After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 585383 - Segfault in gdk_pixbuf__ico_image_save
Segfault in gdk_pixbuf__ico_image_save
Status: RESOLVED FIXED
Product: gdk-pixbuf
Classification: Platform
Component: general
git master
Other Linux
: Normal major
: ---
Assigned To: gtk-bugs
gtk-bugs
: 561669 (view as bug list)
Depends on:
Blocks:
 
 
Reported: 2009-06-10 20:56 UTC by Mathias Brodala
Modified: 2014-10-22 16:44 UTC
See Also:
GNOME target: ---
GNOME version: ---

Attachments
Example image (248 bytes, image/png)
2009-06-10 20:56 UTC, Mathias Brodala 		  Details
GDB backtrace (2.77 KB, text/plain)
2009-06-10 20:56 UTC, Mathias Brodala 		  Details
GDB backtrace (11.65 KB, text/plain)
2009-06-11 21:29 UTC, Mathias Brodala 		  Details
simple fix (524 bytes, patch)
2009-06-15 13:25 UTC, Felix Riemann 		none Details | Review

Description Mathias Brodala 2009-06-10 20:56:05 UTC 
Trying to use the "Copy" functionality (with or without something selected) on some images make GIMP segfault. I will attach a GDB backtrace as well as an example image for this behaviour.
Comment 1 Mathias Brodala 2009-06-10 20:56:26 UTC 
Created attachment 136303 [details]
Example image
Comment 2 Mathias Brodala 2009-06-10 20:56:45 UTC 
Created attachment 136304 [details]
GDB backtrace
Comment 3 Martin Nordholts 2009-06-11 05:04:59 UTC 
Looks like it crashes in GTK+. What are the exact step-by-step to consistently reproduce? What version of GTK+ are you using?
Comment 4 Mathias Brodala 2009-06-11 21:28:30 UTC 
(In reply to comment #3)
> Looks like it crashes in GTK+. What are the exact step-by-step to consistently
> reproduce?

1. Open the provided file
2. Invoke GIMP’s copy function (via Ctrl-C, Edit menu, ...)

> What version of GTK+ are you using?

Running version 2.16.2 here.
Comment 5 Mathias Brodala 2009-06-11 21:29:15 UTC 
Created attachment 136369 [details]
GDB backtrace

Revised version of the backtrace including GTK debugging symbols.
Comment 6 Sven Neumann 2009-06-12 21:42:09 UTC 
That fact that simply doing a copy causes a call into gdk-pixbuf indicates that you have some sort of clipboard manager running that requests the clipboard content without a good reason. Such clipboard manager behavior is totally broken and I strongly suggest you uninstall it and make sure that you have a clipboard manager that is implemented according to the Free Desktop clipboard manager specification http://www.freedesktop.org/wiki/ClipboardManager

Anyway, this looks like a bug in the GTK+ ico save module. Reassigning accordingly.
Comment 7 Mathias Brodala 2009-06-14 15:53:03 UTC 
(In reply to comment #6)
> That fact that simply doing a copy causes a call into gdk-pixbuf indicates that
> you have some sort of clipboard manager running that requests the clipboard
> content without a good reason. Such clipboard manager behavior is totally
> broken and I strongly suggest you uninstall it and make sure that you have a
> clipboard manager that is implemented according to the Free Desktop clipboard
> manager specification http://www.freedesktop.org/wiki/ClipboardManager

You were right. After killing gnome-clipboard-daemon no further crash occurred.

> Anyway, this looks like a bug in the GTK+ ico save module. Reassigning
> accordingly.

Thanks for this and your hint above.
Comment 8 Felix Riemann 2009-06-15 13:21:57 UTC 
The problem seems to be that the pixbuf plugin assumes that the image dimensions are always a multiple of 8 and in this case doesn't allocate any memory (6/8=0) for the ICO's AND-bitmap.
Comment 9 Felix Riemann 2009-06-15 13:25:54 UTC 
Created attachment 136629 [details] [review]
simple fix

Simply allocate an extra byte by for the remaining pixels.
Comment 10 Felix Riemann 2009-06-16 20:51:22 UTC 
See also bug 561669.
Comment 11 Bastien Nocera 2014-10-22 16:44:33 UTC 
*** Bug 561669 has been marked as a duplicate of this bug. ***