Closed
Bug 192205
Opened 22 years ago
Closed 22 years ago
ImageLib failure to load JNG image crashes Mozilla [@ memmove]
Categories
(Core :: Graphics: ImageLib, defect)
Tracking
()
VERIFIED
DUPLICATE
of bug 156540
People
(Reporter: bugmail, Assigned: jdunn)
Details
(Keywords: crash)
Crash Data
Attachments
(2 files)
The known problem with libmng v1.0.4 (bug 181676) which causes some MNG and JNG
images to fail to load also seems to cause FizzillaMach/2003020303 to crash.
Summary: ImageLib failure to load JNG image crashes Mozilla → ImageLib failure to load JNG image crashes Mozilla [@ memmove]
Attachment #113778 -
Attachment mime type: text/plain → text/html
Crash also reproduced using the more-recent FizzillaMach/2003020603.
I am crashing with a 2003012810 build on win2k
Looks like we are writing to invalid memory.
Debuging I see:
imgContainerMNG::WriteMNG(...) {
mBuffer = (PRUint8 *) nsMemory::Realloc(mBuffer, mBufferEnd+count);
inStr->Read((char *)mBuffer+mBufferEnd, count, _retval);
mBuffer is 0
mBufferEnd is 50520
count is 2728
So mBuffer is hosed...
NOTE: the mng file is tagged as being "bad/invalid" so maybe we just
aren't initializing something and then expect the stream to just stop.
looking...
I knew I had seen this before...
Marking this as a dup of bug 156540
which is in essence a bug that is fixed with bug 181676
(libmng to 1.0.5)
*** This bug has been marked as a duplicate of 156540 ***
Status: NEW → RESOLVED
Closed: 22 years ago
Resolution: --- → DUPLICATE
|
||
Updated•14 years ago
|
Crash Signature: [@ memmove]
You need to log in
before you can comment on or make changes to this bug.
Description
•