dom/canvas/crashtests/1551745.html
author Jon Coppeard <jcoppeard@mozilla.com>
Wed, 15 May 2019 15:34:30 +0100
changeset 474124 a0464187dbfa6b296752aeb9e34779ac1b85be77
permissions -rw-r--r--
Bug 1551745 - Check max size and fix overflow calculating canvas allocation size r=smaug The patch changes the calculation for the allocation size associated with a canvas rendering context to return zero when the width or height are greater than allowed (this will result in an error when creating the target later on) and also if the size calculation overflows (which shouldn't normally happen given the previous check). Differential Revision: https://phabricator.services.mozilla.com/D31265

<script>
window.addEventListener('load', function() {
  b.getContext('2d')
  a.src = b.toDataURL('image/jpeg', 0.1)
  b.setAttribute('width', 2684354)
})
</script>
<img id='a' src='data:image/gif;base64,R0lGODlhAQABAIABAP///wAAACwAAAAAAQABAAACAkQBADs='/>
<canvas id='b' height='800' width='800'></canvas>