Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(798)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: third_party/WebKit/Source/modules/encryptedmedia/HTMLMediaElementEncryptedMedia.cpp

Issue 1414553002: Fix out-of-memory crashes related to ArrayBuffer allocation Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 5 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« third_party/WebKit/Source/core/dom/DOMTypedArray.h ('K') | « third_party/WebKit/Source/modules/encoding/TextEncoder.idl ('k') | third_party/WebKit/Source/modules/encryptedmedia/MediaKeySession.cpp » ('j') | third_party/WebKit/Source/wtf/ArrayBufferBuilder.h » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: third_party/WebKit/Source/modules/encryptedmedia/HTMLMediaElementEncryptedMedia.cpp
diff --git a/third_party/WebKit/Source/modules/encryptedmedia/HTMLMediaElementEncryptedMedia.cpp b/third_party/WebKit/Source/modules/encryptedmedia/HTMLMediaElementEncryptedMedia.cpp
index cbe2df6099c4a660c07246f57261a2c65f0be4f0..2f1ad9ff251673c7841cb4985ae358180ba7ded5 100644
--- a/third_party/WebKit/Source/modules/encryptedmedia/HTMLMediaElementEncryptedMedia.cpp
+++ b/third_party/WebKit/Source/modules/encryptedmedia/HTMLMediaElementEncryptedMedia.cpp
@@ -359,7 +359,7 @@ static PassRefPtrWillBeRawPtr<Event> createEncryptedEvent(WebEncryptedMediaInitD
{
MediaEncryptedEventInit initializer;
initializer.setInitDataType(EncryptedMediaUtils::convertFromInitDataType(initDataType));
- initializer.setInitData(DOMArrayBuffer::create(initData, initDataLength));
+ initializer.setInitData(DOMArrayBuffer::createOrNull(initData, initDataLength));
initializer.setBubbles(false);
initializer.setCancelable(false);
@@ -370,7 +370,7 @@ static PassRefPtrWillBeRawPtr<Event> createEncryptedEvent(WebEncryptedMediaInitD
static PassRefPtrWillBeRawPtr<Event> createWebkitNeedKeyEvent(const unsigned char* initData, unsigned initDataLength)
{
MediaKeyEventInit webkitInitializer;
- webkitInitializer.setInitData(DOMUint8Array::create(initData, initDataLength));
+ webkitInitializer.setInitData(DOMUint8Array::createOrNull(initData, initDataLength));
return MediaKeyEvent::create(EventTypeNames::webkitneedkey, webkitInitializer);
}
@@ -412,7 +412,8 @@ void HTMLMediaElementEncryptedMedia::generateKeyRequest(WebMediaPlayer* webMedia
void HTMLMediaElementEncryptedMedia::webkitGenerateKeyRequest(HTMLMediaElement& mediaElement, const String& keySystem, ExceptionState& exceptionState)
{
- webkitGenerateKeyRequest(mediaElement, keySystem, DOMUint8Array::create(0), exceptionState);
+ RefPtr<DOMUint8Array> emptyArray = DOMUint8Array::deprecatedCreateOrCrash(nullptr, 0);
+ webkitGenerateKeyRequest(mediaElement, keySystem, emptyArray.release(), exceptionState);
}
void HTMLMediaElementEncryptedMedia::webkitAddKey(HTMLMediaElement& element, const String& keySystem, PassRefPtr<DOMUint8Array> key, PassRefPtr<DOMUint8Array> initData, const String& sessionId, ExceptionState& exceptionState)
@@ -462,7 +463,7 @@ void HTMLMediaElementEncryptedMedia::addKey(WebMediaPlayer* webMediaPlayer, cons
void HTMLMediaElementEncryptedMedia::webkitAddKey(HTMLMediaElement& mediaElement, const String& keySystem, PassRefPtr<DOMUint8Array> key, ExceptionState& exceptionState)
{
- webkitAddKey(mediaElement, keySystem, key, DOMUint8Array::create(0), String(), exceptionState);
+ webkitAddKey(mediaElement, keySystem, key, DOMUint8Array::deprecatedCreateOrCrash(nullptr, 0), String(), exceptionState);
}
void HTMLMediaElementEncryptedMedia::webkitCancelKeyRequest(HTMLMediaElement& element, const String& keySystem, const String& sessionId, ExceptionState& exceptionState)
@@ -550,7 +551,9 @@ void HTMLMediaElementEncryptedMedia::keyMessage(const WebString& keySystem, cons
MediaKeyEventInit initializer;
initializer.setKeySystem(keySystem);
initializer.setSessionId(sessionId);
- initializer.setMessage(DOMUint8Array::create(message, messageLength));
+ // FIXME: We currently ignore the problem if allocating the message array fails.
+ // Should we be aborting when that happens?
+ initializer.setMessage(DOMUint8Array::createOrNull(message, messageLength));
initializer.setDefaultURL(KURL(defaultURL));
RefPtrWillBeRawPtr<Event> event = MediaKeyEvent::create(EventTypeNames::webkitkeymessage, initializer);
@@ -566,6 +569,8 @@ void HTMLMediaElementEncryptedMedia::encrypted(WebEncryptedMediaInitDataType ini
// Send event for WD EME.
RefPtrWillBeRawPtr<Event> event;
if (m_mediaElement->isMediaDataCORSSameOrigin(m_mediaElement->executionContext()->securityOrigin())) {
+ // FIXME: This creates an event with no data if the allocation of the array buffer fails.
+ // Should we be aborting when that happens?
event = createEncryptedEvent(initDataType, initData, initDataLength);
} else {
// Current page is not allowed to see content from the media file,
« third_party/WebKit/Source/core/dom/DOMTypedArray.h ('K') | « third_party/WebKit/Source/modules/encoding/TextEncoder.idl ('k') | third_party/WebKit/Source/modules/encryptedmedia/MediaKeySession.cpp » ('j') | third_party/WebKit/Source/wtf/ArrayBufferBuilder.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698