After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 728745 - win32: add more clipboard data checks to avoid crash
win32: add more clipboard data checks to avoid crash
Status: RESOLVED FIXED
Product: gtk+
Classification: Platform
Component: Backend: Win32
unspecified
Other All
: Normal normal
: ---
Assigned To: gtk-win32 maintainers
gtk-bugs
Depends on:
Blocks:
 
 
Reported: 2014-04-22 18:18 UTC by Marc-Andre Lureau
Modified: 2014-04-24 14:09 UTC
See Also:
GNOME target: ---
GNOME version: ---

Attachments
win32: add more clipboard data checks to avoid crash (2.43 KB, patch)
2014-04-22 18:18 UTC, Marc-Andre Lureau 		committed Details | Review

Description Marc-Andre Lureau 2014-04-22 18:18:22 UTC 
It may happen that the received clipboard data is empty, but
if it's of type image/bmp, gtk+ will crash:

gdk_property_change: 00030AD4 GDK_SELECTION image/bmp REPLACE 8*0 bits:
... delayed rendering
gdk_selection_send_notify_for_display: 00030AD4 CLIPBOARD image/bmp
GDK_SELECTION (no-op)
_gdk_win32_selection_convert_to_dib: 1252003C image/bmp

Program received signal SIGSEGV, Segmentation fault.
0x749a9f40 in msvcrt!memmove () from C:\Windows\syswow64\msvcrt.dll

Thread 1 (Thread 2248.0x1b34):
target=0xc07b) at gdkselection-win32.c:1292
at gdkevents-win32.c:3498
wparam=8, lparam=0) at gdkevents-win32.c:232
message=773, wparam=8, lparam=0)
    at gdkevents-win32.c:263
C:\Windows\syswow64\user32.dll
C:\Users\rugoosse\AppData\Local\virt-viewer\bin\libpangocairo-1.0-0.dll
wparam=0, lparam=-1687549457)
    at gdkevents-win32.c:248
C:\Users\rugoosse\AppData\Local\virt-viewer\bin\libpangocairo-1.0-0.dll
Comment 1 Marc-Andre Lureau 2014-04-22 18:18:25 UTC 
Created attachment 274902 [details] [review]
win32: add more clipboard data checks to avoid crash
Comment 2 Matthias Clasen 2014-04-23 11:46:09 UTC 
Review of attachment 274902 [details] [review]:

Hmm, can't say I like random checks like this - if the platform image loader can't be trusted not to crash, we're in trouble...
Would also be nice to consolidate this so that we don't have to add the same check in two places.
Comment 3 Marc-Andre Lureau 2014-04-23 12:13:56 UTC 
(In reply to comment #2)
> Review of attachment 274902 [details] [review]:
> 
> Hmm, can't say I like random checks like this - if the platform image loader
> can't be trusted not to crash, we're in trouble...

What do you mean by "platform image loader can't be trusted not to crash"? Only gdk is involve in this crash. It is a faulty memmove.

> Would also be nice to consolidate this so that we don't have to add the same
> check in two places.

I am not sure when _gdk_win32_selection_convert_to_dib() could be called when receiving WM_RENDERFORMAT event. If we can guarantee that it always come after calling gdk_property_change(), then the check is redundant. But in general, I would still keep the pre-condition check, it does no harm.
Comment 4 Matthias Clasen 2014-04-23 18:09:31 UTC 
ok, lets go with this then. Its already marked a-c-n, anyway
Comment 5 Marc-Andre Lureau 2014-04-24 14:08:57 UTC 
Attachment 274902 [details] pushed as dd37429 - win32: add more clipboard data checks to avoid crash