Closed
Bug 642721
Opened 13 years ago
Closed 13 years ago
_cairo_d2d_mask reads uninitialized memory
Categories
(Core :: Graphics, defect)
Tracking
()
RESOLVED
FIXED
People
(Reporter: roc, Assigned: roc)
References
Details
Attachments
(1 file)
|
2.35 KB,
patch
|
Details | Diff | Splinter Review |
When 'clip' is NULL, we reach
box.p1.x = MAX(box.p1.x, boxes->p1.x);
box.p2.x = MIN(box.p2.x, boxes->p2.x);
box.p1.y = MAX(box.p1.y, boxes->p1.y);
box.p2.y = MIN(box.p2.y, boxes->p2.y);
with 'boxes' set to &box_stack, which is uninitialized on the stack. We seem to be getting lucky most of the time and these operations are having no effect, but with some patches in my queue, we stop getting lucky and reftests start failing :-(.
|
Assignee | |
Comment 1•13 years ago
|
||
Attachment #520126 -
Flags: review?(bas.schouten)
|
|
Assignee | |
Comment 2•13 years ago
|
||
correction, test_canvas.html starts failing.
|
||
Comment 3•13 years ago
|
||
This is certainly an improvement! We're not getting lucky most of the time however, and I could r+ this, however the code you're fixing is from the unreviewed patch from bug 600760 :). In other words it's not being tested (it's not even present) at the moment and that's probably the only reason the test doesn't fail without your patch queue, since that patch is in your patch queue.
|
|
Assignee | |
Comment 4•13 years ago
|
||
Aha! Well then, feel free to roll this into bug 600760.
|
|
||
Comment 5•13 years ago
|
||
(In reply to comment #4) > Aha! Well then, feel free to roll this into bug 600760. Will do! Thanks for catching this. I hope it didn't cause too much trouble.
|
|
||
Comment 6•13 years ago
|
||
Comment on attachment 520126 [details] [diff] [review] fix This was fixed in the original patch this bug was in.
Attachment #520126 -
Flags: review?(bas.schouten)
|
|
||
Updated•13 years ago
|
Status: NEW → RESOLVED
Closed: 13 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•