third_party/WebKit/Source/modules/webgl/WebGLRenderingContextBase.cpp - Issue 2543663003: generate GL_INVALID_VALUE for CheckedNumeric invalid operations

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: third_party/WebKit/Source/modules/webgl/WebGLRenderingContextBase.cpp

Issue 2543663003: generate GL_INVALID_VALUE for CheckedNumeric invalid operations (Closed)

Patch Set: Created 4 years ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: third_party/WebKit/Source/modules/webgl/WebGLRenderingContextBase.cpp

diff --git a/third_party/WebKit/Source/modules/webgl/WebGLRenderingContextBase.cpp b/third_party/WebKit/Source/modules/webgl/WebGLRenderingContextBase.cpp

index 091e6287e8103a43fe42601ff7b03ad7f1d322f9..48237e05f658eacf2d4baa361af9e695385d61e6 100644

--- a/third_party/WebKit/Source/modules/webgl/WebGLRenderingContextBase.cpp

+++ b/third_party/WebKit/Source/modules/webgl/WebGLRenderingContextBase.cpp

@@ -4101,9 +4101,14 @@ void WebGLRenderingContextBase::readPixelsHelper(GLint x,

synthesizeGLError(GL_INVALID_FRAMEBUFFER_OPERATION, "readPixels", reason);

return;

}

- if (!validateReadPixelsFuncParameters(

- width, height, format, type, pixels,

- (pixels->byteLength() - offsetInBytes).ValueOrDie())) {

+ CheckedNumeric<GLuint> bufferSize = pixels->byteLength() - offsetInBytes;

+ if (!bufferSize.IsValid()) {

+ synthesizeGLError(GL_INVALID_VALUE, "readPixels",

+ "destination offset out of range");

+ return;

+ }

+ if (!validateReadPixelsFuncParameters(width, height, format, type, pixels,

+ bufferSize.ValueOrDie())) {

return;

}

clearIfComposited();

« no previous file with comments | « no previous file | third_party/WebKit/Source/platform/graphics/gpu/WebGLImageConversion.cpp » ('j') | no next file with comments »