[Webkit-unassigned] [Bug 236622] New: Safari 15.2 crashes when degenerate webp images are decoded with createImageBitmap
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Feb 14 17:07:37 PST 2022
https://bugs.webkit.org/show_bug.cgi?id=236622
Bug ID: 236622
Summary: Safari 15.2 crashes when degenerate webp images are
decoded with createImageBitmap
Product: WebKit
Version: Safari 15
Hardware: Mac (Intel)
OS: macOS 12
Status: NEW
Severity: Normal
Priority: P2
Component: Images
Assignee: webkit-unassigned at lists.webkit.org
Reporter: ryan.hamley at mapbox.com
CC: sabouhallawa at apple.com
Created attachment 451964
--> https://bugs.webkit.org/attachment.cgi?id=451964&action=review
Solid black WebP image
Safari 15.2 and 15.3 crash when decoding certain WebP images with `window.createImageBitmap`. This happens with images that have a channel depth of 1-bit in a channel (e.g. solid color images such as https://bug-219977-attachments.webkit.org/attachment.cgi?id=421723). The underlying WebP issue was logged in https://bugs.webkit.org/show_bug.cgi?id=219977 but previous versions of Safari handled the error gracefully (logging "Cannot decode the data in the argument to createImageBitmap") and error handling in sites/apps could handle the error successfully. Since Safari 15.2, the error isn't handled and causes the tab to crash.
https://jsbin.com/cetawaqudo/edit?js,output is a basic reproduction using the black square image from above.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20220215/30000fc9/attachment.htm>
More information about the webkit-unassigned
mailing list