Bug 237153

Summary: gdk_region_polygon crashes with certain graphic data input
Product: Red Hat Enterprise Linux 5 Reporter: John Walicki <walicki>
Component: gtk2Assignee: Matthias Clasen <mclasen>
Status: CLOSED ERRATA QA Contact:
Severity: high Docs Contact:
Priority: medium    
Version: 5.0CC: jrb
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: RHBA-2007-0549 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-11-07 17:27:45 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
testpoly.c none

Description John Walicki 2007-04-19 18:28:41 UTC 
Description of problem:
An IBM product is experiencing issues with gdk_region_polygon crashes when
certain data input is loaded from a graphic.


gdk_region_polygon crashes on RHEL5(gtk2-2.10.4-16.el5). But works well on
SLED10/SLES10(gtk2-2.8.10-36).

Matthias has identified the problem:

* gdk/gdkregion-generic.h (GROWREGION): Handle the case	of nRects == 0 correctly.  

Version-Release number of selected component (if applicable):
RHEL5 gtk2-2.10.4-16.el5 

How reproducible:
A sample test case program was provided to Red Hat which demonstrates the problem.

Steps to Reproduce:
1. Scrolling a graphic with certain data will crash

Additional info:
Matthias posted a fix here
http://svn.gnome.org/viewcvs/gtk%2B?view=rev&revision=17609
Comment 2 Matthias Clasen 2007-06-22 16:59:56 UTC 
Fix included in gtk2-2.10.4-17.el5
Comment 4 Matthias Clasen 2007-06-22 18:51:34 UTC 
Created attachment 157638 [details]
testpoly.c

How to test:

- install gtk2-devel
- download the attached testpoly.c
- build via
  gcc -g -o testpoly testpoly.c `pkg-config --cflags --libs gtk+-2.0` 
- run it
- verify that it does not segfault (it prints out a largeish number if it
  does not crash)
Comment 7 errata-xmlrpc 2007-11-07 17:27:45 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2007-0549.html