After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 694051 - GdkPixbuf new_from_data() length check
GdkPixbuf new_from_data() length check
Status: RESOLVED OBSOLETE
Product: gnome-perl
Classification: Bindings
Component: Gtk2
unspecified
Other Linux
: Normal enhancement
: ---
Assigned To: gtk2-perl-bugs
gtk2-perl-bugs
Depends on:
Blocks:
 
 
Reported: 2013-02-17 23:53 UTC by Kevin Ryde
Modified: 2021-07-05 12:22 UTC
See Also:
GNOME target: ---
GNOME version: ---


Attachments
patch and test (5.49 KB, patch)
2013-02-17 23:53 UTC, Kevin Ryde
none Details | Review

Description Kevin Ryde 2013-02-17 23:53:00 UTC
Created attachment 236511 [details] [review]
patch and test

This is my idea from a while ago to check that gdk_pixbuf_new_from_data() has the data string long enough for the given width,height,rowstride, so that dodgy inputs don't cause a segv for going past the end of the data string.

There's no string length passed to gdk, it's the caller's responsibility to ensure the data block is big enough.  The aim here would be to stop dubious values at the perl level from crashing the interpreter.
Comment 1 GNOME Infrastructure Team 2021-07-05 12:22:14 UTC
GNOME is going to shut down bugzilla.gnome.org in favor of gitlab.gnome.org.
As part of that, we are mass-closing older open tickets in bugzilla.gnome.org
which have not seen updates for a longer time (resources are unfortunately
quite limited so not every ticket can get handled).

If you can still reproduce the situation described in this ticket in a recent
and supported software version, then please follow
  https://wiki.gnome.org/GettingInTouch/BugReportingGuidelines
and create a new ticket at
  https://gitlab.gnome.org/GNOME?utf8=%E2%9C%93&filter=perl-

Thank you for your understanding and your help.