Friday, May 01, 2020

Re: Fix GIMP crash with x11/gtk+2 diff [Was: Re: GIMP open file crash in gimp-2.10.18p1 still exists]

On 2020/05/01 23:53, Jeremie Courreges-Anglas wrote:
> The ticket has been moved to
>
> https://gitlab.gnome.org/GNOME/gtk/-/issues/2684
>
> so the comment in the patch ought to be updated.
>
> As mentioned by Jacqueline Jolicoeur, the crash happens very often when
> running gimp with MALLOC_OPTIONS=S. With this fix in place I could not
> reproduce a crash with repeated C-o cycles.
>
> Rationale and code changes LGTM. ok jca@

Committed upstream so I've added the full comment. ok Antoine?

Index: Makefile
===================================================================
RCS file: /cvs/ports/x11/gtk+2/Makefile,v
retrieving revision 1.233
diff -u -p -r1.233 Makefile
--- Makefile 10 Nov 2019 21:44:07 -0000 1.233
+++ Makefile 1 May 2020 22:23:27 -0000
@@ -9,7 +9,7 @@ GNOME_PROJECT= gtk+
PKGNAME-main= gtk+2-${GNOME_VERSION}
PKGNAME-cups= gtk+2-cups-${GNOME_VERSION}

-REVISION-main= 8
+REVISION-main= 9
REVISION-cups= 4

CATEGORIES= x11 devel
Index: patches/patch-modules_engines_pixbuf_pixbuf-render_c
===================================================================
RCS file: patches/patch-modules_engines_pixbuf_pixbuf-render_c
diff -N patches/patch-modules_engines_pixbuf_pixbuf-render_c
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ patches/patch-modules_engines_pixbuf_pixbuf-render_c 1 May 2020 22:23:27 -0000
@@ -0,0 +1,26 @@
+$OpenBSD$
+
+From d1b21ff1598cfab03e6b918edd76de766356566c Mon Sep 17 00:00:00 2001
+From: Nam Nguyen <namn@berkeley.edu>
+Date: Fri, 1 May 2020 21:55:49 +0000
+Subject: [PATCH] Resolve GIMP segfault from accessing memory past end of
+ pixbuf Fixes https://gitlab.gnome.org/GNOME/gtk/-/issues/2684
+
+GIMP segfaults while switching themes between dark and gray and inputting Ctrl-O
+to open a file. This is because p advances past end of pixbuf in pixbuf-render.c
+compute_hint() with num_channels = 3 (no alpha). This is resolved by fixing the
+if statement to only check for alpha, thereby advancing p, if there is an alpha
+channel.
+
+Index: modules/engines/pixbuf/pixbuf-render.c
+--- modules/engines/pixbuf/pixbuf-render.c.orig
++++ modules/engines/pixbuf/pixbuf-render.c
+@@ -603,7 +603,7 @@ compute_hint (GdkPixbuf *pixbuf,
+ if (r != *(p++) ||
+ g != *(p++) ||
+ b != *(p++) ||
+- (n_channels != 4 && a != *(p++)))
++ (n_channels == 4 && a != *(p++)))
+ {
+ hints &= ~THEME_CONSTANT_ROWS;
+ if (!(hints & THEME_MISSING))

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)