Brush fill crash with large screen
An award-winning drawing program for children of all ages
Brought to you by:
wkendrick
Menu
▾
▴
#269 Brush fill crash with large screen
Originaly reported on twitter: https://twitter.com/Miyagi_Andel/status/1605139280539557888
Andel reported that around 15 seconds of continuous use of the tool trigger this, but it had nothing to do with that.
I comfirmed the crash can be reproduceable always with following step not only on windows but also on Linux.
- Start Tux Paint with large screen (ex 1600x960
- Select brush fill tool
- Drag to the top or bottm of the canvas
I remember quite similar issue:
https://sourceforge.net/p/tuxpaint/tuxpaint/ci/81fff34795d60208a4952193d5dba321326c66a1/
It doesn't crashes here in my box, Debian Sid, but valgrind claims about invalid reads in draw_brush_fill_single()
The attached patch adds a barrier to only process if the pixel is within the limits, and valgrind stops complaining but I don't know if the patch fixes the crash.
Please test.
BTW, Valgrind also complains about invalid reads in draw_radial_gradient()...
Thanks!
It surely stopped the crash.
Should we do something for another Valgrind's complaint ?
If not, I will build 0.9.28-3 for Windows and ask Bill to release them.
Oh yikes, yeah that'd do it (cause a crash). Sorry about that :-/
I'll test, and will look at the radial one, too. Thanks so much!
Committed some bounds checking in both routines, based on Pere's diff, over in https://sourceforge.net/p/tuxpaint/tuxpaint/ci/c13c6e1dcb87bcf58dd8c1b1cf2683d1aee5ace0/
Thanks, all!