diff options
| author | Allan Sandfeld Jensen <allan.jensen@digia.com> | 2014-05-07 17:01:32 +0200 |
|---|---|---|
| committer | The Qt Project <gerrit-noreply@qt-project.org> | 2014-05-08 14:42:40 +0200 |
| commit | a93d5f3f0eaca242e3541881b735862dc994286a (patch) | |
| tree | b52991392f756d9ab257ec4332df9d287f5bd35f | |
| parent | 0fd6d091cbf7963584418f03701bf7e5311eaf17 (diff) | |
| download | qtwebkit-a93d5f3f0eaca242e3541881b735862dc994286a.tar.gz | |
Fix crash in pixmapToImageData binding
The result of JSContextGetGlobalObject is a wrapper-object not a
direct pointer to the global object. Instead access the global object
directly since we are already using other parts of the internal JS API.
The patch also adds a missing API shim that should be held when using the
internal JS API.
Task-number: QTBUG-38809
Change-Id: I76eccbbd6cb1b9fd3322596bb7d6a3f9b0e694b8
Reviewed-by: Michael Bruning <michael.bruning@digia.com>
| -rw-r--r-- | Source/WebCore/bridge/qt/qt_pixmapruntime.cpp | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/Source/WebCore/bridge/qt/qt_pixmapruntime.cpp b/Source/WebCore/bridge/qt/qt_pixmapruntime.cpp index 8689307c5..2f81f44e7 100644 --- a/Source/WebCore/bridge/qt/qt_pixmapruntime.cpp +++ b/Source/WebCore/bridge/qt/qt_pixmapruntime.cpp @@ -20,6 +20,7 @@ #include "qt_pixmapruntime.h" #include "APICast.h" +#include "APIShims.h" #include "CachedImage.h" #include "HTMLImageElement.h" #include "ImageData.h" @@ -149,10 +150,13 @@ static JSValueRef pixmapToImageData(JSContextRef context, JSObjectRef function, int width = image.width(); int height = image.height(); + JSC::ExecState* exec = ::toJS(context); + APIEntryShim entryShim(exec); + RefPtr<ImageData> imageData = ImageData::create(IntSize(width, height)); copyPixelsInto(image, width, height, imageData->data()->data()); - JSDOMGlobalObject* globalObject = static_cast<JSDOMGlobalObject*>(::toJS(JSContextGetGlobalObject(context))); - JSC::ExecState* exec = ::toJS(context); + + JSDOMGlobalObject* globalObject = static_cast<JSDOMGlobalObject*>(exec->lexicalGlobalObject()); return ::toRef(exec, toJS(exec, globalObject, imageData.get())); } |