Closed
Bug 399286
Opened 17 years ago
Closed 16 years ago
port fix for mac large image crasher to 1.8 branch
Categories
(Core :: Graphics, defect, P1)
Tracking
()
VERIFIED
FIXED
People
(Reporter: jtd, Assigned: jtd)
References
Details
(Keywords: verified1.8.1.13, Whiteboard: [sg:critical?] 1.8 branch)
Attachments
(1 file)
6.85 KB,
patch
|
vlad
:
review+
vlad
:
superreview+
dveditz
:
approval1.8.1.13+
asac
:
approval1.8.0.next?
|
Details | Diff | Splinter Review |
Images with heights larger than 32K cause a crash within Quartz drawing code on the Mac. The bug has been reported to Apple but in the meantime we need to restrict our code to avoid loading images over 32K in height. See bug 328258 for testcase and details.
Assignee | ||
Updated•17 years ago
|
Flags: blocking1.8.1.12?
Priority: -- → P1
Comment 1•17 years ago
|
||
Ok, here's your blocking, where's our patch? :-)
Flags: blocking1.8.1.12? → blocking1.8.1.12+
Assignee | ||
Comment 2•17 years ago
|
||
I'll investigate what's needed for a patch by the end of this week
Updated•17 years ago
|
Whiteboard: 1.8 branch
Updated•17 years ago
|
Whiteboard: 1.8 branch → [sg:critical?] 1.8 branch
Comment 3•17 years ago
|
||
John, any update here?
Comment 4•17 years ago
|
||
No work done here, pushing out to the next release.
Flags: blocking1.8.1.13+
Flags: blocking1.8.1.12-
Flags: blocking1.8.1.12+
Updated•16 years ago
|
Whiteboard: [sg:critical?] 1.8 branch → [sg:critical?][needs patch] 1.8 branch
Assignee | ||
Comment 5•16 years ago
|
||
Steps to reproduce: 1. Download testcase-2 from bug xxx: https://bugzilla.mozilla.org/attachment.cgi?id=213053 2. Open the file bug-328258.html Result: crash in nsImageMac::Draw
Assignee | ||
Comment 6•16 years ago
|
||
Wrap all calls to CGContextDrawImage with a width/height check. Nothing fancy but it will prevent the crash situation.
Attachment #302990 -
Flags: superreview?(vladimir)
Attachment #302990 -
Flags: review?(vladimir)
Comment on attachment 302990 [details] [diff] [review] patch, simplified version of the fix for 328258 Looks good to me!
Attachment #302990 -
Flags: superreview?(vladimir)
Attachment #302990 -
Flags: superreview+
Attachment #302990 -
Flags: review?(vladimir)
Attachment #302990 -
Flags: review+
Assignee | ||
Comment 8•16 years ago
|
||
checked in
Status: ASSIGNED → RESOLVED
Closed: 16 years ago
Resolution: --- → FIXED
Comment 9•16 years ago
|
||
(In reply to comment #8) > checked in Err... as stated on the tinderbox tree, "Bugs must have approval1.8.1.13+ from the 1.8.1.13 triage team".
Keywords: fixed1.8.1.13
Whiteboard: [sg:critical?][needs patch] 1.8 branch → [sg:critical?] 1.8 branch
Comment 10•16 years ago
|
||
Comment on attachment 302990 [details] [diff] [review] patch, simplified version of the fix for 328258 Retroactively requesting approval for this patch. It's already been checked in. http://bonsai.mozilla.org/cvsview2.cgi?diff_mode=context&whitespace_mode=show&subdir=mozilla/gfx/src/mac&command=DIFF_FRAMESET&file=nsImageMac.cpp&rev1=1.79.4.3&rev2=1.79.4.4&root=/cvsroot
Attachment #302990 -
Flags: approval1.8.1.13?
Assignee | ||
Comment 11•16 years ago
|
||
(In reply to comment #10) > Retroactively requesting approval for this patch. It's already been checked in. argh, sorry about that! had an itchy checkin finger...
Comment 12•16 years ago
|
||
Comment on attachment 302990 [details] [diff] [review] patch, simplified version of the fix for 328258 approved for 1.8.1.13, a=dveditz for release-drivers
Attachment #302990 -
Flags: approval1.8.1.13? → approval1.8.1.13+
Comment 13•16 years ago
|
||
Could we get an automated testcase for this and land it after the next 1.8 branch release, please?
Flags: in-testsuite?
Assignee | ||
Comment 14•16 years ago
|
||
Received a mail from Apple stating the underlying bug should be fixed in the next 10.5 release, no mention of a 10.4 fix: Hi John, This is a courtesy email regarding Bug ID# 5514949. We believe this issue has been addressed in Mac OS X Client 10.5.2, build 9C31. Please verify with this release, and update this report with your results. Mac OS X Client 10.5.2, build 9C31: http://www.apple.com/support/downloads/macosx1052comboupdate.html Bug reports requiring your update will appear under ‘My Originated Problems’. Please review this bug report and provide the requested information via the Apple Bug Reporter. Once your report has been updated, Engineering will be alerted of the new information. <http://bugreport.apple.com> Thank you for your assistance in helping us discover and isolate bugs within our products. Best Regards, Stoney Gamble Apple Developer Connection Worldwide Developer Relations
Assignee | ||
Comment 15•16 years ago
|
||
Confirmed fixed in Mac OS X Client 10.5.2, build 9C31.
Comment 16•16 years ago
|
||
Verified fixed in 10.4.11 with Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en-US; rv:1.8.1.13) Gecko/2008031115 Firefox/2.0.0.13. I repro'd the crash with 2.0.0.12 on the same machine.
Updated•16 years ago
|
Flags: blocking1.8.0.15+
Comment 17•16 years ago
|
||
Comment on attachment 302990 [details] [diff] [review] patch, simplified version of the fix for 328258 applies unmodified on 1.8.0
Attachment #302990 -
Flags: approval1.8.0.15?
Updated•16 years ago
|
Group: security
Updated•16 years ago
|
Product: Core → Core Graveyard
Assignee | ||
Updated•16 years ago
|
Component: GFX: Mac → GFX: Thebes
Product: Core Graveyard → Core
Updated•16 years ago
|
QA Contact: mac → thebes
You need to log in
before you can comment on or make changes to this bug.
Description
•