|
 |
596485 |
From 4f99f1fcfd892ead19831b5adcd38a99d71214b6 Mon Sep 17 00:00:00 2001
|
|
|
596485 |
From: Jacob Boerema <jgboerema@gmail.com>
|
|
|
596485 |
Date: Fri, 29 Apr 2022 16:40:32 -0400
|
|
|
596485 |
Subject: [PATCH] app: fix #8120 GIMP 2.10.30 crashed when allocate large
|
|
|
596485 |
memory
|
|
|
596485 |
|
|
|
596485 |
GIMP could crash if the information regarding old path properties read
|
|
|
596485 |
from XCF was incorrect. It did not check if xcf_old_path succeeded and
|
|
|
596485 |
kept trying to load more paths even if the last one failed to load.
|
|
|
596485 |
|
|
|
596485 |
Instead we now stop loading paths as soon as that function fails.
|
|
|
596485 |
In case we have a failure here we also try to skip to the next property
|
|
|
596485 |
based on the size of the path property, in hopes that the only problem
|
|
|
596485 |
was this property.
|
|
|
596485 |
---
|
|
|
596485 |
app/xcf/xcf-load.c | 14 +++++++++++---
|
|
|
596485 |
1 file changed, 11 insertions(+), 3 deletions(-)
|
|
|
596485 |
|
|
|
596485 |
diff --git a/app/xcf/xcf-load.c b/app/xcf/xcf-load.c
|
|
|
596485 |
index ac9c4ea248..67bc766390 100644
|
|
|
596485 |
--- a/app/xcf/xcf-load.c
|
|
|
596485 |
+++ b/app/xcf/xcf-load.c
|
|
|
596485 |
@@ -1168,7 +1168,12 @@ xcf_load_image_props (XcfInfo *info,
|
|
|
596485 |
break;
|
|
|
596485 |
|
|
|
596485 |
case PROP_PATHS:
|
|
|
596485 |
- xcf_load_old_paths (info, image);
|
|
|
596485 |
+ {
|
|
|
596485 |
+ goffset base = info->cp;
|
|
|
596485 |
+
|
|
|
596485 |
+ if (! xcf_load_old_paths (info, image))
|
|
|
596485 |
+ xcf_seek_pos (info, base + prop_size, NULL);
|
|
|
596485 |
+ }
|
|
|
596485 |
break;
|
|
|
596485 |
|
|
|
596485 |
case PROP_USER_UNIT:
|
|
|
596485 |
@@ -3035,8 +3040,11 @@ xcf_load_old_paths (XcfInfo *info,
|
|
|
596485 |
xcf_read_int32 (info, &last_selected_row, 1);
|
|
|
596485 |
xcf_read_int32 (info, &num_paths, 1);
|
|
|
596485 |
|
|
|
596485 |
+ GIMP_LOG (XCF, "Number of old paths: %u", num_paths);
|
|
|
596485 |
+
|
|
|
596485 |
while (num_paths-- > 0)
|
|
|
596485 |
- xcf_load_old_path (info, image);
|
|
|
596485 |
+ if (! xcf_load_old_path (info, image))
|
|
|
596485 |
+ return FALSE;
|
|
|
596485 |
|
|
|
596485 |
active_vectors =
|
|
|
596485 |
GIMP_VECTORS (gimp_container_get_child_by_index (gimp_image_get_vectors (image),
|
|
|
596485 |
@@ -3087,7 +3095,7 @@ xcf_load_old_path (XcfInfo *info,
|
|
|
596485 |
}
|
|
|
596485 |
else if (version != 1)
|
|
|
596485 |
{
|
|
|
596485 |
- g_printerr ("Unknown path type. Possibly corrupt XCF file");
|
|
|
596485 |
+ g_printerr ("Unknown path type (version: %u). Possibly corrupt XCF file.\n", version);
|
|
|
596485 |
|
|
|
596485 |
g_free (name);
|
|
|
596485 |
return FALSE;
|
|
|
596485 |
--
|
|
|
596485 |
GitLab
|