[cairo-bugs] [Bug 88293] New: self-copy crashes for a stack overflow with svg12 backend

[bugzilla-daemon at freedesktop.org]

https://bugs.freedesktop.org/show_bug.cgi?id=88293

            Bug ID: 88293
           Summary: self-copy crashes for a stack overflow with svg12
                    backend
           Product: cairo
           Version: unspecified
          Hardware: Other
                OS: All
            Status: NEW
          Severity: normal
          Priority: medium
         Component: pdf backend
          Assignee: ajohnson at redneon.com
          Reporter: sixtysix at inwind.it
        QA Contact: cairo-bugs at cairographics.org

Created attachment 112093
  --> https://bugs.freedesktop.org/attachment.cgi?id=112093&action=edit
quick hack

The problem is that with a paginated surface (pdf, svg)
 _cairo_recording_surface_break_self_copy_loop flushes
the internal recording surface, but not the parent which is
the snapshot_of of the paint source pattern. When later
detach_snapshots is invoked for the recording_surface
it creates a paint command that uses the same recording
surface as source and this results in a memory leak for
the pdf backend and an infinite recursion for the svg12
backend.

The attached quick hack flushes the pattern->surface before
adding the paint-command to the recording surface commands.


Reproduction step

(cd test && CAIRO_TEST_TARGET=pdf,svg12 .libs/cairo-test-suite -f self-copy)

-- 
You are receiving this mail because:
You are the QA Contact for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cairographics.org/archives/cairo-bugs/attachments/20150111/6d0fe6f2/attachment.html>