#2845 TK library goes into an infinite loop

obsolete: 8.6b1.1
closed-fixed
5
2010-10-01
2010-09-30
No

The tk library goes into an infinite loop in the file generic/tkImgPhoto.c in function Tk_PhotoPutBlock in the following code:
/*
* Copy and merge pixels according to the compositing rule.
*/
for (hLeft = height; hLeft > 0;) {
int pixelSize = blockPtr->pixelSize;
int compRuleSet = (compRule == TK_PHOTO_COMPOSITE_SET);

srcLinePtr = blockPtr->pixelPtr + blockPtr->offset[0];
hCopy = MIN(hLeft, blockPtr->height);

hLeft -= hCopy;
for (; hCopy > 0; --hCopy) {
.....
}
}

The problem shows up when (for some yet unknown reason, the blockPtr->height is 0.
In that case, hCopy becomes 0 and the loop counter hLeft never gets decremented.

I have fixed this problem in the library I use by placing the following code after the line
hCopy = MIN(hLeft, blockPtr->height);

if(hCopy < 1) {
break;
}

Discussion

  • Jan Nijtmans

    Jan Nijtmans - 2010-10-01
    • assigned_to: nobody --> nijtmans
     
  • Donal K. Fellows

    Nothing should happen when the block is either zero-width or zero-height. (Either that or things should panic because this is a PEBCAK.) Fixed in HEAD; "don't do that" in previous versions.

     
  • Donal K. Fellows

    • milestone: --> obsolete: 8.6b1.1
    • assigned_to: nijtmans --> dkf
    • status: open --> closed-fixed
     

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks