After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 618519 - Overflow in gdk-pixbuf PNG loader?
Overflow in gdk-pixbuf PNG loader?
Status: RESOLVED DUPLICATE of bug 617878
Product: gdk-pixbuf
Classification: Platform
Component: general
git master
Other Linux
: Normal critical
: ---
Assigned To: gtk-bugs
gtk-bugs
Depends on:
Blocks:
 
 
Reported: 2010-05-13 09:55 UTC by Priit Laes (IRC: plaes)
Modified: 2010-07-10 04:04 UTC
See Also:
GNOME target: ---
GNOME version: ---


Description Priit Laes (IRC: plaes) 2010-05-13 09:55:02 UTC 
I've been getting some weird crasher running epiphany with webkit-gtk backend, like ones in bug #618279.

I'm suspecting an overflow of icc_profile_size in PNG loader, as you can see from stack frame #13 where 'icc_profile_size = 4630826316843715656'

The issue seems to be caused from this commit:
http://git.gnome.org/browse/gtk+/commit/?h=gtk-2-20&id=a0f23e1706b34bca6a65183040d1f1498cce2a50

[snip]

+ Trace 221882

  • #10 IA__g_log
    at gmessages.c line 569
  • #11 IA__g_malloc
    at gmem.c line 136
  • #12 IA__g_base64_encode
    at gbase64.c line 267
  • #13 gdk_pixbuf__png_image_load
    at io-png.c line 347
  • #14 _gdk_pixbuf_generic_image_load
    at gdk-pixbuf-io.c line 903
  • #15 IA__gdk_pixbuf_new_from_file
    at gdk-pixbuf-io.c line 1015
  • #16 ephy_favicon_cache_get
    at ephy-favicon-cache.c line 756
  • #17 _ephy_web_view_load_icon
    at ephy-web-view.c line 1732 






Comment 1


Priit Laes (IRC: plaes)





          2010-05-13 10:10:08 UTC
        



Forgot to mention that I'm having this is issue on amd64 platform, libpng-1.4.2 and gtk+-2.20.1






Comment 2


Javier Jardón (IRC: jjardon)





          2010-05-13 13:04:04 UTC
        



Thanks for the bug report. This particular bug has already been reported into our bug tracking system, but please feel free to report any further bugs you find.

*** This bug has been marked as a duplicate of bug 617878 ***