[bug #44057] -[NSBitmapImageRep copy] can cause image corruption (overlapping memory pointers)

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

[bug #44057] -[NSBitmapImageRep copy] can cause image corruption (overlapping memory pointers)

dsdsdsds
URL:
  <http://savannah.gnu.org/bugs/?44057>

                 Summary: -[NSBitmapImageRep copy] can cause image corruption
(overlapping memory pointers)
                 Project: GNUstep
            Submitted by: tedge
            Submitted on: Wed 21 Jan 2015 03:44:05 AM GMT
                Category: Gui/AppKit
                Severity: 3 - Normal
              Item Group: Bug
                  Status: None
                 Privacy: Public
             Assigned to: None
             Open/Closed: Open
         Discussion Lock: Any

    _______________________________________________________

Details:

    Setup: VirtualBox 4.3 + Ubuntu 14.04 guest, GNUstep from current SVN trunk
(used script:
http://lists.gnu.org/archive/html/discuss-gnustep/2014-05/msg00049.html )

    NSBitmapImageRep member, _imageData, is declared as NSData, however it is
initialized as NSMutableData:
-initWithBitmapDataPlanes:.. (NSBitmapImageRep.m:532).
-initWithFocusedViewRect: (sets it to the NSMutableData object from the dict
returned by -[NSGraphicsContext GSReadRect:], NSBitmapImageRep.m:347)

    -[NSBitmapImageRep copyWithZone:] returns an instance with the _imageData
member set to immutable data, because it copies _imageData using
-copyWithZone: (returns an immutable object) instead of -mutableCopyWithZone:
(returns a mutable one). (NBitmapImageRep.m:1765)

    The returned copy seems to work OK despite _imageData being immutable,
however, any additional copies made from this copy will not only have
immutable _imageData, but will also share the same pointer for data memory.
(Calling -copyWithZone: on immutable data only copies the original's data
pointer instead of allocating more memory & copying the bytes).

    Writing pixels to any bitmap copy that has overlapping _imageData memory
will unexpectedly change (corrupt) the pixel data in the other copies as
well.
   
    The attached patch fixes the issue by copying _imageData as a mutable
object instead of immutable: changed the call from -copyWithZone: to
-mutableCopyWithZone:. Test program is also attached.




    _______________________________________________________

File Attachments:


-------------------------------------------------------
Date: Wed 21 Jan 2015 03:44:05 AM GMT  Name: nsbitmapimagerep_copy_test.m
Size: 2kB   By: tedge

<http://savannah.gnu.org/bugs/download.php?file_id=32879>
-------------------------------------------------------
Date: Wed 21 Jan 2015 03:44:05 AM GMT  Name: NSBitmapImageRep_Copy.patch
Size: 491B   By: tedge

<http://savannah.gnu.org/bugs/download.php?file_id=32880>

    _______________________________________________________

Reply to this item at:

  <http://savannah.gnu.org/bugs/?44057>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.gnu.org/


_______________________________________________
Bug-gnustep mailing list
[hidden email]
https://lists.gnu.org/mailman/listinfo/bug-gnustep
Reply | Threaded
Open this post in threaded view
|

[bug #44057] -[NSBitmapImageRep copy] can cause image corruption (overlapping memory pointers)

dsdsdsds
Update of bug #44057 (project gnustep):

                  Status:          Ready For Test => Fixed                  
             Open/Closed:                 In Test => Closed                


    _______________________________________________________

Reply to this item at:

  <http://savannah.gnu.org/bugs/?44057>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.gnu.org/


_______________________________________________
Bug-gnustep mailing list
[hidden email]
https://lists.gnu.org/mailman/listinfo/bug-gnustep