Bug 1430215 - Check on the principal in mozilla::dom::CheckSecurityForHTMLElements in case SurfaceFromElement returns an incomplete result. r=aosmond, a=RyanVM
authorAndrea Marchesini <amarchesini@mozilla.com>
Fri, 20 Apr 2018 07:29:12 +0200
changeset 795874 7037720f8b6bf6eeab0853c2cdbdd925cadc0f5a
parent 795873 89fe4f852dd226af2be9a3a41fe06449aa4ef23c
child 795875 7ff41cf175dc175adbdd39a8249b22beac6d8c16
push id110108
push userbmo:tom@mozilla.com
push dateWed, 16 May 2018 18:43:56 +0000
reviewersaosmond, RyanVM
bugs1430215
milestone60.0.1
Bug 1430215 - Check on the principal in mozilla::dom::CheckSecurityForHTMLElements in case SurfaceFromElement returns an incomplete result. r=aosmond, a=RyanVM
dom/canvas/ImageBitmap.cpp
--- a/dom/canvas/ImageBitmap.cpp
+++ b/dom/canvas/ImageBitmap.cpp
@@ -430,19 +430,17 @@ private:
   gfx::SurfaceFormat mFormat;
   gfx::IntSize mSize;
   const Maybe<IntRect>& mCropRect;
 };
 
 static bool
 CheckSecurityForHTMLElements(bool aIsWriteOnly, bool aCORSUsed, nsIPrincipal* aPrincipal)
 {
-  MOZ_ASSERT(aPrincipal);
-
-  if (aIsWriteOnly) {
+  if (aIsWriteOnly || !aPrincipal) {
     return false;
   }
 
   if (!aCORSUsed) {
     nsIGlobalObject* incumbentSettingsObject = GetIncumbentGlobal();
     if (NS_WARN_IF(!incumbentSettingsObject)) {
       return false;
     }