Title: [92621] trunk/Source/WebKit/win
- Revision
- 92621
- Author
- [email protected]
- Date
- 2011-08-08 12:41:12 -0700 (Mon, 08 Aug 2011)
Log Message
WebView::performLayeredWindowUpdate() crashes with
NULL pointer when using layered window updates.
https://bugs.webkit.org/show_bug.cgi?id=60618
Reviewed by Adam Roben.
During resize operations, the backing store will be destroyed if
the window's size (either height or width) is set to zero. The
bug was identified when a user first resized a WebView to zero
dimensions, then attempted to perform a MoveWindow. The paint
message triggered by the MoveWindow attempted to use the layered
window update logic, which encountered the nulled backing store.
* WebView.cpp:
(WebView::performLayeredWindowUpdate): Add an early
return when there is no backing store to blend with.
Modified Paths
Diff
Modified: trunk/Source/WebKit/win/ChangeLog (92620 => 92621)
--- trunk/Source/WebKit/win/ChangeLog 2011-08-08 19:15:16 UTC (rev 92620)
+++ trunk/Source/WebKit/win/ChangeLog 2011-08-08 19:41:12 UTC (rev 92621)
@@ -1,3 +1,22 @@
+2011-08-05 Brent Fulgham <[email protected]>
+
+ WebView::performLayeredWindowUpdate() crashes with
+ NULL pointer when using layered window updates.
+ https://bugs.webkit.org/show_bug.cgi?id=60618
+
+ Reviewed by Adam Roben.
+
+ During resize operations, the backing store will be destroyed if
+ the window's size (either height or width) is set to zero. The
+ bug was identified when a user first resized a WebView to zero
+ dimensions, then attempted to perform a MoveWindow. The paint
+ message triggered by the MoveWindow attempted to use the layered
+ window update logic, which encountered the nulled backing store.
+
+ * WebView.cpp:
+ (WebView::performLayeredWindowUpdate): Add an early
+ return when there is no backing store to blend with.
+
2011-08-05 Anders Carlsson <[email protected]>
Remove PluginHalter
Modified: trunk/Source/WebKit/win/WebView.cpp (92620 => 92621)
--- trunk/Source/WebKit/win/WebView.cpp 2011-08-08 19:15:16 UTC (rev 92620)
+++ trunk/Source/WebKit/win/WebView.cpp 2011-08-08 19:41:12 UTC (rev 92621)
@@ -1000,6 +1000,10 @@
void WebView::performLayeredWindowUpdate()
{
+ // The backing store may have been destroyed if the window rect was set to zero height or zero width.
+ if (!m_backingStoreBitmap)
+ return;
+
HDC hdcScreen = ::GetDC(m_viewWindow);
OwnPtr<HDC> hdcMem = adoptPtr(::CreateCompatibleDC(hdcScreen));
HBITMAP hbmOld = static_cast<HBITMAP>(::SelectObject(hdcMem.get(), m_backingStoreBitmap->handle()));
_______________________________________________
webkit-changes mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo.cgi/webkit-changes
