[Desktop-packages] [Bug 955927] Re: reliable crash when previewing certain svg files.

Fri, 16 Mar 2012 02:45:40 -0700 

** Changed in: librsvg
       Status: Unknown => New

** Changed in: librsvg
   Importance: Unknown => Medium

-- 
You received this bug notification because you are a member of Desktop
Packages, which is subscribed to librsvg in Ubuntu.
https://bugs.launchpad.net/bugs/955927

Title:
  reliable crash when previewing certain svg files.

Status in libRSVG - SVG Rendering Library:
  New
Status in “librsvg” package in Ubuntu:
  Triaged

Bug description:
  On my 11.04 system if I have the following svg file in a directory:
  <svg><script>alert(4);</script></svg> 
  (say in a file called 'svg.svg')
   when I go and preview it (I found that I sometimes have to copy it / move 
around to get trigger nautlius to trigger the 'preview' view) nautilus reliably 
crashes. (The backtrace suggests that it might be a bug in librsvg-2.so.2).

  Here is some gdb output:

  
  Program received signal SIGSEGV, Segmentation fault.
  [Switching to Thread 0x7f9ddc022700 (LWP 29529)]
  0x00007f9de62045c9 in g_hash_table_size () from 
/lib/x86_64-linux-gnu/libglib-2.0.so.0
  (gdb) i r
  rax            0x0    0
  rbx            0x7f9da4003aa0 140315038071456
  rcx            0x0    0
  rdx            0x0    0
  rsi            0x7f9dd000b3d0 140315776299984
  rdi            0x400000004    17179869188
  rbp            0x7f9dd000b3d0 0x7f9dd000b3d0
  rsp            0x7f9ddc0207e0 0x7f9ddc0207e0
  r8             0x0    0
  r9             0x0    0
  r10            0x0    0
  r11            0x1    1
  r12            0x1    1
  r13            0x0    0
  r14            0x0    0
  r15            0x7f9da4005c1f 140315038080031
  rip            0x7f9de62045c9 0x7f9de62045c9 <g_hash_table_size+9>
  eflags         0x10202        [ IF RF ]
  cs             0x33   51
  ss             0x2b   43
  ds             0x0    0
  es             0x0    0
  fs             0x0    0
  gs             0x0    0
  (gdb) bt
  #0  0x00007f9de62045c9 in g_hash_table_size () from 
/lib/x86_64-linux-gnu/libglib-2.0.so.0
  #1  0x00007f9dd5464045 in ?? () from /usr/lib/librsvg-2.so.2
  #2  0x00007f9de5ec0bf5 in ?? () from /usr/lib/libxml2.so.2
  #3  0x00007f9de5ec7fd2 in ?? () from /usr/lib/libxml2.so.2
  #4  0x00007f9de5ec8de0 in xmlParseChunk () from /usr/lib/libxml2.so.2
  #5  0x00007f9dd546c81f in rsvg_handle_write () from /usr/lib/librsvg-2.so.2
  #6  0x00007f9dd567bc11 in ?? () from 
/usr/lib/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-svg.so
  #7  0x00007f9de726e805 in ?? () from /usr/lib/libgdk_pixbuf-2.0.so.0
  #8  0x00007f9de726f2f8 in gdk_pixbuf_loader_close () from 
/usr/lib/libgdk_pixbuf-2.0.so.0
  #9  0x00007f9de88efcaa in ?? () from /usr/lib/libgnome-desktop-2.so.17
  #10 0x00007f9de88f029c in gnome_desktop_thumbnail_factory_generate_thumbnail 
() from /usr/lib/libgnome-desktop-2.so.17
  #11 0x0000000000500fbb in ?? ()
  #12 0x00007f9de4ee5e9a in start_thread (arg=0x7f9ddc022700) at 
pthread_create.c:308
  #13 0x00007f9de4c1374d in clone () at 
../sysdeps/unix/sysv/linux/x86_64/clone.S:112
  #14 0x0000000000000000 in ?? ()
  (gdb) 

  
  a command file or a user-defined command.
  (gdb) i frame
  Stack level 0, frame at 0x7f9ddc0207f0:
   rip = 0x7f9de62045c9 in g_hash_table_size; saved rip 0x7f9dd5464045
   called by frame at 0x7f9ddc020810
   Arglist at 0x7f9ddc0207d8, args: 
   Locals at 0x7f9ddc0207d8, Previous frame's sp is 0x7f9ddc0207f0
   Saved registers:
    rip at 0x7f9ddc0207e8

To manage notifications about this bug go to:
https://bugs.launchpad.net/librsvg/+bug/955927/+subscriptions

-- 
Mailing list: https://launchpad.net/~desktop-packages
Post to     : [email protected]
Unsubscribe : https://launchpad.net/~desktop-packages
More help   : https://help.launchpad.net/ListHelp

Reply via email to