Mirrors/servo
1
0
Fork 0
mirror of https://github.com/servo/servo.git synced 2025-08-03 20:50:07 +01:00
Code Issues Projects Releases Packages Wiki Activity

canvas: Apply large size limitations (#36445)

Browse source 
To prevent any potential crash/OOM issues with "canvas" element
from "rogue" applications let's apply large size limitations for context
canvas2d's draw target to Servo (similar approach in Firefox/Chromium -
they limits width and height to 32767/65535 pixels).

Fixes: #36155, #34117, #30164, #24710

--
- [x] ./mach build -d does not report any errors
- [x] ./mach test-tidy does not report any errors
- [x] There are tests for these changes

tests/wpt/tests/html/canvas/element/canvas-host/2d.canvas.host.size.large.html

tests/wpt/tests/html/canvas/offscreen/canvas-host/2d.canvas.host.size.large.html

tests/wpt/tests/html/canvas/offscreen/canvas-host/2d.canvas.host.size.large.worker.js

Signed-off-by: Andrei Volykhin <andrei.volykhin@gmail.com>
This commit is contained in:
Andrei Volykhin 2025-04-29 16:48:30 +03:00 committed by GitHub
parent bd6928f3dc
commit 6b2a755736
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
7 changed files with 87 additions and 53 deletions
Download patch file Download diff file Expand all files Collapse all files

9
components/canvas/canvas_data.rs
View file

@ -28,6 +28,10 @@ use webrender_api::{ImageDescriptor, ImageDescriptorFlags, ImageFormat, ImageKey
use crate::raqote_backend::Repetition;
// Asserts on WR texture cache update for zero sized image with raw data.
// https://github.com/servo/webrender/blob/main/webrender/src/texture_cache.rs#L1475
const MIN_WR_IMAGE_SIZE: Size2D<u64> = Size2D::new(1, 1);
fn to_path(path: &[PathSegment], mut builder: Box<dyn GenericPathBuilder>) -> Path {
let mut build_ref = PathBuilderRef {
builder: &mut builder,
@ -595,6 +599,7 @@ impl<'a> CanvasData<'a> {
compositor_api: CrossProcessCompositorApi,
font_context: Arc<FontContext>,
) -> CanvasData<'a> {
let size = size.max(MIN_WR_IMAGE_SIZE);
let backend = create_backend();
let draw_target = backend.create_drawtarget(size);
let image_key = compositor_api.generate_image_key().unwrap();
@ -1402,7 +1407,9 @@ impl<'a> CanvasData<'a> {
}
pub fn recreate(&mut self, size: Option<Size2D<u64>>) {
let size = size.unwrap_or_else(|| self.drawtarget.get_size().to_u64());
let size = size
.unwrap_or_else(|| self.drawtarget.get_size().to_u64())
.max(MIN_WR_IMAGE_SIZE);
self.drawtarget = self
.backend
.create_drawtarget(Size2D::new(size.width, size.height));