vladimir Vukicevic [:vlad] [:vladv] (needinfo me, slow to respond)

Updated

•

9 years ago

Status: NEW → RESOLVED

Closed: 9 years ago

Resolution: --- → DUPLICATE

You need to log in before you can comment on or make changes to this bug.

Bugzilla

Quick Search

Prevent ID2D1RenderTarget::CreateGradientStopCollection from being called with a stop count of zero

Categories

(Core :: Graphics, defect)

Tracking

()

People

(Reporter: jwatt, Assigned: jwatt)

References

Details

Crash Data

Security

(public)

User Story

Description

Updated