GNOME Bugzilla – Bug 636138
libjpeg error handling broken
Last modified: 2011-03-30 06:43:59 UTC
Created attachment 175542 [details] [review] call sigsetjmp in gdk_pixbuf__jpeg_image_begin_load This is a continuation of https://bugzilla.gnome.org/show_bug.cgi?id=606068 In io-jpeg.c gdk_pixbuf__jpeg_image_begin_load calls jpeg_create_decompress without calling sigsetjmp first. As a result if jpeg_create_decompress fails due to version mismatches, fatal_error_handler will siglongjmp using a buffer that hasn't been initialized properly. This leads to crashes like the one detailed in http://code.google.com/p/chromium/issues/detail?id=30288#c84 The attached patch fixes the problem for me. Please review carefully as my libjpeg skills are essentially non-existant. Thank you.
*** Bug 645816 has been marked as a duplicate of this bug. ***