Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-11-23 21:01:08 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 1779521 - Check for null principal when drawing images to a canvas element. r=lsalzman

Browse Source 
Differential Revision: https://phabricator.services.mozilla.com/D151819
This commit is contained in:
Andrew Osmond 2022-07-14 18:04:30 +00:00
parent 5e791d5c28
commit e304a056df
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
dom/canvas/CanvasUtils.cpp
View File

@ -244,7 +244,11 @@ void DoDrawImageSecurityCheck(dom::HTMLCanvasElement* aCanvasElement,
// No need to do a security check if the image used CORS for the load
if (CORSUsed) return;
MOZ_ASSERT(aPrincipal, "Must have a principal here");
if (NS_WARN_IF(!aPrincipal)) {
MOZ_ASSERT_UNREACHABLE("Must have a principal here");
aCanvasElement->SetWriteOnly();
return;
}
if (aCanvasElement->NodePrincipal()->Subsumes(aPrincipal)) {
// This canvas has access to that image anyway