41107 2010-06-23 15:16:08 -0700 REGRESSION (r61619): Memory corruption in open-source ICO decoder 2023-03-03 16:23:42 -0800 1 1 1 Unclassified WebKit Images 528+ (Nightly build) Other All RESOLVED FIXED http://www.opennet.ru/opennews/art.shtml P2 Normal --- 1 pkasting pkasting 465782708 abarth carlossantoing eric Grace_Cooper406 mrobinson webkit.review.bot yunretta1221547 oldest_to_newest 242112 0 pkasting 2010-06-23 15:16:08 -0700 REGRESSION (r61619): Memory corruption in open-source ICO decoder 242115 1 pkasting 2010-06-23 15:19:18 -0700 BMPImageReader.cpp erroneously accesses |m_parent| when setSize() fails. setSize() has already called setFailed(), which has deleted |this|, thus we shouldn't access |m_parent| (and don't need to). 242135 2 59572 pkasting 2010-06-23 16:12:16 -0700 Created attachment 59572 patch v1 Fixes the corruption and one other technically-wrong place I noticed. This adds a regression .ico to an existing LayoutTest, unfortunately I can't actually update expected results at the moment, so I'm going to need those from somewhere. 242669 3 59572 abarth 2010-06-24 14:33:53 -0700 Comment on attachment 59572 patch v1 ok 242680 4 pkasting 2010-06-24 15:02:21 -0700 Fixed in r61788. I'll land the updated test expectations once the bots have them. 242756 5 webkit.review.bot 2010-06-24 17:26:29 -0700 http://trac.webkit.org/changeset/61800 might have broken SnowLeopard Intel Release (Tests) 242833 6 eric 2010-06-24 22:25:36 -0700 Gtk is still broken from this: http://build.webkit.org/results/GTK%20Linux%2032-bit%20Debug/r61820%20(7197)/fast/images/icon-decoding-pretty-diff.html 242834 7 abarth 2010-06-24 22:26:43 -0700 Hopefully fixed in http://trac.webkit.org/changeset/61821 243115 8 pkasting 2010-06-25 12:02:31 -0700 The reason I didn't update GTK is because it matches Chromium rather than Safari and it wasn't clear to me that those two text dumps would be the same. (And I couldn't get a Chromium dump at the time.) I'm not lazy! I was just gone. I got two other people to help take care of this before I had to go. 59572 2010-06-23 16:12:16 -0700 2010-06-24 14:33:53 -0700 patch v1 patch2 text/plain 4366 pkasting SW5kZXg6IFdlYkNvcmUvQ2hhbmdlTG9nCj09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIFdlYkNvcmUvQ2hhbmdlTG9n CShyZXZpc2lvbiA2MTcxMikKKysrIFdlYkNvcmUvQ2hhbmdlTG9nCSh3b3JraW5nIGNvcHkpCkBA IC0xLDMgKzEsMTUgQEAKKzIwMTAtMDYtMjMgIFBldGVyIEthc3RpbmcgIDxwa2FzdGluZ0Bnb29n bGUuY29tPgorCisgICAgICAgIFJldmlld2VkIGJ5IE5PQk9EWSAoT09QUyEpLgorCisgICAgICAg IFJFR1JFU1NJT04gKHI2MTYxOSk6IE1lbW9yeSBjb3JydXB0aW9uIGluIG9wZW4tc291cmNlIElD TyBkZWNvZGVyCisgICAgICAgIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3Nob3dfYnVnLmNnaT9p ZD00MTEwNworCisgICAgICAgICogcGxhdGZvcm0vaW1hZ2UtZGVjb2RlcnMvYm1wL0JNUEltYWdl UmVhZGVyLmNwcDoKKyAgICAgICAgKFdlYkNvcmU6OkJNUEltYWdlUmVhZGVyOjpwcm9jZXNzSW5m b0hlYWRlcik6IEZpeCBtZW1vcnkgY29ycnVwdGlvbi4KKyAgICAgICAgKiBwbGF0Zm9ybS9pbWFn ZS1kZWNvZGVycy9pY28vSUNPSW1hZ2VEZWNvZGVyLmNwcDoKKyAgICAgICAgKFdlYkNvcmU6OklD T0ltYWdlRGVjb2Rlcjo6cHJvY2Vzc0RpcmVjdG9yeUVudHJpZXMpOiBIYW5kbGUgc2l6aW5nIGZh aWx1cmUgY29ycmVjdGx5ICh0aG91Z2ggZmFpbHVyZSBzaG91bGQgYmUgaW1wb3NzaWJsZSkuCisK IDIwMTAtMDYtMjMgIFN0ZXBoZW4gV2hpdGUgIDxzZW5vcmJsYW5jb0BjaHJvbWl1bS5vcmc+CiAK ICAgICAgICAgUmV2aWV3ZWQgYnkgRGF2aWQgSHlhdHQuCkluZGV4OiBXZWJDb3JlL3BsYXRmb3Jt L2ltYWdlLWRlY29kZXJzL2JtcC9CTVBJbWFnZVJlYWRlci5jcHAKPT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PQotLS0gV2Vi Q29yZS9wbGF0Zm9ybS9pbWFnZS1kZWNvZGVycy9ibXAvQk1QSW1hZ2VSZWFkZXIuY3BwCShyZXZp c2lvbiA2MTcwMykKKysrIFdlYkNvcmUvcGxhdGZvcm0vaW1hZ2UtZGVjb2RlcnMvYm1wL0JNUElt YWdlUmVhZGVyLmNwcAkod29ya2luZyBjb3B5KQpAQCAtMTcyLDcgKzE3Miw3IEBAIGJvb2wgQk1Q SW1hZ2VSZWFkZXI6OnByb2Nlc3NJbmZvSGVhZGVyKCkKIAogICAgIC8vIFNldCBvdXIgc2l6ZS4K ICAgICBpZiAoIW1fcGFyZW50LT5zZXRTaXplKG1faW5mb0hlYWRlci5iaVdpZHRoLCBtX2luZm9I ZWFkZXIuYmlIZWlnaHQpKQotICAgICAgICByZXR1cm4gbV9wYXJlbnQtPnNldEZhaWxlZCgpOwor ICAgICAgICByZXR1cm4gZmFsc2U7CiAKICAgICAvLyBGb3IgcGFsZXR0ZWQgaW1hZ2VzLCBiaXRt YXBzIGNhbiBzZXQgYmlDbHJVc2VkIHRvIDAgdG8gbWVhbiAiYWxsCiAgICAgLy8gY29sb3JzIiwg c28gc2V0IGl0IHRvIHRoZSBtYXhpbXVtIG51bWJlciBvZiBjb2xvcnMgZm9yIHRoaXMgYml0IGRl cHRoLgpJbmRleDogV2ViQ29yZS9wbGF0Zm9ybS9pbWFnZS1kZWNvZGVycy9pY28vSUNPSW1hZ2VE ZWNvZGVyLmNwcAo9PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09Ci0tLSBXZWJDb3JlL3BsYXRmb3JtL2ltYWdlLWRlY29kZXJz L2ljby9JQ09JbWFnZURlY29kZXIuY3BwCShyZXZpc2lvbiA2MTcwMykKKysrIFdlYkNvcmUvcGxh dGZvcm0vaW1hZ2UtZGVjb2RlcnMvaWNvL0lDT0ltYWdlRGVjb2Rlci5jcHAJKHdvcmtpbmcgY29w eSkKQEAgLTI1NSw4ICsyNTUsOSBAQCBib29sIElDT0ltYWdlRGVjb2Rlcjo6cHJvY2Vzc0RpcmVj dG9yeUVuCiAKICAgICAvLyBUaGUgaW1hZ2Ugc2l6ZSBpcyB0aGUgc2l6ZSBvZiB0aGUgbGFyZ2Vz dCBlbnRyeS4KICAgICBjb25zdCBJY29uRGlyZWN0b3J5RW50cnkmIGRpckVudHJ5ID0gbV9kaXJF bnRyaWVzLmZpcnN0KCk7Ci0gICAgc2V0U2l6ZShkaXJFbnRyeS5tX3NpemUud2lkdGgoKSwgZGly RW50cnkubV9zaXplLmhlaWdodCgpKTsKLSAgICByZXR1cm4gdHJ1ZTsKKyAgICAvLyBUZWNobmlj YWxseSwgdGhpcyBuZXh0IGNhbGwgc2hvdWxkbid0IGJlIGFibGUgdG8gZmFpbCwgc2luY2UgdGhl IHdpZHRoCisgICAgLy8gYW5kIGhlaWdodCBoZXJlIGFyZSBlYWNoIDw9IDI1NiwgYW5kIHxtX2Zy YW1lU2l6ZXwgaXMgZW1wdHkuCisgICAgcmV0dXJuIHNldFNpemUoZGlyRW50cnkubV9zaXplLndp ZHRoKCksIGRpckVudHJ5Lm1fc2l6ZS5oZWlnaHQoKSk7CiB9CiAKIElDT0ltYWdlRGVjb2Rlcjo6 SWNvbkRpcmVjdG9yeUVudHJ5IElDT0ltYWdlRGVjb2Rlcjo6cmVhZERpcmVjdG9yeUVudHJ5KCkK SW5kZXg6IExheW91dFRlc3RzL0NoYW5nZUxvZwo9PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09Ci0tLSBMYXlvdXRUZXN0cy9D aGFuZ2VMb2cJKHJldmlzaW9uIDYxNzEyKQorKysgTGF5b3V0VGVzdHMvQ2hhbmdlTG9nCSh3b3Jr aW5nIGNvcHkpCkBAIC0xLDMgKzEsMTMgQEAKKzIwMTAtMDYtMjMgIFBldGVyIEthc3RpbmcgIDxw a2FzdGluZ0Bnb29nbGUuY29tPgorCisgICAgICAgIFJldmlld2VkIGJ5IE5PQk9EWSAoT09QUyEp LgorCisgICAgICAgIFJFR1JFU1NJT04gKHI2MTYxOSk6IE1lbW9yeSBjb3JydXB0aW9uIGluIG9w ZW4tc291cmNlIElDTyBkZWNvZGVyCisgICAgICAgIGh0dHBzOi8vYnVncy53ZWJraXQub3JnL3No b3dfYnVnLmNnaT9pZD00MTEwNworCisgICAgICAgICogZmFzdC9pbWFnZXMvaWNvbi1kZWNvZGlu Zy5odG1sOiBBZGQgdGVzdCBmb3IgbWVtb3J5IGNvcnJ1cHRpb24gd2hpbGUgZGVjb2RpbmcgYnJv a2VuIC5pY28uCisgICAgICAgICogZmFzdC9pbWFnZXMvcmVzb3VyY2VzL2JhZC5pY286IEFkZGVk LgorCiAyMDEwLTA2LTIzICBTdGVwaGVuIFdoaXRlICA8c2Vub3JibGFuY29AY2hyb21pdW0ub3Jn PgogCiAgICAgICAgIFJldmlld2VkIGJ5IERhdmlkIEh5YXR0LgpJbmRleDogTGF5b3V0VGVzdHMv ZmFzdC9pbWFnZXMvaWNvbi1kZWNvZGluZy5odG1sCj09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KLS0tIExheW91dFRlc3Rz L2Zhc3QvaW1hZ2VzL2ljb24tZGVjb2RpbmcuaHRtbAkocmV2aXNpb24gNjE3MDMpCisrKyBMYXlv dXRUZXN0cy9mYXN0L2ltYWdlcy9pY29uLWRlY29kaW5nLmh0bWwJKHdvcmtpbmcgY29weSkKQEAg LTEzLDYgKzEzLDEyIEBACiAgICAgaGVpZ2h0OiAzMnB4OwogICAgIHdpZHRoOiAzMnB4OwogfQor Lm9mZnNjcmVlbiAKK3sKKyAgICBwb3NpdGlvbjogYWJzb2x1dGU7CisgICAgbGVmdDogLTEwMCBw eDsKKyAgICB0b3A6IC0xMDAgcHg7Cit9CiA8L3N0eWxlPgogPC9oZWFkPgogPGJvZHkgc3R5bGU9 Im1hcmdpbjogMHB4OyI+CkBAIC0zMCw1ICszNiwxMCBAQAogPGRpdiBjbGFzcz0iZmFpbHVyZTIi PgogICA8aW1nIHNyYz0icmVzb3VyY2VzLzJlbnRyaWVzLmljbyI+CiA8L2Rpdj4KKzxkaXYgY2xh c3M9Im9mZnNjcmVlbiI+CisgIDwhLS0gV2UgZG9uJ3QgY2FyZSBob3cgdGhpcyBkaXNwbGF5cyBh cyBsb25nIGFzIGRlY29kaW5nIGl0IGRvZXNuJ3QgY29ycnVwdAorICAgICAgIG1lbW9yeS4gLS0+ CisgIDxpbWcgc3JjPSJyZXNvdXJjZXMvYmFkLmljbyI+Cis8L2Rpdj4KIDwvYm9keT4KIDwvaHRt bD4KSW5kZXg6IExheW91dFRlc3RzL2Zhc3QvaW1hZ2VzL3Jlc291cmNlcy9iYWQuaWNvCj09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT0KQ2Fubm90IGRpc3BsYXk6IGZpbGUgbWFya2VkIGFzIGEgYmluYXJ5IHR5cGUuCnN2bjpt aW1lLXR5cGUgPSBpbWFnZS92bmQubWljcm9zb2Z0Lmljb24KClByb3BlcnR5IGNoYW5nZXMgb246 IExheW91dFRlc3RzL2Zhc3QvaW1hZ2VzL3Jlc291cmNlcy9iYWQuaWNvCl9fX19fX19fX19fX19f X19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX19fX18KQWRk ZWQ6IHN2bjptaW1lLXR5cGUKICAgKyBpbWFnZS92bmQubWljcm9zb2Z0Lmljb24KCgpBQUFCQUFF QUNBZ0NBQUVBQVFDd0FBQUFGZ0FBQUNnQUFBQVFBQUFBSUFBQUFBRUFBUUFBQUFBQUFBQUFBQk1M QUFBVEN3QUFBZ0FBCkFBQUFBQUFBQVA4QUFQOEFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUEKQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFB QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQQpBQUFB QUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUFBQUEKCg==