[cairo-bugs] [Bug 14701] evince crashed with SIGSEGV in cairo_image_surface_get_width(
bugzilla-daemon at freedesktop.org
bugzilla-daemon at freedesktop.org
Fri Feb 29 02:58:01 PST 2008
http://bugs.freedesktop.org/show_bug.cgi?id=14701
James Cloos <cloos at jhcloos.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |cloos at jhcloos.com
--- Comment #2 from James Cloos <cloos at jhcloos.com> 2008-02-29 02:57:59 PST ---
Would it not be appropriate for cairo_image_surface_get_width() to throw a
@CAIRO_STATUS_NULL_POINTER in that case rather than allow the null pointer to
be dereferenced in _cairo_surface_is_image()?
Something like:
if (!surface) {
_cairo_error_throw (CAIRO_STATUS_NULL_POINTER);
return 0;
}
It would be needed of course in each of the cairo_image_surface_get... funtions
before the
if (!_cairo_surface_is_image (surface)) {
_cairo_error_throw (CAIRO_STATUS_SURFACE_TYPE_MISMATCH);
return 0;
}
blocks.
I suppose the question is just how vigilant cairo should be in avoiding SEGVs
from bogus input?
--
Configure bugmail: http://bugs.freedesktop.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.
More information about the cairo-bugs
mailing list