After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 84292 - BMP decoder tries to do unaligned memory reads leading to bus error
BMP decoder tries to do unaligned memory reads leading to bus error
Status: RESOLVED DUPLICATE of bug 84083
Product: gdk-pixbuf
Classification: Platform
Component: general
git master
Other Solaris
: Normal major
: ---
Assigned To: gtk-bugs
gtk-bugs
Depends on:
Blocks:
 
 
Reported: 2002-06-05 22:17 UTC by Tomas Forsman
Modified: 2010-07-10 04:04 UTC
See Also:
GNOME target: ---
GNOME version: ---


Description Tomas Forsman 2002-06-05 22:17:59 UTC 
0xfe9f09ec in DecodeHeader (BFH=0xcdd20 "BM8\f", BIH=0xcdd2e "(",
State=0xf9f88) at io-bmp.c:236
236             if (State->BufferSize < GUINT32_FROM_LE (* (guint32 *)
&BIH[0]) + 14) {

+ Trace 23379

  • #1 gdk_pixbuf__bmp_image_load_increment
    at io-bmp.c line 988 

context->buff + 14 ( == BIH) becomes word aligned and then cast to a
guint32 and dereferenced as that leading to a bus error due to guint32*'s
should be aligned on 32bit, not 16...

This leads to gdk-pixbuf crashes on all BMP images on Sparcs.
I made a test case in gimp: new image, default values, save. gqview crashes
inside gdkpixbuf (io-bmp.c).
Comment 1 Federico Mena Quintero 2002-06-11 23:58:35 UTC 

*** This bug has been marked as a duplicate of 84083 ***