GNOME Bugzilla – Bug 667745
icon cache can be unsafe when accessing missing icons
Last modified: 2012-01-26 03:59:17 UTC
Created attachment 205073 [details] [review] Patch to fix the issue The icon cache code can make some bad memory accesses when an icon that is not present in the builtin cache is requested. The function find_image_offset will return the offset of an image or 0 if it cannot be found. The return value of this function should be checked for 0 to see whether or not the offset is a valid one. Of the 3 call sites of this function 2 check the return value but the other, in _gtk_icon_cache_get_icon, does not. The attached patch adds a check on the return value of find_image_offset. On a system with only the builtin icon cache this prevents the icon cache code doing erroneous memory accesses when an icon that is not present is requested.
Review of attachment 205073 [details] [review]: Good catch, thanks
The following fix has been pushed: 96cfd3f iconcache: Always check return value of find_image_offset.
Created attachment 206150 [details] [review] iconcache: Always check return value of find_image_offset. find_image_offset returns 0 if it failed to find a matching image. Check this return value in _gtk_icon_cache_get_icon to avoid making bad memory accesses later. Signed-off-by: Will Newton <will.newton@imgtec.com>