<html>
<head>
<base href="https://bugs.freedesktop.org/" />
</head>
<body>
<p>
<div>
<b><a class="bz_bug_link
bz_status_NEEDINFO "
title="NEEDINFO - Large amount of uninitialized values in svg parsing and processing"
href="https://bugs.freedesktop.org/show_bug.cgi?id=92904#c2">Comment # 2</a>
on <a class="bz_bug_link
bz_status_NEEDINFO "
title="NEEDINFO - Large amount of uninitialized values in svg parsing and processing"
href="https://bugs.freedesktop.org/show_bug.cgi?id=92904">bug 92904</a>
from <span class="vcard"><a class="email" href="mailto:gustavo.grieco@imag.fr" title="gustavo.grieco@imag.fr">gustavo.grieco@imag.fr</a>
</span></b>
<pre><span class="quote">> Well, what do you want me to do with this report? The C program you link to "just" renders SVGs and the SVG files which you claim to attach aren't attached. Just saying that somewhere there is a use of undefined variable that causes malfunction in cairo doesn't really help me.</span >
<span class="quote">> And yes, you say that you will attach the files after the bug was marked private. Sadly I don't think I have more rights in bugzilla than you do. And, as far as I know, firefox bundles their own (ancient?) copy of cairo anyway, so having a fixed cairo version won't help firefox immediately anyway.</span >
This bug is affecting Firefox in because they use gdk-pixbuf in the open-file
dialog box to render a preview of the image that can fail if you browse a
directory with a malicious image. Also, as far as i know, they are not using an
ancient version of cairo. The version of cairo used here depends on gdk-pixbuf,
which is the last version in the Ubuntu 14.04 repositories (1.13)
<span class="quote">> I can see why you don't want to provide the SVG files. How about a list of uninitialized variables? (With git commit id, file name, line, or something like that) Or alternatively a patch which initializes these variables? (That should turn this problem into NULL pointer dereferences which should be "less severe" and unitialized variables should be easy to initialize to NULL / 0 / 0.0 / whatever)</span >
I shared these test cases with the Mozilla security team and they have a
private bug, so it is better to keep them private for now. I can send them to
to your private email if you want.</pre>
</div>
</p>
<hr>
<span>You are receiving this mail because:</span>
<ul>
<li>You are the QA Contact for the bug.</li>
</ul>
</body>
</html>