[EGIT] [core/efl] efl-1.24 01/01: evas: fix png regression issue

Thu, 07 May 2020 00:44:00 -0700 

raster pushed a commit to branch efl-1.24.

http://git.enlightenment.org/core/efl.git/commit/?id=6a5b253a72f659f36d6e19bf467672c529d56b86

commit 6a5b253a72f659f36d6e19bf467672c529d56b86
Author: Shinwoo Kim <[email protected]>
Date:   Thu May 7 12:15:02 2020 +0900

    evas: fix png regression issue
    
    Summary:
    Accidentally commit "382c580 evas: add support for .9.png file to PNG 
loader."
    adding the 9 patch feature with small code refactoring made use of setjmp
    incorrectly.
    
    [Problem]
    evas_image_load_file_data_png calls _evas_image_load_file_internal_head_png,
    and _evas_image_load_file_internal_head_png calls setjmp and returns without
    problem. And png_read_row calls longjmp. This causes jumping into a function
    which was exited. Problematic png file will be attached.
    
    [Solution]
    Save calling environment i.e. call setjmp, after returning from
    _evas_image_load_file_internal_head_png.
    
    Test Plan:
    Problematic png file
    {F3876983}
    
    And example code.
    {F3876986}
    
    Reviewers: Hermet, jsuya, herb
    
    Reviewed By: Hermet
    
    Subscribers: cedric, #reviewers, #committers
    
    Tags: #efl
    
    Differential Revision: https://phab.enlightenment.org/D11782
---
 src/modules/evas/image_loaders/png/evas_image_load_png.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/src/modules/evas/image_loaders/png/evas_image_load_png.c 
b/src/modules/evas/image_loaders/png/evas_image_load_png.c
index 3af01a1a2d..5b8d33f8d3 100644
--- a/src/modules/evas/image_loaders/png/evas_image_load_png.c
+++ b/src/modules/evas/image_loaders/png/evas_image_load_png.c
@@ -316,6 +316,12 @@ evas_image_load_file_head_with_data_png(void *loader_data,
    if (!_evas_image_load_file_internal_head_png(loader, prop, &epi, error, 
EINA_FALSE))
      return EINA_FALSE;
 
+   if (setjmp(png_jmpbuf(epi.png_ptr)))
+     {
+        *error = EVAS_LOAD_ERROR_CORRUPT_FILE;
+        goto close_file;
+     }
+
    image_w = epi.w32;
    image_h = epi.h32;
 
@@ -613,6 +619,12 @@ evas_image_load_file_data_png(void *loader_data,
    if (!_evas_image_load_file_internal_head_png(loader, prop, &epi, error, 
EINA_FALSE))
      return EINA_FALSE;
 
+   if (setjmp(png_jmpbuf(epi.png_ptr)))
+     {
+        *error = EVAS_LOAD_ERROR_CORRUPT_FILE;
+        goto close_file;
+     }
+
    image_w = epi.w32;
    image_h = epi.h32;
    if (opts->emile.scale_down_by > 1)

--

Reply via email to