Hi Renchen
On Wed, 16 Mar 2016 11:00:21 -0700, Renchen.Sun wrote:
> Not sure if it's the correct email address to talk about this. I use
> libnsbmp lib in my project and realize that it crashes on decoding a
> bmp file as attached in this email.
>
> Please take a look and fix it if possible. This bimap has rle-8
> encoding and it seems like libnsbmp has out-of-bound access to the
> memory.
I can reproduce this here. Can you raise it on the bugtracker please?
http://bugs.netsurf-browser.org
Thanks
Chris
Stack trace:
bmp_decode_rle.part.0()+0x40c (section 1 @ 0x2A02B0)
bmp_decode_rle.part.0()+0x60 (section 1 @ 0x29FF04)
[image/bmp.c:183] nsbmp_redraw()+0x88 (section 1 @ 0x14590C)
[content/content.c:636] content_scaled_redraw()+0x138 (section 1 @ 0xE7210)
[amiga/bitmap.c:593] bitmap_render()+0xbc (section 1 @ 0x22A4)
[desktop/browser_history.c:524] browser_window_history_add()+0x284 (section 1 @ 0x11DE98)
[desktop/browser.c:1409] browser_window_callback()+0x6ec (section 1 @ 0x11A978)
[content/hlcache.c:191] hlcache_content_callback()+0x4c (section 1 @ 0xF50D0)
[content/content.c:772] content_set_ready()+0xf8 (section 1 @ 0xE5ED8)
[image/bmp.c:168] nsbmp_convert()+0x148 (section 1 @ 0x145AB8)
[content/content.c:286] content_llcache_callback()+0x210 (section 1 @ 0xE62A4)
[content/llcache.c:3003] llcache_object_notify_users()+0x1ec (section 1 @ 0xF8678)
[content/llcache.c:3430] llcache_catch_up_all_users()+0x5c (section 1 @ 0xF882C)
[amiga/schedule.c:248] ami_schedule_handle()+0x16c (section 1 @ 0x3B3E0)
[amiga/gui.c:2819] ami_get_msg()+0x4f4 (section 1 @ 0x1D6B8)
[amiga/gui.c:5702] main()+0xea8 (section 1 @ 0x21798)
native kernel module newlib.library.kmod+0x000020ac
native kernel module newlib.library.kmod+0x00002d5c
native kernel module newlib.library.kmod+0x00002ef0
_start()+0x170 (section 1 @ 0x16C)
native kernel module dos.library.kmod+0x00024c18
native kernel module kernel+0x0003b648
native kernel module kernel+0x0003b6c8
No comments:
Post a Comment