Google Git
Sign in
chromium / chromium / src / 29622ffb0f2116f242bcddb38aec7a9100dda7ea
commit29622ffb0f2116f242bcddb38aec7a9100dda7ea[log] [tgz]
authorxidachen <xidachen@chromium.org>Thu Jul 21 18:35:56 2016
committerCommit bot <commit-bot@chromium.org>Thu Jul 21 18:37:24 2016
tree360e93886ff1df9275ac86b285191445f5e2d1d5
parent224e6490115e915ed5e6bc72a7a0bafe32d29389 [diff]
Fix integer over flow issue in HTMLCanvasElement::canCreateImageBuffer

Right now in this method, it does a size.width() * size.height(), and
that could cause integer overflow.

This CL fix that by using CheckedNumeric<int>.

BUG=630024

Review-Url: https://codereview.chromium.org/2170693003
Cr-Commit-Position: refs/heads/master@{#406914}
1 file changed
tree: 360e93886ff1df9275ac86b285191445f5e2d1d5
  1. .clang-format
  2. .git-blame-ignore-revs
  3. .gitattributes
  4. .gitignore
  5. .gn
  6. AUTHORS
  7. BUILD.gn
  8. CODE_OF_CONDUCT.md
  9. DEPS
  10. LICENSE
  11. LICENSE.chromium_os
  12. OWNERS
  13. PRESUBMIT.py
  14. PRESUBMIT_test.py
  15. PRESUBMIT_test_mocks.py
  16. WATCHLISTS
  17. android_webview/
  18. apps/
  19. ash/
  20. base/
  21. blimp/
  22. blink/
  23. breakpad/
  24. build/
  25. build_overrides/
  26. cc/
  27. chrome/
  28. chrome_elf/
  29. chromecast/
  30. chromeos/
  31. codereview.settings
  32. components/
  33. content/
  34. courgette/
  35. crypto/
  36. dbus/
  37. device/
  38. docs/
  39. extensions/
  40. gin/
  41. google_apis/
  42. google_update/
  43. gpu/
  44. headless/
  45. infra/
  46. ios/
  47. ipc/
  48. jingle/
  49. mash/
  50. media/
  51. mojo/
  52. native_client_sdk/
  53. net/
  54. pdf/
  55. ppapi/
  56. printing/
  57. remoting/
  58. rlz/
  59. sandbox/
  60. sdch/
  61. services/
  62. skia/
  63. sql/
  64. storage/
  65. styleguide/
  66. sync/
  67. testing/
  68. third_party/
  69. tools/
  70. ui/
  71. url/