15141 2007-09-04 11:48:12 -0700 GIFImageReader can decode incorrectly at different packet boundaries 2007-10-14 04:38:02 -0700 1 1 1 Unclassified WebKit Images 523.x (Safari 3) PC All RESOLVED FIXED P2 Normal --- 1 pkasting webkit-unassigned oldest_to_newest 932 0 pkasting 2007-09-04 11:48:12 -0700 WebCore/platform/image-decoders/gif/GIFImageReader.cpp (not used by Safari, but used by Cairo/QT) has bugs relating to how it was borrowed from the Mozilla codebase, which provides data to the decoder differently. In the Mozilla world, the decoder is called with only the new data seen since the last call, so a hold buffer is used to store not-yet-decoded data that should be prepended to the next incoming chunk. In the WebKit world, the decoder is provided the entire data stream up to the current point every time. To fit these two together, GIFImageDecoder.cpp contains some wrapper code that lets the reader call back to say "I've decoded up to this point", and then the wrapper will call the reader with only the data from there the next time. The problem is that this callback isn't actually used in a couple places where it should be, meaning that depending on where your packet boundaries are, GIFs fail to decode or decode incorrectly. The true fix to this would be to rewrite the reader and its wrapper to eliminate the hold buffer entirely and be fully aware of the way data is going to be provided. However, that's a slightly trickier task than what I propose to do in this bug, which is to at least insert the necessary callback calls so that the decoder always gets data from the right point. Patch coming shortly. 933 1 16198 pkasting 2007-09-04 11:56:15 -0700 Created attachment 16198 patch v1 Contains the aforementioned fix, plus one other tiny change: when the GIF reader fails, return failure rather than success, so we stop decoding (as Mozilla does) instead of trying again and again. 57386 2 16198 mjs 2007-09-29 18:11:55 -0700 Comment on attachment 16198 patch v1 r=me 58484 3 mrowe 2007-10-14 04:38:02 -0700 Landed in r26580. 16198 2007-09-04 11:56:15 -0700 2007-09-29 18:11:55 -0700 patch v1 patch text/plain 1689 pkasting SW5kZXg6IFdlYkNvcmUvQ2hhbmdlTG9nCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIFdlYkNvcmUvQ2hhbmdlTG9n CShyZXZpc2lvbiAyNTM1NCkKKysrIFdlYkNvcmUvQ2hhbmdlTG9nCSh3b3JraW5nIGNvcHkpCkBA IC0xLDMgKzEsMTQgQEAKKzIwMDctMDktMDQgIFBldGVyIEthc3RpbmcgIDx6ZXJvZHB4QGdtYWls LmNvbT4KKworICAgICAgICBSZXZpZXdlZCBieSBOT0JPRFkgKE9PUFMhKS4KKworICAgICAgICBo dHRwOi8vYnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNnaT9pZD0xNTE0MQorICAgICAgICBGZWVk IEdJRiByZWFkZXIgZGF0YSBmcm9tIHRoZSBwb2ludCBpbiB0aGUgc3RyZWFtIGl0IGV4cGVjdHMu ICBBbHNvLAorICAgICAgICBtaXJyb3IgdGhlIHJlYWRlcidzIGZhaWx1cmUgc3RhdGUgdXAgdG8g dGhlIHdyYXBwaW5nIGRlY29kZXIuCisKKyAgICAgICAgKiBwbGF0Zm9ybS9pbWFnZS1kZWNvZGVy cy9naWYvR0lGSW1hZ2VSZWFkZXIuY3BwOgorICAgICAgICAoR0lGSW1hZ2VSZWFkZXI6OnJlYWQp OgorCiAyMDA3LTA5LTA0ICBEYXZpZCBIYXJyaXNvbiAgPGhhcnJpc29uQGFwcGxlLmNvbT4KIAog ICAgICAgICBSZXZpZXdlZCBieSBNYWNpZWogYW5kIEpvaG4uCkluZGV4OiBXZWJDb3JlL3BsYXRm b3JtL2ltYWdlLWRlY29kZXJzL2dpZi9HSUZJbWFnZVJlYWRlci5jcHAKPT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0g V2ViQ29yZS9wbGF0Zm9ybS9pbWFnZS1kZWNvZGVycy9naWYvR0lGSW1hZ2VSZWFkZXIuY3BwCShy ZXZpc2lvbiAyNTM1NCkKKysrIFdlYkNvcmUvcGxhdGZvcm0vaW1hZ2UtZGVjb2RlcnMvZ2lmL0dJ RkltYWdlUmVhZGVyLmNwcAkod29ya2luZyBjb3B5KQpAQCAtNDE1LDYgKzQxNSw4IEBAIGJvb2wg R0lGSW1hZ2VSZWFkZXI6OnJlYWQoY29uc3QgdW5zaWduZWQKICAgICAgIC8vIE5vdCBlbm91Z2gg aW4gJ2J1ZicgdG8gY29tcGxldGUgY3VycmVudCBibG9jaywgZ2V0IG1vcmUKICAgICAgIGJ5dGVz X2luX2hvbGQgKz0gbDsKICAgICAgIGJ5dGVzX3RvX2NvbnN1bWUgLT0gbDsKKyAgICAgIGlmIChj bGllbnRwdHIpCisgICAgICAgIGNsaWVudHB0ci0+ZGVjb2RpbmdIYWx0ZWQoMCk7CiAgICAgICBy ZXR1cm4gdHJ1ZTsKICAgICB9CiAgICAgLy8gUmVzZXQgaG9sZCBidWZmZXIgY291bnQKQEAgLTky MSw3ICs5MjMsNyBAQCBib29sIEdJRkltYWdlUmVhZGVyOjpyZWFkKGNvbnN0IHVuc2lnbmVkCiAg ICAgLy8gSGFuZGxlIGdlbmVyYWwgZXJyb3JzCiAgICAgY2FzZSBnaWZfZXJyb3I6CiAgICAgICAv LyBuc0dJRkRlY29kZXIyOjpFbmRHSUYoZ3MtPmNsaWVudHB0ciwgZ3MtPmxvb3BfY291bnQpOwot ICAgICAgcmV0dXJuIHRydWU7CisgICAgICByZXR1cm4gZmFsc2U7CiAKICAgICAvLyBXZSBzaG91 bGRuJ3QgZXZlciBnZXQgaGVyZS4KICAgICBkZWZhdWx0OgpAQCAtOTQ1LDYgKzk0Nyw4IEBAIGJv b2wgR0lGSW1hZ2VSZWFkZXI6OnJlYWQoY29uc3QgdW5zaWduZWQKICAgICBieXRlc190b19jb25z dW1lIC09IGxlbjsKICAgfQogCisgIGlmIChjbGllbnRwdHIpCisgICAgY2xpZW50cHRyLT5kZWNv ZGluZ0hhbHRlZCgwKTsKICAgcmV0dXJuIHRydWU7CiB9CiAK