Integer calculation issues in DataView constructor
authorjianli@chromium.org <jianli@chromium.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 2 Dec 2010 23:39:41 +0000 (23:39 +0000)
committerjianli@chromium.org <jianli@chromium.org@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 2 Dec 2010 23:39:41 +0000 (23:39 +0000)
commit8818bd9d2ea7ca20cc7230faa7460ea850d04cd9
tree255319b7bfe4158849fa95eb407c385ee3bf4f1b
parente8904aaca55ff019f6e80bcfb305011d3728319a
Integer calculation issues in DataView constructor
https://bugs.webkit.org/show_bug.cgi?id=50354

Reviewed by Kenneth Russell.

WebCore:

Test: fast/canvas/webgl/data-view-crash.html

* html/canvas/DataView.cpp:
(WebCore::DataView::create):

LayoutTests:

* fast/canvas/webgl/data-view-crash-expected.txt: Added.
* fast/canvas/webgl/data-view-crash.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@73208 268f45cc-cd09-0410-ab3c-d52691b4dbfc
LayoutTests/ChangeLog
LayoutTests/fast/canvas/webgl/data-view-crash-expected.txt [new file with mode: 0644]
LayoutTests/fast/canvas/webgl/data-view-crash.html [new file with mode: 0644]
WebCore/ChangeLog
WebCore/html/canvas/DataView.cpp