diff options
| author | joshia@google.com <joshia@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2008-11-12 01:17:15 +0000 |
|---|---|---|
| committer | joshia@google.com <joshia@google.com@0039d316-1c4b-4281-b951-d872f2087c98> | 2008-11-12 01:17:15 +0000 |
| commit | b6e4beca3a071606c537af2d55eba21d99769cb0 (patch) | |
| tree | fa20b394752eb03839814b409a31c01601c9ebb9 /webkit | |
| parent | 799edbdbd3aadc8044bccf4e10bf6a3ebfef1d6b (diff) | |
| download | chromium_src-b6e4beca3a071606c537af2d55eba21d99769cb0.zip chromium_src-b6e4beca3a071606c537af2d55eba21d99769cb0.tar.gz chromium_src-b6e4beca3a071606c537af2d55eba21d99769cb0.tar.bz2 | |
Prevent crash due to DIB allocation failure
Change the way we capture tab thumbnail images so that
the capturing code can deal with failure.
BUG=3795
Review URL: http://codereview.chromium.org/9717
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@5244 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'webkit')
| -rw-r--r-- | webkit/glue/webframe.h | 8 | ||||
| -rw-r--r-- | webkit/glue/webframe_impl.cc | 17 | ||||
| -rw-r--r-- | webkit/glue/webframe_impl.h | 3 | ||||
| -rw-r--r-- | webkit/tools/test_shell/test_shell_mac.mm | 9 | ||||
| -rw-r--r-- | webkit/tools/test_shell/test_shell_win.cc | 7 |
5 files changed, 33 insertions, 11 deletions
diff --git a/webkit/glue/webframe.h b/webkit/glue/webframe.h index 0557e35..9fd4daf 100644 --- a/webkit/glue/webframe.h +++ b/webkit/glue/webframe.h @@ -284,14 +284,18 @@ class WebFrame : public base::RefCounted<WebFrame> { // Paints the contents of this web view in a bitmapped image. This image // will not have plugins drawn. Devices are cheap to copy because the data is - // internally refcounted, so we return by value. + // internally refcounted so we allocate and return a new copy // // Set scroll_to_zero to force all frames to be scrolled to 0,0 before // being painted into the image. This will not send DOM events because it // just draws the contents at a different place, but it does mean the // scrollbars in the resulting image will appear to be wrong (they'll be // painted as if the content was scrolled). - virtual gfx::BitmapPlatformDevice CaptureImage(bool scroll_to_zero) = 0; + // + // Returns false on failure. CaptureImage can fail if 'image' argument + // is not valid or due to failure to allocate a canvas. + virtual bool CaptureImage(scoped_ptr<gfx::BitmapPlatformDevice>* image, + bool scroll_to_zero) = 0; // This function sets a flag within WebKit to instruct it to render the page // as View-Source (showing the HTML source for the page). diff --git a/webkit/glue/webframe_impl.cc b/webkit/glue/webframe_impl.cc index 5f1df1d..68deb43 100644 --- a/webkit/glue/webframe_impl.cc +++ b/webkit/glue/webframe_impl.cc @@ -1492,11 +1492,20 @@ void WebFrameImpl::Paint(gfx::PlatformCanvas* canvas, const gfx::Rect& rect) { } } -gfx::BitmapPlatformDevice WebFrameImpl::CaptureImage(bool scroll_to_zero) { +bool WebFrameImpl::CaptureImage(scoped_ptr<gfx::BitmapPlatformDevice>* image, + bool scroll_to_zero) { + if (!image) { + NOTREACHED(); + return false; + } + // Must layout before painting. Layout(); - gfx::PlatformCanvas canvas(frameview()->width(), frameview()->height(), true); + gfx::PlatformCanvas canvas; + if (!canvas.initialize(frameview()->width(), frameview()->height(), true)) + return false; + #if defined(OS_WIN) || defined(OS_LINUX) PlatformContextSkia context(&canvas); GraphicsContext gc(reinterpret_cast<PlatformGraphicsContext*>(&context)); @@ -1516,7 +1525,9 @@ gfx::BitmapPlatformDevice WebFrameImpl::CaptureImage(bool scroll_to_zero) { #if defined(OS_WIN) device.fixupAlphaBeforeCompositing(); #endif - return device; + + image->reset(new gfx::BitmapPlatformDevice(device)); + return true; } bool WebFrameImpl::IsLoading() { diff --git a/webkit/glue/webframe_impl.h b/webkit/glue/webframe_impl.h index af92cd2..ce2521a 100644 --- a/webkit/glue/webframe_impl.h +++ b/webkit/glue/webframe_impl.h @@ -111,7 +111,8 @@ class WebFrameImpl : public WebFrame { virtual WebFrame* GetParent() const; virtual WebFrame* GetChildFrame(const std::wstring& xpath) const; virtual WebView* GetView() const; - virtual gfx::BitmapPlatformDevice CaptureImage(bool scroll_to_zero); + virtual bool CaptureImage(scoped_ptr<gfx::BitmapPlatformDevice>* image, + bool scroll_to_zero); // This method calls createRuntimeObject (in KJS::Bindings::Instance), which // increments the refcount of the NPObject passed in. diff --git a/webkit/tools/test_shell/test_shell_mac.mm b/webkit/tools/test_shell/test_shell_mac.mm index 1d2f152..dafb530 100644 --- a/webkit/tools/test_shell/test_shell_mac.mm +++ b/webkit/tools/test_shell/test_shell_mac.mm @@ -499,9 +499,12 @@ void TestShell::ResizeSubViews() { /* static */ std::string TestShell::DumpImage( WebFrame* web_frame, const std::wstring& file_name) { - gfx::BitmapPlatformDevice device(web_frame->CaptureImage(true)); - const SkBitmap& src_bmp = device.accessBitmap(false); - + scoped_ptr<gfx::BitmapPlatformDevice> device; + if (!web_frame->CaptureImage(&device, true)) + return std::string(); + + const SkBitmap& src_bmp = device->accessBitmap(false); + // Encode image. std::vector<unsigned char> png; SkAutoLockPixels src_bmp_lock(src_bmp); diff --git a/webkit/tools/test_shell/test_shell_win.cc b/webkit/tools/test_shell/test_shell_win.cc index 0ca297ab..bd0d557 100644 --- a/webkit/tools/test_shell/test_shell_win.cc +++ b/webkit/tools/test_shell/test_shell_win.cc @@ -116,8 +116,11 @@ ATOM TestShell::RegisterWindowClass() { // static std::string TestShell::DumpImage(WebFrame* web_frame, const std::wstring& file_name) { - gfx::BitmapPlatformDevice device(web_frame->CaptureImage(true)); - const SkBitmap& src_bmp = device.accessBitmap(false); + scoped_ptr<gfx::BitmapPlatformDevice> device; + if (!web_frame->CaptureImage(&device, true)) + return std::string(); + + const SkBitmap& src_bmp = device->accessBitmap(false); // Encode image. std::vector<unsigned char> png; |