Changeset 55773 in webkit

Timestamp:

Mar 10, 2010 2:44:29 AM (14 years ago)

Author:

zecke@webkit.org

Message:

[CAIRO] DoS on iexploder test with high text stroke width.

​https://bugs.webkit.org/show_bug.cgi?id=33759

Specifying a big text stroke width can make WebKitGTK+ spend
a very long time in the cairo library for stroking the path of
the text. The best way to prevent this from happening right now
is to not stroke paths with a certain width. Samuel proposed to
not stroke with a width that is twice the width of the text. The
reason to use twice the text width is that even one stroke of
any charachter to be drawn would cover the full width.

Test: fast/text/text-stroke-width-cairo-dos.html

WebCore:

• platform/graphics/cairo/FontCairo.cpp:

(WebCore::Font::drawGlyphs):

Add a test case with the -webkit-text-stroke-width attribute
set to a high value to illustrate the issue.

• fast/text/text-stroke-width-cairo-dos-expected.txt: Added.
• fast/text/text-stroke-width-cairo-dos.html: Added.

Location:

trunk

Files:

• LayoutTests/ChangeLog (modified) (1 diff)
• LayoutTests/fast/text/text-stroke-width-cairo-dos-expected.txt (added)
• LayoutTests/fast/text/text-stroke-width-cairo-dos.html (added)
• WebCore/ChangeLog (modified) (1 diff)
• WebCore/platform/graphics/cairo/FontCairo.cpp (modified) (2 diffs)

trunk/LayoutTests/ChangeLog

@@ +1 @@
+2010-03-07  Holger Hans Peter Freyther  <zecke@selfish.org>
+
+        Reviewed by Darin Adler.
+
+        [CAIRO] DoS on iexploder test with high text stroke width.
+        https://bugs.webkit.org/show_bug.cgi?id=33759
+
+        Add a test case with the -webkit-text-stroke-width attribute
+        set to a high value to illustrate the issue.
+
+        * fast/text/text-stroke-width-cairo-dos-expected.txt: Added.
+        * fast/text/text-stroke-width-cairo-dos.html: Added.
+
 2010-03-10  Roland Steiner  <rolandsteiner@chromium.org>
 

trunk/WebCore/ChangeLog

@@ +1 @@
+2010-03-07  Holger Hans Peter Freyther  <zecke@selfish.org>
+
+        Reviewed by Darin Adler.
+
+        [CAIRO] DoS on iexploder test with high text stroke width.
+        https://bugs.webkit.org/show_bug.cgi?id=33759
+
+        Specifying a big text stroke width can make WebKitGTK+ spend
+        a very long time in the cairo library for stroking the path of
+        the text. The best way to prevent this from happening right now
+        is to not stroke paths with a certain width. Samuel proposed to
+        not stroke with a width that is twice the width of the text. The
+        reason to use twice the text width is that even one stroke of
+        any charachter to be drawn would cover the full width.
+
+        Test: fast/text/text-stroke-width-cairo-dos.html
+
+        * platform/graphics/cairo/FontCairo.cpp:
+        (WebCore::Font::drawGlyphs):
+
 2010-03-10  Andrey Kosyakov  <caseq@chromium.org>
 

trunk/WebCore/platform/graphics/cairo/FontCairo.cpp

@@ -4 +4 @@
  * Copyright (C) 2007, 2008 Alp Toker <alp@atoker.com>
  * Copyright (C) 2009 Dirk Schulze <krit@webkit.org>
+ * Copyright (C) 2010 Holger Hans Peter Freyther
  *
  * Redistribution and use in source and binary forms, with or without
@@ -158 +159 @@
     }
 
-    if (context->textDrawingMode() & cTextStroke) {
+    // Prevent running into a long computation within cairo. If the stroke width is
+    // twice the size of the width of the text we will not ask cairo to stroke
+    // the text as even one single stroke would cover the full wdth of the text.
+    //  See https://bugs.webkit.org/show_bug.cgi?id=33759.
+    if (context->textDrawingMode() & cTextStroke && context->strokeThickness() < 2 * offset) {
         if (context->strokeGradient()) {
             cairo_set_source(cr, context->strokeGradient()->platformGradient());