[Webkit-unassigned] [Bug 250382] Check for non-finite points before transforming them instead of after

Thu Feb 23 12:20:23 PST 2023

https://bugs.webkit.org/show_bug.cgi?id=250382

Said Abou-Hallawa <sabouhallawa at apple.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |sabouhallawa at apple.com

--- Comment #2 from Said Abou-Hallawa <sabouhallawa at apple.com> ---
The layout tests:

1) https://github.com/WebKit/WebKit/blob/28de25b653f64ca3fc8e87fbf1d1a963329a5342/LayoutTests/fast/canvas/canvas-path-isPointInPath.html
2) https://github.com/WebKit/WebKit/blob/28de25b653f64ca3fc8e87fbf1d1a963329a5342/LayoutTests/fast/canvas/canvas-path-isPointInStroke.html

test passing NaN values to isPointInPath() and isPointInStroke().

But we are fine because the complier ensures the math with NaN values are handled correctly all the way. However I think we should check 

    if (!std::isfinite(x) || !std::isfinite(y))
        return false;

In CanvasRenderingContext2DBase::isPointInPathInternal() and CanvasRenderingContext2DBase::isPointInStrokeInternal() instead of checking the values of the transformedPoint.

We do not need to check whether the values transformedPoint.x() and transformedPoint.y() are finite because AffineTransform::mapPoint() does it math in double and then it clamp it to float.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20230223/11358b9e/attachment.htm>