[cairo-bugs] [Bug 31657] Unbounded recording surface -> image surface fill accesses uninitialized memory
bugzilla-daemon at freedesktop.org
bugzilla-daemon at freedesktop.org
Tue Nov 16 03:50:56 PST 2010
https://bugs.freedesktop.org/show_bug.cgi?id=31657
M Joonas Pihlaja <jpihlaja at cc.helsinki.fi> changed:
What |Removed |Added
----------------------------------------------------------------------------
Platform|Other |All
OS/Version|Linux (All) |All
Component|image backend |general
--- Comment #2 from M Joonas Pihlaja <jpihlaja at cc.helsinki.fi> 2010-11-16 03:50:54 PST ---
Thanks for the bug report. Looks like the recording surface's
acquire_source_image method trusts the surface extents without checking if it
actually has extents or not. The uninitialised values valgrind trips over are
the width/height of the surface extents.
I don't quite understand the interactions between surface snapshots and
recording surfaces, so I can't propose a patch for this at the moment.
Unfortunately there's no recording backend option for the component, so I'm
reassigning to the general component for the time being.
--
Configure bugmail: https://bugs.freedesktop.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.
More information about the cairo-bugs
mailing list