Bug 163670: Refine assertions in WebCore::ImageData constructors
authorddkilzer@apple.com <ddkilzer@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 19 Oct 2016 19:52:38 +0000 (19:52 +0000)
committerddkilzer@apple.com <ddkilzer@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 19 Oct 2016 19:52:38 +0000 (19:52 +0000)
commit715d16271e12db900a392df9225f622be576f1c7
tree904cfdaf6dd759d4e318f6e15af2de1e080bee02
parent3a6a1125c6459f5b82d561dacbf11b848d60b739
Bug 163670: Refine assertions in WebCore::ImageData constructors
<https://webkit.org/b/163670>
<rdar://problem/27497338>

Reviewed by Brent Fulgham.

No new tests because there is no change in nominal behavior.

* html/ImageData.cpp:
(WebCore::ImageData::ImageData(const IntSize&)): Change to use
ASSERT() since the worst-case scenario here is a nullptr deref.
Switch to IntSize::area() to compute the area.
(WebCore::ImageData::ImageData(const IntSize&, Ref<Uint8ClampedArray>&&)):
Add ASSERT() identical to the previous constructor, and change
ASSERT_WITH_SECURITY_IMPLICATION() to only fire when m_data is
not nullptr and the length check fails.  Switch to
IntSize::area() to compute the area.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@207560 268f45cc-cd09-0410-ab3c-d52691b4dbfc
Source/WebCore/ChangeLog
Source/WebCore/html/ImageData.cpp