On Fri, May 01, 2020 at 11:24:23PM +0100, Stuart Henderson wrote:
> On 2020/05/01 23:53, Jeremie Courreges-Anglas wrote:
> > The ticket has been moved to
> >
> > https://gitlab.gnome.org/GNOME/gtk/-/issues/2684
> >
> > so the comment in the patch ought to be updated.
> >
> > As mentioned by Jacqueline Jolicoeur, the crash happens very often when
> > running gimp with MALLOC_OPTIONS=S. With this fix in place I could not
> > reproduce a crash with repeated C-o cycles.
> >
> > Rationale and code changes LGTM. ok jca@
>
> Committed upstream so I've added the full comment. ok Antoine?
Sure, thanks folks.
>
> Index: Makefile
> ===================================================================
> RCS file: /cvs/ports/x11/gtk+2/Makefile,v
> retrieving revision 1.233
> diff -u -p -r1.233 Makefile
> --- Makefile 10 Nov 2019 21:44:07 -0000 1.233
> +++ Makefile 1 May 2020 22:23:27 -0000
> @@ -9,7 +9,7 @@ GNOME_PROJECT= gtk+
> PKGNAME-main= gtk+2-${GNOME_VERSION}
> PKGNAME-cups= gtk+2-cups-${GNOME_VERSION}
>
> -REVISION-main= 8
> +REVISION-main= 9
> REVISION-cups= 4
>
> CATEGORIES= x11 devel
> Index: patches/patch-modules_engines_pixbuf_pixbuf-render_c
> ===================================================================
> RCS file: patches/patch-modules_engines_pixbuf_pixbuf-render_c
> diff -N patches/patch-modules_engines_pixbuf_pixbuf-render_c
> --- /dev/null 1 Jan 1970 00:00:00 -0000
> +++ patches/patch-modules_engines_pixbuf_pixbuf-render_c 1 May 2020 22:23:27 -0000
> @@ -0,0 +1,26 @@
> +$OpenBSD$
> +
> +From d1b21ff1598cfab03e6b918edd76de766356566c Mon Sep 17 00:00:00 2001
> +From: Nam Nguyen <namn@berkeley.edu>
> +Date: Fri, 1 May 2020 21:55:49 +0000
> +Subject: [PATCH] Resolve GIMP segfault from accessing memory past end of
> + pixbuf Fixes https://gitlab.gnome.org/GNOME/gtk/-/issues/2684
> +
> +GIMP segfaults while switching themes between dark and gray and inputting Ctrl-O
> +to open a file. This is because p advances past end of pixbuf in pixbuf-render.c
> +compute_hint() with num_channels = 3 (no alpha). This is resolved by fixing the
> +if statement to only check for alpha, thereby advancing p, if there is an alpha
> +channel.
> +
> +Index: modules/engines/pixbuf/pixbuf-render.c
> +--- modules/engines/pixbuf/pixbuf-render.c.orig
> ++++ modules/engines/pixbuf/pixbuf-render.c
> +@@ -603,7 +603,7 @@ compute_hint (GdkPixbuf *pixbuf,
> + if (r != *(p++) ||
> + g != *(p++) ||
> + b != *(p++) ||
> +- (n_channels != 4 && a != *(p++)))
> ++ (n_channels == 4 && a != *(p++)))
> + {
> + hints &= ~THEME_CONSTANT_ROWS;
> + if (!(hints & THEME_MISSING))
>
--
Antoine
No comments:
Post a Comment