<html>
<head>
<base href="https://bugs.freedesktop.org/" />
</head>
<body>
<p>
<div>
<b><a class="bz_bug_link
bz_status_REOPENED "
title="REOPENED --- - Null pointer dereference in cairo_image_get_surface_data()"
href="https://bugs.freedesktop.org/show_bug.cgi?id=58061#c4">Comment # 4</a>
on <a class="bz_bug_link
bz_status_REOPENED "
title="REOPENED --- - Null pointer dereference in cairo_image_get_surface_data()"
href="https://bugs.freedesktop.org/show_bug.cgi?id=58061">bug 58061</a>
from <span class="vcard"><a class="email" href="mailto:b.harrington@samsung.com" title="Bryce Harrington <b.harrington@samsung.com>"> <span class="fn">Bryce Harrington</span></a>
</span></b>
<pre>So, it sounds like the "fix" in this case is for gnucash to check the surface
is not NULL before using it in cairo calls.
Uli points out a few places where cairo does indeed return NULLs to the calling
user:
1. cairo_win32_surface_get_image, cairo_quartz_image_surface_get_image and
cairo_qt_surface_get_image do this to indicate errors if the surface type is
incorrect. These are of type cairo_surface_t*. We should be returning an
error surface via _cairo_surface_create_in_error() instead.
2. Similarly, in cairo_cogl_device_create, cairo_drm_device_get, and (probably)
cairo_drm_device_default, instead of returning NULL for the error cases the
routines should generate an error device via _cairo_device_create_in_error()
instead.
Somewhere in the documentation we may want to mention that passing in NULL
pointers for surface arguments is not kosher. I'm not sure we'd want to litter
the API docs with "surface argument required; must be non-NULL".</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are the QA Contact for the bug.</li>
<li>You are the assignee for the bug.</li>
</ul>
</body>
</html>