Status: Untriaged Owner: ---- Labels: Type-Bug Pri-2 OS-All Area-Misc Size-Medium purify Fixit
New issue 17264 by [email protected]: [IPR] Invalid pointer read in WebCore::GIFImageDecoder::haveDecodedRow(UINT,BYTE *,BYTE *,UINT,UINT,bool) in ErrorPageTest.DNSError http://code.google.com/p/chromium/issues/detail?id=17264 Reproducible with: ErrorPageTest.DNSError Sample error details: ===================== Invalid pointer read in WebCore::GIFImageDecoder::haveDecodedRow(UINT,BYTE *,BYTE *,UINT,UINT,bool) Error Location third_party/webkit/webcore/platform/image- decoders/gif/gifimagedecoder.cpp:368 WebCore::GIFImageDecoder::haveDecodedRow(UINT,BYTE *,BYTE *,UINT,UINT,bool) third_party/webkit/webcore/platform/image- decoders/gif/gifimagereader.cpp:163 GIFImageReader::output_row(void) third_party/webkit/webcore/platform/image- decoders/gif/gifimagereader.cpp:351 GIFImageReader::do_lzw(BYTE const*) third_party/webkit/webcore/platform/image- decoders/gif/gifimagereader.cpp:441 GIFImageReader::read(BYTE const*,UINT,GIFQuery::GIFImageDecoder::WebCore,UINT) third_party/webkit/webcore/platform/image- decoders/gif/gifimagedecoder.cpp:51 WebCore::GIFImageDecoderPrivate::decode(SharedBuffer::WebCore *,GIFQuery::GIFImageDecoder::WebCore,UINT) third_party/webkit/webcore/platform/image- decoders/gif/gifimagedecoder.cpp:238 WebCore::GIFImageDecoder::decode(GIFQuery::GIFImageDecoder::WebCore,UINT) third_party/webkit/webcore/platform/image- decoders/gif/gifimagedecoder.cpp:178 WebCore::GIFImageDecoder::frameBufferAtIndex(UINT) third_party/webkit/webcore/platform/graphics/skia/imagesourceskia.cpp:183 WebCore::ImageSource::createFrameAtIndex(UINT) third_party/webkit/webcore/platform/graphics/bitmapimage.cpp:121 WebCore::BitmapImage::cacheFrame(UINT) third_party/webkit/webcore/platform/graphics/bitmapimage.cpp:208 WebCore::BitmapImage::frameAtIndex(UINT) third_party/webkit/webcore/platform/graphics/bitmapimage.h:147 WebCore::BitmapImage::nativeImageForCurrentFrame(void) third_party/webkit/webcore/platform/graphics/skia/imageskia.cpp:423 WebCore::BitmapImage::draw(GraphicsContext::WebCore *,FloatRect::WebCore const&,FloatRect::WebCore const&,CompositeOperator::WebCore) third_party/webkit/webcore/platform/graphics/graphicscontext.cpp:452 WebCore::GraphicsContext::drawImage(Image::WebCore *,FloatRect::WebCore const&,FloatRect::WebCore const&,CompositeOperator::WebCore,bool) third_party/webkit/webcore/platform/graphics/graphicscontext.cpp:324 WebCore::GraphicsContext::drawImage(Image::WebCore *,IntRect::WebCore const&,IntRect::WebCore const&,CompositeOperator::WebCore,bool) third_party/webkit/webcore/platform/graphics/graphicscontext.cpp:314 WebCore::GraphicsContext::drawImage(Image::WebCore *,IntRect::WebCore const&,CompositeOperator::WebCore,bool) third_party/webkit/webcore/rendering/renderimage.cpp:430 WebCore::RenderImage::paintReplaced(PaintInfo::RenderObject::WebCore&,int,i nt) third_party/webkit/webcore/rendering/renderreplaced.cpp:141 WebCore::RenderReplaced::paint(PaintInfo::RenderObject::WebCore&,int,int) third_party/webkit/webcore/rendering/inlinebox.cpp:187 WebCore::InlineBox::paint(PaintInfo::RenderObject::WebCore&,int,int) third_party/webkit/webcore/rendering/inlineflowbox.cpp:653 WebCore::InlineFlowBox::paint(PaintInfo::RenderObject::WebCore&,int,int) third_party/webkit/webcore/rendering/inlineflowbox.cpp:653 WebCore::InlineFlowBox::paint(PaintInfo::RenderObject::WebCore&,int,int) third_party/webkit/webcore/rendering/rootinlinebox.cpp:185 WebCore::RootInlineBox::paint(PaintInfo::RenderObject::WebCore&,int,int) third_party/webkit/webcore/rendering/renderlineboxlist.cpp:203 WebCore::RenderLineBoxList::paint(RenderBoxModelObject::WebCore *,PaintInfo::RenderObject::WebCore&,int,int)const third_party/webkit/webcore/rendering/renderblock.cpp:1712 WebCore::RenderBlock::paintContents(PaintInfo::RenderObject::WebCore&,int,i nt) third_party/webkit/webcore/rendering/renderblock.cpp:1801 WebCore::RenderBlock::paintObject(PaintInfo::RenderObject::WebCore&,int,int ) third_party/webkit/webcore/rendering/renderblock.cpp:1605 WebCore::RenderBlock::paint(PaintInfo::RenderObject::WebCore&,int,int) third_party/webkit/webcore/rendering/renderblock.cpp:1738 WebCore::RenderBlock::paintChildren(PaintInfo::RenderObject::WebCore&,int,i nt) third_party/webkit/webcore/rendering/renderblock.cpp:1714 WebCore::RenderBlock::paintContents(PaintInfo::RenderObject::WebCore&,int,i nt) third_party/webkit/webcore/rendering/renderblock.cpp:1801 WebCore::RenderBlock::paintObject(PaintInfo::RenderObject::WebCore&,int,int ) third_party/webkit/webcore/rendering/renderblock.cpp:1605 WebCore::RenderBlock::paint(PaintInfo::RenderObject::WebCore&,int,int) third_party/webkit/webcore/rendering/renderblock.cpp:1738 WebCore::RenderBlock::paintChildren(PaintInfo::RenderObject::WebCore&,int,i nt) -- You received this message because you are listed in the owner or CC fields of this issue, or because you starred this issue. You may adjust your issue notification preferences at: http://code.google.com/hosting/settings --~--~---------~--~----~------------~-------~--~----~ Automated mail from issue updates at http://crbug.com/ Subscription options: http://groups.google.com/group/chromium-bugs -~----------~----~----~----~------~----~------~--~---
