[webkit-changes] [WebKit/WebKit] 35f090: [UnifiedPDF] Crash in UnifiedPDFPlugin::repaintFor...

Thu May 23 08:31:12 PDT 2024

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 35f09068c7e287e8b5466353a7cb742e33b8492a
      https://github.com/WebKit/WebKit/commit/35f09068c7e287e8b5466353a7cb742e33b8492a
  Author: Simon Fraser <simon.fraser at apple.com>
  Date:   2024-05-23 (Thu, 23 May 2024)

  Changed paths:
    A LayoutTests/http/tests/pdf/linearized-pdf-in-display-none-iframe-expected.txt
    A LayoutTests/http/tests/pdf/linearized-pdf-in-display-none-iframe.html
    M LayoutTests/http/tests/pdf/linearized-pdf-in-iframe.html
    M Source/WebKit/WebProcess/Plugins/PDF/UnifiedPDF/UnifiedPDFPlugin.mm

  Log Message:
  -----------
  [UnifiedPDF] Crash in UnifiedPDFPlugin::repaintForIncrementalLoad() loading charbonnelchocolates.com page
https://bugs.webkit.org/show_bug.cgi?id=274563
rdar://128316806

Reviewed by Abrar Rahman Protyasha.

repaintForIncrementalLoad() can get called before the main thread has a PDFDocument or has created any layers,
so early return in that case. This web page has a `display:none` iframe with PDF contents, which triggered
this crash.

* LayoutTests/http/tests/pdf/linearized-pdf-in-display-none-iframe-expected.txt: Added.
* LayoutTests/http/tests/pdf/linearized-pdf-in-display-none-iframe.html: Copied from LayoutTests/http/tests/pdf/linearized-pdf-in-iframe.html.
* LayoutTests/http/tests/pdf/linearized-pdf-in-iframe.html:
* Source/WebKit/WebProcess/Plugins/PDF/UnifiedPDF/UnifiedPDFPlugin.mm:
(WebKit::UnifiedPDFPlugin::repaintForIncrementalLoad):

Canonical link: https://commits.webkit.org/279203@main

To unsubscribe from these emails, change your notification settings at https://github.com/WebKit/WebKit/settings/notifications