This bug report was migrated from our old Bugzilla tracker.

These attachments are available in the static archive:

• XCF file which causes the bug (deftitle1_v011.xcf, image/x-xcf, 2018-12-04 12:34:36 +0000, 173042 bytes)
• patch for the infinite loop (SDL_image-1.2.12.XCF_infinite_loop.patch, text/plain, 2018-12-04 12:35:50 +0000, 2573 bytes)
• support XCF files with 64bits offsets (SDL_image-1.2.12.XCF_v11_64bits_offsets.patch, text/plain, 2018-12-04 12:36:24 +0000, 6638 bytes)
• Patch to ignore load leves > 1, just as Gimp (SDL_image_XCF_v11_load_level.patch, text/plain, 2018-12-04 12:41:38 +0000, 1691 bytes)
• patch for the infinite loop - SLD-1.2-current (SDL_image-1.2-current.XCF_infinite_loop.patch, text/plain, 2018-12-06 12:34:53 +0000, 2588 bytes)
• patch to support XCF files with 64bits offset - SDL-1.2-current (SDL_image-1.2-current.XCF_v11_64bits_offsets.hg.patch, text/plain, 2018-12-06 12:45:42 +0000, 7055 bytes)
• Patch to ignore load leves > 1, just as Gimp - SDL-1.2-current (SDL_image-1.2-current.XCF_ignore_levels.patch, text/plain, 2018-12-06 12:58:47 +0000, 2308 bytes)
• patch to support XCF files with 64bits offset - default branch (SDL_image-default.XCF.v11_64bits_offsets.patch, text/plain, 2018-12-06 13:13:57 +0000, 6979 bytes)
• Patch to ignore load leves > 1, just as Gimp -default branch (SDL_image-default.XCF_ignore_levels.patch, text/plain, 2018-12-06 13:21:17 +0000, 2029 bytes)

Reported in version: 1.2.12
Reported for operating system, platform: All, All

Comments on the original bug report:

On 2018-12-04 12:34:36 +0000, miniupnp@free.fr wrote:

Created attachment 3524
XCF file which causes the bug

I have a legitimate .xcf file (see attached)
which cause SDL 1.2.x to be stuck in an infinite loop when trying to load it.

On 2018-12-04 12:35:50 +0000, miniupnp@free.fr wrote:

Created attachment 3525
patch for the infinite loop

On 2018-12-04 12:36:24 +0000, miniupnp@free.fr wrote:

Created attachment 3526
support XCF files with 64bits offsets

On 2018-12-04 12:41:38 +0000, miniupnp@free.fr wrote:

Created attachment 3527
Patch to ignore load leves > 1, just as Gimp

there is a bug in the saving code of gimp
https://gitlab.gnome.org/GNOME/gimp/issues/2604

So this patch is to avoid loading buggy data

On 2018-12-04 12:42:28 +0000, miniupnp@free.fr wrote:

I think at least the infinite loop should be patched ASAP as it can causes denial of service attacks

On 2018-12-05 15:58:44 +0000, Sam Lantinga wrote:

These don't cleanly apply. Can you attach new patches against the code in Mercurial?
https://hg.libsdl.org/SDL_image/

Thanks!

On 2018-12-06 12:27:15 +0000, miniupnp@free.fr wrote:

my current patches are against SDL_image 1.2.12

I'm going to make patches for SDL_image branch default and SDL-1.2

On 2018-12-06 12:34:53 +0000, miniupnp@free.fr wrote:

Created attachment 3528
patch for the infinite loop - SLD-1.2-current

On 2018-12-06 12:45:42 +0000, miniupnp@free.fr wrote:

Created attachment 3529
patch to support XCF files with 64bits offset - SDL-1.2-current

On 2018-12-06 12:58:47 +0000, miniupnp@free.fr wrote:

Created attachment 3530
Patch to ignore load leves > 1, just as Gimp - SDL-1.2-current

On 2018-12-06 13:04:12 +0000, miniupnp@free.fr wrote:

patch for the infinite loop - SLD-1.2-current
also apply cleanly on default (2.0) branch

On 2018-12-06 13:13:57 +0000, miniupnp@free.fr wrote:

Created attachment 3531
patch to support XCF files with 64bits offset - default branch

On 2018-12-06 13:21:17 +0000, miniupnp@free.fr wrote:

Created attachment 3532
Patch to ignore load leves > 1, just as Gimp -default branch

On 2018-12-06 13:24:14 +0000, miniupnp@free.fr wrote:

I attached the patch for both hg branches default and SDL-1.2.
patch order :

default :
SDL_image-1.2-current.XCF_infinite_loop.patch
SDL_image-default.XCF.v11_64bits_offsets.patch
SDL_image-default.XCF_ignore_levels.patch

SDL-1.2 :
SDL_image-1.2-current.XCF_infinite_loop.patch
SDL_image-1.2-current.XCF_v11_64bits_offsets.hg.patch
SDL_image-1.2-current.XCF_ignore_levels.patch

On 2018-12-08 19:31:42 +0000, Sam Lantinga wrote:

Thank you for the clean set of patches. These are now in:
https://hg.libsdl.org/SDL_image/rev/2346808be360
https://hg.libsdl.org/SDL_image/rev/6536f264b1eb
https://hg.libsdl.org/SDL_image/rev/d3c9832b95fb
https://hg.libsdl.org/SDL_image/rev/68f958f43339
https://hg.libsdl.org/SDL_image/rev/1d88a9866410
https://hg.libsdl.org/SDL_image/rev/1d33bfccd462

On 2020-10-26 16:22:34 +0000, Ozkan Sezer wrote:

The 64bits offset patch, as it seems, broke loading xcf files,
both in 1.2 and default branches. See:
https://bugzilla.libsdl.org/show_bug.cgi?id=4935
https://bugzilla.libsdl.org/show_bug.cgi?id=4936

On 2020-10-26 22:36:59 +0000, miniupnp@free.fr wrote:

(In reply to Ozkan Sezer from comment # 15)

The 64bits offset patch, as it seems, broke loading xcf files,
both in 1.2 and default branches. See:
https://bugzilla.libsdl.org/show_bug.cgi?id=4935
https://bugzilla.libsdl.org/show_bug.cgi?id=4936

I think I fixed it. See https://bugzilla.libsdl.org/show_bug.cgi?id=4935

On 2020-10-26 23:06:48 +0000, Ozkan Sezer wrote:

(In reply to miniupnp@free.fr from comment # 16)

(In reply to Ozkan Sezer from comment # 15)

The 64bits offset patch, as it seems, broke loading xcf files,
both in 1.2 and default branches. See:
https://bugzilla.libsdl.org/show_bug.cgi?id=4935
https://bugzilla.libsdl.org/show_bug.cgi?id=4936

I think I fixed it. See https://bugzilla.libsdl.org/show_bug.cgi?id=4935

OK, tracking the issue in # 4935. Re-closing this one.