Details
-
Bug
-
Resolution: Done
-
P3: Somewhat important
-
4.8.6, 5.3.1
-
None
-
Windows, Max OS, Linux
-
0afc80c9225ca9630f627fe1aea3d4fd7f958082 416272fbc4a6b88433eed7f01a37dd77b02b327f
Description
When scaling images with big width, e.g. (60000x1), there is a crash internally in Qt.
When no crash happens part of the scaled image is corrupted.
This is a simple code snippet to reproduce the problem
QImage img(QSize(60000, 1), QImage::Format_RGB32);
img.fill(Qt::black);
QImage imgScaled = img.scaled(QSize(600, 1), Qt::KeepAspectRatio);
imgScaled.save("a.bmp");
The crash is due to an integer overflow happening both in internal functions qt_scale_image_16bit and qt_scale_image_32bit (implemented in src/gui/painting/qblendfunctions_p.h) in internal loop when srcx counter is increased.
The problem affects latest Qt 4 and Qt 5 versions (Qt 5.3.1 and Qt 4.8.6) on all platforms I tested (Windows, Mac, Linux)
Attachments
| For Gerrit Dashboard: QTBUG-40297 | ||||||
|---|---|---|---|---|---|---|
| # | Subject | Branch | Project | Status | CR | V |
| 90926,2 | Don't convert signed to unsigned when we need all 32bit | 5.3 | qt/qtbase | Status: MERGED | +2 | 0 |
| 91043,2 | Don't convert signed to unsigned when we need all 32bit | 4.8 | qt/qt | Status: MERGED | +2 | 0 |