WebContent crashes with system preview content
authordino@apple.com <dino@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 31 May 2018 00:02:07 +0000 (00:02 +0000)
committerdino@apple.com <dino@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 31 May 2018 00:02:07 +0000 (00:02 +0000)
https://bugs.webkit.org/show_bug.cgi?id=186118

Reviewed by Myles Maxfield.

We were receiving crash reports on iOS devices when getting
platformContext() from a GraphicsContext. This usually
occurred when the page was invisible. Debugging showed that
it was trying to draw with a disabled context.

* rendering/RenderThemeIOS.mm:
(WebCore::RenderThemeIOS::paintSystemPreviewBadge): Early
return if the context has painting disabled.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@232320 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/WebCore/ChangeLog
Source/WebCore/rendering/RenderThemeIOS.mm

index 11b3d76..8d84c70 100644 (file)
@@ -1,3 +1,19 @@
+2018-05-30  Dean Jackson  <dino@apple.com>
+
+        WebContent crashes with system preview content
+        https://bugs.webkit.org/show_bug.cgi?id=186118
+
+        Reviewed by Myles Maxfield.
+
+        We were receiving crash reports on iOS devices when getting
+        platformContext() from a GraphicsContext. This usually
+        occurred when the page was invisible. Debugging showed that
+        it was trying to draw with a disabled context.
+
+        * rendering/RenderThemeIOS.mm:
+        (WebCore::RenderThemeIOS::paintSystemPreviewBadge): Early
+        return if the context has painting disabled.
+
 2018-05-30  Daniel Bates  <dabates@apple.com>
 
         Web Inspector: Annotate Same-Site cookies
index 7b181fc..2efbd0c 100644 (file)
@@ -1852,7 +1852,13 @@ void RenderThemeIOS::paintSystemPreviewBadge(Image& image, const PaintInfo& pain
     // Create a circle to be used for the clipping path in the badge, as well as the drop shadow.
     RetainPtr<CGPathRef> circle = adoptCF(CGPathCreateWithRoundedRect(absoluteBadgeRect, badgeDimension / 2, badgeDimension / 2, nullptr));
 
-    CGContextRef ctx = paintInfo.context().platformContext();
+    auto& graphicsContext = paintInfo.context();
+    if (graphicsContext.paintingDisabled())
+        return;
+
+    CGContextRef ctx = graphicsContext.platformContext();
+    if (!ctx)
+        return;
 
     CGContextSaveGState(ctx);