[cairo] Segfault at sweep_line_delete on video playback
James Cloos
cloos at jhcloos.com
Fri Mar 21 00:44:28 PDT 2014
The patch is incorrect.
In that file, the typedefs are:
,----
| typedef struct _rectangle rectangle_t;
| typedef struct _edge edge_t;
|
| struct _edge {
| edge_t *next, *prev;
| edge_t *right;
| cairo_fixed_t x, top;
| int dir;
| };
|
| struct _rectangle {
| edge_t left, right;
| int32_t top, bottom;
| };
`----
so left and right are not pointers and cannot be null.
This patch should do what Bryce intended, but appears to trigger:
,----
| Program received signal SIGSEGV, Segmentation fault.
| _cairo_clip_path_destroy (clip_path=0x0) at cairo-clip.c:91
| 91 assert (CAIRO_REFERENCE_COUNT_HAS_REFERENCE (&clip_path->ref_count));
`----
in my test case. (ff28 release notes viewed in seamonkey 2.25b compiled
against system cairo).
So, instead of this, something in the existing if should do, see my next note.
diff --git a/src/cairo-bentley-ottmann-rectangular.c b/src/cairo-bentley-ottmann-rectangular.c
index 5541bdc..3b0e038 100644
--- a/src/cairo-bentley-ottmann-rectangular.c
+++ b/src/cairo-bentley-ottmann-rectangular.c
@@ -563,7 +563,11 @@ sweep_line_delete (sweep_line_t *sweep, rectangle_t *rectangle)
{
cairo_bool_t update;
+ if (!rectangle->left.prev)
+ return FALSE;
+
update = TRUE;
+
if (sweep->fill_rule == CAIRO_FILL_RULE_WINDING &&
rectangle->left.prev->dir == rectangle->left.dir)
{
-JimC
--
James Cloos <cloos at jhcloos.com> OpenPGP: 1024D/ED7DAEA6
More information about the cairo
mailing list