Details
-
Bug
-
Resolution: Done
-
P2: Important
-
4.6.0
-
None
-
-
cfa2c8edab18e810749ad7df29c0b3b4f83f7140
Description
The bug can be reproduced by creating a QPixmap object, loading a small image, and then loading a bigger image. It seems to exercise a memcpy() overrun in the old buffer, since it tries to copy the old buffer into the new buffer but using the new buffer's size.
Tentative patch attached.