Uploaded image for project: 'Qt'
  1. Qt
  2. QTBUG-7161

qpnghandler contains a bug that does not check for null pointers

    XMLWordPrintable

Details

    • Bug
    • Resolution: Done
    • Not Evaluated
    • 4.6.1
    • 4.6.0
    • Core: I/O, Image formats
    • None
    • Windows XP, none platform specific
    • 80e6ea3e871fa9f0e5a21d48ad893d4ec59c5c1c

    Description

      QImageWriter has a bug where sometimes it will cause an exception because of null pointers. I tracked down the issue to line 855 in qpnghandler.cpp

      const uchar *data = image.bits();
      int bpl = image.bytesPerLine();
      row_pointers = new png_bytep[height];
      uint y;
      for (y=0; y<height; y++)

      { row_pointers[y] = (png_bytep)(data + y * bpl); }

      png_write_image(png_ptr, row_pointers);

      Notice how const uchar* data is set to image.bits and it assumes that it is valid. The problem is bits always calls "detach()" in this function (since QImageWriter operates on a separate reference so the function performs a deep copy of the shared data) which returns 0 when it is out of memory. All that needs to be done to fix this bug is to check of data is NULL before proceeding and reporting an out of memory error when it is NULL.

      Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

        Activity

          People

            rweather Rhys Weatherley (closed Nokia identity) (Inactive)
            davidy David Yen
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Gerrit Reviews

                There are no open Gerrit changes