https://bugzilla.novell.com/show_bug.cgi?id=274842 ------- Comment #7 from eich@novell.com 2007-05-17 01:47 MST ------- The return 0; in the security patch should read: return (XImage *) NULL; But XCreateImage() has been implemented to return NULL under certain circumstances which isn't documented in the man page. On the other hand the security patch changed the sematincs of XCreateImage(): it now does stricter checking on the validity of the parameters passed to it. I don't quite see the reason for this fix in #252958: if image_bytes_per_line is too small to accomodate width at depth XGetPixels() would read in the wrong place (but not further to the end of the image date). XCreateImage() is not responsible for allocating the image data area. The caller (ie. the application) is. IHMO the segfault can only happen if the caller allocated the data area based on this bogus value. However this is solely in the responsibility of the caller and not Xlib. Even with a sane value the caller could always allocate too little memory. So returning 0 is just a hint for the caller that it may have passed a nonsensical value. I don't know why IDL does this as this broken pixmap is of not much use, but it may just be that IDL is wired in a way that this doesn't matter. I'm more concerned about released ISV applications that are deployed today which may be affected by this behavoir as the IDL example shows that an application can live happily with broken values for a very long time. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.