Fix for crash when uploading a large image.

[Title]    Fix for crash when uploading a large image.
[Issue#]   N_SE-53627
[Prolbem]  WebProcess is crashing due to low memory, this is because of
           url (data:image) length, which is allocated many times.
[Solution] Avoiding loading of an image when its url length exceeds 32MB.

Change-Id: I795bc078c81d91690d11198719fa916a8d0e0196

diff --git a/Source/WTF/wtf/Platform.h b/Source/WTF/wtf/Platform.h
index dbfc6fa..0e8139c 100644 (file)
--- a/Source/WTF/wtf/Platform.h
+++ b/Source/WTF/wtf/Platform.h
@@ -460,6 +460,7 @@
 #define ENABLE_TIZEN_CONTENT_EDITABLE_BACKSPACE 1 /* Wojciech Bielawski(w.bielawski.com) : This is a quick fix for a bug where after pressing backspace image was moved not correctly */
 #define ENABLE_TIZEN_PRESERVE_PROPERTIES_WHEN_PARAGRAPH_MERGE 1 /* Grzegorz Czajkowski (g.czajkowski@samsung.com): This is a quick fix for background-color and text-decoration defined in class are not copied when paragraph is merged.  We erroneously copy only CSS inheritable properties via removeNonEditingProperties(). */
 #define ENABLE_TIZEN_DISABLE_FORMSTATE_FOR_SELECT_ELEMENT 1 /* Mayur Vithal Kankanwadi (mayur.vk@samsung.com) : To disable formstate saving for select elements */
+#define ENABLE_TIZEN_DATAURL_SIZE_LIMIT 1 /* Divakar (divakar.a@samsung.com) : To limit data:image url size, in order to avoid low-memory condition. */
 
 #if ENABLE(TEXT_AUTOSIZING)
 #define ENABLE_TIZEN_TEXT_AUTOSIZING 1 /* Jaehun Lim(ljaehun.lim@samsung.com) : for Tizen environment */

diff --git a/Source/WebCore/loader/ImageLoader.cpp b/Source/WebCore/loader/ImageLoader.cpp
index 9a6a7c5..9d9a707 100644 (file)
--- a/Source/WebCore/loader/ImageLoader.cpp
+++ b/Source/WebCore/loader/ImageLoader.cpp
@@ -195,7 +195,14 @@ void ImageLoader::updateFromElement()
     CachedResourceHandle<CachedImage> newImage = 0;
     if (!attr.isNull() && !stripLeadingAndTrailingHTMLSpaces(attr).isEmpty()) {
         ResourceRequest request = ResourceRequest(document()->completeURL(sourceURI(attr)));
-
+#if ENABLE(TIZEN_DATAURL_SIZE_LIMIT)
+    // Do not load the image, if image is data: url and has length more than 32MB.
+    if (request.url().protocol() == "data") {
+        const String url = request.url().string();
+        if (url.length() > (32 * 1024 * 1024))
+            return;
+    }
+#endif
         String crossOriginMode = client()->sourceElement()->fastGetAttribute(HTMLNames::crossoriginAttr);
         if (!crossOriginMode.isNull()) {
             StoredCredentials allowCredentials = equalIgnoringCase(crossOriginMode, "use-credentials") ? AllowStoredCredentials : DoNotAllowStoredCredentials;