[webkit-reviews] review requested: [Bug 27777] ImageSourceCG makes bad data refs (race condition causes blank images) : [Attachment 43462] Patch to fix crash
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Nov 18 14:30:04 PST 2009
Avi Drissman <avi at drissman.com> has asked for review:
Bug 27777: ImageSourceCG makes bad data refs (race condition causes blank
images)
https://bugs.webkit.org/show_bug.cgi?id=27777
Attachment 43462: Patch to fix crash
https://bugs.webkit.org/attachment.cgi?id=43462&action=review
------- Additional Comments from Avi Drissman <avi at drissman.com>
This ensures that when CG tries to access the data backing the image, it always
gets something valid.
BTW, technically-speaking, PDFDocumentImage::dataChanged has the same bug since
it uses CFDataCreateWithBytesNoCopy. Mitigating it is the fact that it owns its
data (it's a subclass of Image) and therefore holds the ref, and it only
creates the CFDataRef once the transfer is complete, ensuring that the
underlying buffer won't be growing further and invalidating the data pointer.
More information about the webkit-reviews
mailing list