corysanin/tubestation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Bug 1362303 - Don't use a Shmem we failed to allocate in nsContentUtils. r=Bas

Browse Source
This commit is contained in:
Nicolas Silva
2017-05-15 12:15:48 +02:00
parent dfa37f98c7
commit 70f7fd76f9
3 changed files with 34 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
dom/base/nsContentUtils.cpp
View File

@@ -8127,17 +8127,19 @@ nsContentUtils::TransferableToIPCTransferable(nsITransferable* aTransferable,
} }
size_t length; size_t length;
int32_t stride; int32_t stride;
Shmem surfaceData;
IShmemAllocator* allocator = aChild ? static_cast<IShmemAllocator*>(aChild) IShmemAllocator* allocator = aChild ? static_cast<IShmemAllocator*>(aChild)
: static_cast<IShmemAllocator*>(aParent); : static_cast<IShmemAllocator*>(aParent);
GetSurfaceData(dataSurface, &length, &stride, Maybe<Shmem> surfaceData = GetSurfaceData(dataSurface, &length, &stride,
allocator, allocator);
&surfaceData);
if (surfaceData.isNothing()) {
continue;
}
IPCDataTransferItem* item = aIPCDataTransfer->items().AppendElement(); IPCDataTransferItem* item = aIPCDataTransfer->items().AppendElement();
item->flavor() = flavorStr; item->flavor() = flavorStr;
// Turn item->data() into an nsCString prior to accessing it. // Turn item->data() into an nsCString prior to accessing it.
item->data() = surfaceData; item->data() = surfaceData.ref();
IPCDataTransferImage& imageDetails = item->imageDetails(); IPCDataTransferImage& imageDetails = item->imageDetails();
mozilla::gfx::IntSize size = dataSurface->GetSize(); mozilla::gfx::IntSize size = dataSurface->GetSize();
@@ -8287,7 +8289,7 @@ struct GetSurfaceDataRawBuffer
// a shared memory buffer. // a shared memory buffer.
struct GetSurfaceDataShmem struct GetSurfaceDataShmem
{ {
using ReturnType = Shmem; using ReturnType = Maybe<Shmem>;
using BufferType = char*; using BufferType = char*;
explicit GetSurfaceDataShmem(IShmemAllocator* aAllocator) explicit GetSurfaceDataShmem(IShmemAllocator* aAllocator)
@@ -8296,17 +8298,18 @@ struct GetSurfaceDataShmem
ReturnType Allocate(size_t aSize) ReturnType Allocate(size_t aSize)
{ {
Shmem returnValue; Shmem shmem;
mAllocator->AllocShmem(aSize, if (!mAllocator->AllocShmem(aSize, SharedMemory::TYPE_BASIC, &shmem)) {
SharedMemory::TYPE_BASIC, return Nothing();
&returnValue); }
return returnValue;
return Some(shmem);
} }
static BufferType static BufferType
GetBuffer(const ReturnType& aReturnValue) GetBuffer(const ReturnType& aReturnValue)
{ {
return aReturnValue.get<char>(); return aReturnValue.isSome() ? aReturnValue.ref().get<char>() : nullptr;
} }
static ReturnType static ReturnType
@@ -8374,14 +8377,13 @@ nsContentUtils::GetSurfaceData(
return GetSurfaceDataImpl(aSurface, aLength, aStride); return GetSurfaceDataImpl(aSurface, aLength, aStride);
} }
void Maybe<Shmem>
nsContentUtils::GetSurfaceData(mozilla::gfx::DataSourceSurface* aSurface, nsContentUtils::GetSurfaceData(mozilla::gfx::DataSourceSurface* aSurface,
size_t* aLength, int32_t* aStride, size_t* aLength, int32_t* aStride,
IShmemAllocator* aAllocator, IShmemAllocator* aAllocator)
Shmem *aOutShmem)
{ {
*aOutShmem = GetSurfaceDataImpl(aSurface, aLength, aStride, return GetSurfaceDataImpl(aSurface, aLength, aStride,
GetSurfaceDataShmem(aAllocator)); GetSurfaceDataShmem(aAllocator));
} }
mozilla::Modifiers mozilla::Modifiers

9
dom/base/nsContentUtils.h
View File

@@ -35,6 +35,7 @@
#include "mozilla/net/ReferrerPolicy.h" #include "mozilla/net/ReferrerPolicy.h"
#include "mozilla/Logging.h" #include "mozilla/Logging.h"
#include "mozilla/NotNull.h" #include "mozilla/NotNull.h"
#include "mozilla/Maybe.h"
#include "nsIContentPolicy.h" #include "nsIContentPolicy.h"
#include "nsIDocument.h" #include "nsIDocument.h"
#include "nsPIDOMWindow.h" #include "nsPIDOMWindow.h"
@@ -2673,10 +2674,10 @@ public:
* Get the pixel data from the given source surface and fill it in Shmem. * Get the pixel data from the given source surface and fill it in Shmem.
* The length and stride will be assigned from the surface. * The length and stride will be assigned from the surface.
*/ */
static void GetSurfaceData(mozilla::gfx::DataSourceSurface* aSurface, static mozilla::Maybe<mozilla::ipc::Shmem>
size_t* aLength, int32_t* aStride, GetSurfaceData(mozilla::gfx::DataSourceSurface* aSurface,
mozilla::ipc::IShmemAllocator* aAlloc, size_t* aLength, int32_t* aStride,
mozilla::ipc::Shmem *aOutShmem); mozilla::ipc::IShmemAllocator* aAlloc);
// Helpers shared by the implementations of nsContentUtils methods and // Helpers shared by the implementations of nsContentUtils methods and
// nsIDOMWindowUtils methods. // nsIDOMWindowUtils methods.

13
widget/nsDragServiceProxy.cpp
View File

@@ -55,9 +55,16 @@ nsDragServiceProxy::InvokeDragSessionImpl(nsIArray* aArrayTransferables,
if (dataSurface) { if (dataSurface) {
size_t length; size_t length;
int32_t stride; int32_t stride;
Shmem surfaceData; Maybe<Shmem> maybeShm = nsContentUtils::GetSurfaceData(dataSurface,
nsContentUtils::GetSurfaceData(dataSurface, &length, &stride, child, &length,
&surfaceData); &stride,
child);
if (maybeShm.isNothing()) {
return NS_ERROR_FAILURE;
}
auto surfaceData = maybeShm.value();
// Save the surface data to shared memory. // Save the surface data to shared memory.
if (!surfaceData.IsReadable() || !surfaceData.get<char>()) { if (!surfaceData.IsReadable() || !surfaceData.get<char>()) {
NS_WARNING("Failed to create shared memory for drag session."); NS_WARNING("Failed to create shared memory for drag session.");