summaryrefslogtreecommitdiffstats
path: root/webkit/plugins/ppapi/ppapi_plugin_instance.cc
diff options
context:
space:
mode:
authordmichael@google.com <dmichael@google.com@0039d316-1c4b-4281-b951-d872f2087c98>2011-01-25 00:51:13 +0000
committerdmichael@google.com <dmichael@google.com@0039d316-1c4b-4281-b951-d872f2087c98>2011-01-25 00:51:13 +0000
commitdd165761aff9512f610dbb9b27e0875a9d764e6b (patch)
tree521ca063803f92557134b8562b12e5b950e65ce2 /webkit/plugins/ppapi/ppapi_plugin_instance.cc
parent67803e1f9949af9cdea2d25f21d0033747baec8f (diff)
downloadchromium_src-dd165761aff9512f610dbb9b27e0875a9d764e6b.zip
chromium_src-dd165761aff9512f610dbb9b27e0875a9d764e6b.tar.gz
chromium_src-dd165761aff9512f610dbb9b27e0875a9d764e6b.tar.bz2
Avoid null-pointer dereference for PPAPI Instance BindGraphics.
BUG=None TEST=NaCl SDK pi_generator example encounters this Review URL: http://codereview.chromium.org/6384009 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@72430 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'webkit/plugins/ppapi/ppapi_plugin_instance.cc')
-rw-r--r--webkit/plugins/ppapi/ppapi_plugin_instance.cc4
1 files changed, 4 insertions, 0 deletions
diff --git a/webkit/plugins/ppapi/ppapi_plugin_instance.cc b/webkit/plugins/ppapi/ppapi_plugin_instance.cc
index 8a9f62a..474c2dd 100644
--- a/webkit/plugins/ppapi/ppapi_plugin_instance.cc
+++ b/webkit/plugins/ppapi/ppapi_plugin_instance.cc
@@ -458,6 +458,10 @@ bool PluginInstance::BindGraphics(PP_Resource graphics_id) {
if (bound_graphics_2d()) {
// Start the new image with the content of the old image until the plugin
// repaints.
+ // Use ImageDataAutoMapper to ensure the image data is valid.
+ ImageDataAutoMapper mapper(bound_graphics_2d()->image_data());
+ if (!mapper.is_valid())
+ return false;
const SkBitmap* old_backing_bitmap =
bound_graphics_2d()->image_data()->GetMappedBitmap();
SkRect old_size = SkRect::MakeWH(
generated by cgit v1.1 at 2025-01-08 08:38:57 +0000