[cairo-commit] 2 commits - src/cairo-image-surface.c

Wed May 5 14:48:22 UTC 2021

src/cairo-image-surface.c |    3 +++
 1 file changed, 3 insertions(+)

New commits:
commit 929262dd54ffae81721ffe9b2c59faa7b045c663
Merge: 4f61b765c ac23567a0
Author: Uli Schlachter <psychon at znc.in>
Date:   Wed May 5 14:48:20 2021 +0000

    Merge branch 'jfkthame-master-patch-60882' into 'master'
    
    Bail early from _cairo_image_compute_color if image is zero-sized.
    
    See merge request cairo/cairo!177

commit ac23567a0cf5562bd7547030cd849d8d302da919
Author: Jonathan Kew <jfkthame at googlemail.com>
Date:   Wed May 5 13:43:57 2021 +0000

    Bail early from _cairo_image_compute_color if image is zero-sized.
    
    This avoids the risk of encountering undefined behavior when computing the `pixel` pointer (even though it won't actually be used) in the case where the image width or height is zero and the data is NULL. (Observed when called from cairo_pdf_surface code when an extreme scaling transform was present, though I guess there are probably other ways to end up with such an image.)

diff --git a/src/cairo-image-surface.c b/src/cairo-image-surface.c
index 0e17f3a16..3b11eb981 100644
--- a/src/cairo-image-surface.c
+++ b/src/cairo-image-surface.c
@@ -1243,6 +1243,9 @@ _cairo_image_compute_color (cairo_image_surface_t      *image)
     int x, y;
     cairo_image_color_t color;
 
+    if (image->width == 0 || image->height == 0)
+	return CAIRO_IMAGE_IS_MONOCHROME;
+
     if (image->format == CAIRO_FORMAT_A1)
 	return CAIRO_IMAGE_IS_MONOCHROME;
 
