[cairo] segfault in cairo-xcb-surface-render.c
Bryce W. Harrington
b.harrington at samsung.com
Thu May 1 12:42:41 PDT 2014
On Thu, May 01, 2014 at 01:48:37PM +0200, thorsten wrote:
> Hello all,
>
> when using a Firefox compiled against cairo 1.12.16 I get a segfault
> when visiting some webpages, eg when scrolling an expose on
> www.immobilienscout24.de.
>
> debugging the problem with gdb led me to line 3125 of
> cairo-xcb-surface-render.c:
>
> _cairo_clip_path_destroy (clip->path);
>
> where on that webpage for reasons I don't know clip->path = NULL
>
> I changed the line to
>
> if (clip->path != NULL) _cairo_clip_path_destroy (clip->path);
>
> which fixes the segfault.
>
> See patch below:
Hi Thorsten,
The fix seems sane enough, but I am not able to reproduce the bug, using
cairo 1.12.16 and firefox 29 on the URL you provided. Mind filing a
bugzilla bug on this with a backtrace, to give a reference for the bug?
Bryce
> cat /usr/src/blfs-src/cairo-1.12.16-fix-segfault.patch
> --- cairo-1.12.16/src/cairo-xcb-surface-render.c-orig 2014-05-01
> 13:31:53.386347915 +0200
> +++ cairo-1.12.16/src/cairo-xcb-surface-render.c 2014-05-01
> 13:32:12.099032718 +0200
> @@ -3123,7 +3123,7 @@
> clip = _cairo_clip_intersect_boxes (clip, boxes);
> status = _cairo_clip_get_polygon (clip, &polygon,
> &fill_rule, &antialias);
> - _cairo_clip_path_destroy (clip->path);
> + if (clip->path != NULL) _cairo_clip_path_destroy (clip->path);
> clip->path = NULL;
> if (likely (status == CAIRO_INT_STATUS_SUCCESS)) {
> cairo_clip_t *saved_clip = extents->clip;
>
>
> regards,
>
> thorsten
>
> --
> cairo mailing list
> cairo at cairographics.org
> http://lists.cairographics.org/mailman/listinfo/cairo
More information about the cairo
mailing list