Re: Fix GIMP crash with x11/gtk+2 diff [Was: Re: GIMP open file crash in gimp-2.10.18p1 still exists]

Fri, 01 May 2020 15:25:14 -0700 

On 2020/05/01 23:53, Jeremie Courreges-Anglas wrote:
> The ticket has been moved to
> 
>   https://gitlab.gnome.org/GNOME/gtk/-/issues/2684
> 
> so the comment in the patch ought to be updated.
> 
> As mentioned by Jacqueline Jolicoeur, the crash happens very often when
> running gimp with MALLOC_OPTIONS=S.  With this fix in place I could not
> reproduce a crash with repeated C-o cycles.
> 
> Rationale and code changes LGTM.  ok jca@

Committed upstream so I've added the full comment. ok Antoine?

Index: Makefile
===================================================================
RCS file: /cvs/ports/x11/gtk+2/Makefile,v
retrieving revision 1.233
diff -u -p -r1.233 Makefile
--- Makefile    10 Nov 2019 21:44:07 -0000      1.233
+++ Makefile    1 May 2020 22:23:27 -0000
@@ -9,7 +9,7 @@ GNOME_PROJECT=          gtk+
 PKGNAME-main=          gtk+2-${GNOME_VERSION}
 PKGNAME-cups=          gtk+2-cups-${GNOME_VERSION}
 
-REVISION-main=         8
+REVISION-main=         9
 REVISION-cups=         4
 
 CATEGORIES=            x11 devel
Index: patches/patch-modules_engines_pixbuf_pixbuf-render_c
===================================================================
RCS file: patches/patch-modules_engines_pixbuf_pixbuf-render_c
diff -N patches/patch-modules_engines_pixbuf_pixbuf-render_c
--- /dev/null   1 Jan 1970 00:00:00 -0000
+++ patches/patch-modules_engines_pixbuf_pixbuf-render_c        1 May 2020 
22:23:27 -0000
@@ -0,0 +1,26 @@
+$OpenBSD$
+
+From d1b21ff1598cfab03e6b918edd76de766356566c Mon Sep 17 00:00:00 2001
+From: Nam Nguyen <n...@berkeley.edu>
+Date: Fri, 1 May 2020 21:55:49 +0000
+Subject: [PATCH] Resolve GIMP segfault from accessing memory past end of
+ pixbuf Fixes https://gitlab.gnome.org/GNOME/gtk/-/issues/2684
+
+GIMP segfaults while switching themes between dark and gray and inputting 
Ctrl-O
+to open a file. This is because p advances past end of pixbuf in 
pixbuf-render.c
+compute_hint() with num_channels = 3 (no alpha). This is resolved by fixing the
+if statement to only check for alpha, thereby advancing p, if there is an alpha
+channel.
+
+Index: modules/engines/pixbuf/pixbuf-render.c
+--- modules/engines/pixbuf/pixbuf-render.c.orig
++++ modules/engines/pixbuf/pixbuf-render.c
+@@ -603,7 +603,7 @@ compute_hint (GdkPixbuf *pixbuf,
+         if (r != *(p++) ||
+             g != *(p++) ||
+             b != *(p++) ||
+-            (n_channels != 4 && a != *(p++)))
++            (n_channels == 4 && a != *(p++)))
+           {
+             hints &= ~THEME_CONSTANT_ROWS;
+             if (!(hints & THEME_MISSING))

Reply via email to