After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 626559 - librsvg crashes with SIGSEGV when opening broken SVG file
librsvg crashes with SIGSEGV when opening broken SVG file
Status: RESOLVED FIXED
Product: librsvg
Classification: Core
Component: general
2.34.x
Other Linux
: Normal normal
: ---
Assigned To: librsvg maintainers
librsvg maintainers
Depends on:
Blocks:
 
 
Reported: 2010-08-10 18:57 UTC by brunogirin
Modified: 2011-11-06 13:29 UTC
See Also:
GNOME target: ---
GNOME version: ---

Attachments
Patch in bzr diff format (370 bytes, patch)
2010-08-23 22:35 UTC, brunogirin 		none Details | Review
test.svg (136 bytes, image/svg+xml)
2011-09-06 11:36 UTC, Christian Persch 		  Details

Description brunogirin 2010-08-10 18:57:39 UTC 
When reading a broken SVG file (e.g. with a g element containing a style attribute that has an empty fill declaration), librsvg crashes.

This bug was originally reported on Ubuntu Launchpad here: https://bugs.launchpad.net/ubuntu/+source/librsvg/+bug/608026

I created a minimal test case, which you will find here: http://launchpadlibrarian.net/52832080/test-608026.tgz

The test case is written in Vala so here's how to compile and run it:
tar zxvf test-608026.tgz
valac -g --pkg librsvg-2.0 test-608026.vala
./test-608026

Finally, you will find a patch based on librsvg version 2.26.3 here: http://launchpadlibrarian.net/52832223/patch-608026.diff
Comment 1 brunogirin 2010-08-23 22:35:32 UTC 
Created attachment 168596 [details] [review]
Patch in bzr diff format
Comment 2 Christian Persch 2011-09-06 11:36:48 UTC 
Created attachment 195773 [details]
test.svg

Attaching the input SVG reproducing the bug as provided in the downstream bug.

Still reproducible using librsvg 2.34.1.
Comment 3 Christian Persch 2011-11-06 13:29:43 UTC 
Fixed on master.