Previously, If the clipboard is of type image/bmp, and the data is of 0 size, GTK+ will crash. With this update, the data size is checked first, and GTK+ no longer crashes when clipboard is of type image/bmp, and the data is of 0 size.
Description of problem:
It may happen that the received clipboard data is empty, but
if it's of type image/bmp, gtk+ will crash:
gdk_property_change: 00030AD4 GDK_SELECTION image/bmp REPLACE 8*0 bits:
... delayed rendering
gdk_selection_send_notify_for_display: 00030AD4 CLIPBOARD image/bmp
GDK_SELECTION (no-op)
_gdk_win32_selection_convert_to_dib: 1252003C image/bmp
Program received signal SIGSEGV, Segmentation fault.
0x749a9f40 in msvcrt!memmove () from C:\Windows\syswow64\msvcrt.dll
Thread 1 (Thread 2248.0x1b34):
target=0xc07b) at gdkselection-win32.c:1292
at gdkevents-win32.c:3498
wparam=8, lparam=0) at gdkevents-win32.c:232
message=773, wparam=8, lparam=0)
at gdkevents-win32.c:263
C:\Windows\syswow64\user32.dll
C:\Users\rugoosse\AppData\Local\virt-viewer\bin\libpangocairo-1.0-0.dll
wparam=0, lparam=-1687549457)
at gdkevents-win32.c:248
C:\Users\rugoosse\AppData\Local\virt-viewer\bin\libpangocairo-1.0-0.dll
Version-Release number of selected component (if applicable):
rhevm-spice-client-x86-cab-3.3-11.el6_5
How reproducible:
easily
Steps to Reproduce:
On the guest:
1. Create a screenshot of the desktop in the guest
2. Copy to clipboard
3. Close the screenshot dialog
On the Windows client:
4. Paste in Paint (Windows) => Paint is performing a long taskā¦
5. Close paint, are you sure to force close => yes (note that during the Paint task the VDI freezes as well)
6. After paint is closed the VDI responds again, now create new screenshot
On the guest:
7. Press copy to clipboard and note it freezes
Actual results:
Remote-viewer throw a segmentation fault
Expected results:
No segfault
Additional info:
https://bugzilla.gnome.org/show_bug.cgi?id=728745
Comment 2Marc-Andre Lureau
2014-04-24 16:00:30 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.
For information on the advisory, and where to find the updated
files, follow the link below.
If the solution does not work for you, open a new bug report.
https://rhn.redhat.com/errata/RHSA-2015-0197.html
Description of problem: It may happen that the received clipboard data is empty, but if it's of type image/bmp, gtk+ will crash: gdk_property_change: 00030AD4 GDK_SELECTION image/bmp REPLACE 8*0 bits: ... delayed rendering gdk_selection_send_notify_for_display: 00030AD4 CLIPBOARD image/bmp GDK_SELECTION (no-op) _gdk_win32_selection_convert_to_dib: 1252003C image/bmp Program received signal SIGSEGV, Segmentation fault. 0x749a9f40 in msvcrt!memmove () from C:\Windows\syswow64\msvcrt.dll Thread 1 (Thread 2248.0x1b34): target=0xc07b) at gdkselection-win32.c:1292 at gdkevents-win32.c:3498 wparam=8, lparam=0) at gdkevents-win32.c:232 message=773, wparam=8, lparam=0) at gdkevents-win32.c:263 C:\Windows\syswow64\user32.dll C:\Users\rugoosse\AppData\Local\virt-viewer\bin\libpangocairo-1.0-0.dll wparam=0, lparam=-1687549457) at gdkevents-win32.c:248 C:\Users\rugoosse\AppData\Local\virt-viewer\bin\libpangocairo-1.0-0.dll Version-Release number of selected component (if applicable): rhevm-spice-client-x86-cab-3.3-11.el6_5 How reproducible: easily Steps to Reproduce: On the guest: 1. Create a screenshot of the desktop in the guest 2. Copy to clipboard 3. Close the screenshot dialog On the Windows client: 4. Paste in Paint (Windows) => Paint is performing a long taskā¦ 5. Close paint, are you sure to force close => yes (note that during the Paint task the VDI freezes as well) 6. After paint is closed the VDI responds again, now create new screenshot On the guest: 7. Press copy to clipboard and note it freezes Actual results: Remote-viewer throw a segmentation fault Expected results: No segfault Additional info: https://bugzilla.gnome.org/show_bug.cgi?id=728745