From a76f515569822d2261fc829e834404c8ed878608 Mon Sep 17 00:00:00 2001 From: Benjamin Otte Date: Fri, 16 Jul 2021 17:48:25 +0200 Subject: [PATCH] cssimagecrossfade: Don't abort() when failing to parse image The code wasn't checking if parsing an image failed and just returning success. Testcase from bug is attached. Fixes #4101 --- gtk/gtkcssimagecrossfade.c | 16 +++++++++++----- testsuite/css/parser/cross-fade-crash-4101.css | 3 +++ .../css/parser/cross-fade-crash-4101.errors | 1 + .../css/parser/cross-fade-crash-4101.ref.css | 0 testsuite/css/parser/meson.build | 3 +++ 5 files changed, 18 insertions(+), 5 deletions(-) create mode 100644 testsuite/css/parser/cross-fade-crash-4101.css create mode 100644 testsuite/css/parser/cross-fade-crash-4101.errors create mode 100644 testsuite/css/parser/cross-fade-crash-4101.ref.css diff --git a/gtk/gtkcssimagecrossfade.c b/gtk/gtkcssimagecrossfade.c index fadd11331d..6953606c8e 100644 --- a/gtk/gtkcssimagecrossfade.c +++ b/gtk/gtkcssimagecrossfade.c @@ -312,7 +312,13 @@ parse_image (GtkCssParser *parser, GtkCssImage **image = option_data; if (_gtk_css_image_can_parse (parser)) - *image = _gtk_css_image_new_parse (parser); + { + *image = _gtk_css_image_new_parse (parser); + if (*image == NULL) + return FALSE; + + return TRUE; + } else if (gtk_css_color_value_can_parse (parser)) { GtkCssValue *color; @@ -322,11 +328,11 @@ parse_image (GtkCssParser *parser, return FALSE; *image = _gtk_css_image_fallback_new_for_color (color); - } - else - return FALSE; - return TRUE; + return TRUE; + } + + return FALSE; } static guint diff --git a/testsuite/css/parser/cross-fade-crash-4101.css b/testsuite/css/parser/cross-fade-crash-4101.css new file mode 100644 index 0000000000..79180f9232 --- /dev/null +++ b/testsuite/css/parser/cross-fade-crash-4101.css @@ -0,0 +1,3 @@ +a { + background: cross-fade(8% -gtk-icontheme("system-run-symbolic"), image()); +} diff --git a/testsuite/css/parser/cross-fade-crash-4101.errors b/testsuite/css/parser/cross-fade-crash-4101.errors new file mode 100644 index 0000000000..25d4bec65f --- /dev/null +++ b/testsuite/css/parser/cross-fade-crash-4101.errors @@ -0,0 +1 @@ +cross-fade-crash-4101.css:2:74-75: error: GTK_CSS_PARSER_ERROR_SYNTAX diff --git a/testsuite/css/parser/cross-fade-crash-4101.ref.css b/testsuite/css/parser/cross-fade-crash-4101.ref.css new file mode 100644 index 0000000000..e69de29bb2 diff --git a/testsuite/css/parser/meson.build b/testsuite/css/parser/meson.build index 2d476f018d..e161d48835 100644 --- a/testsuite/css/parser/meson.build +++ b/testsuite/css/parser/meson.build @@ -212,6 +212,9 @@ test_data = [ 'comment-detection.css', 'comment-detection.ref.css', 'cross-fade-basic.css', + 'cross-fade-crash-4101.css', + 'cross-fade-crash-4101.errors', + 'cross-fade-crash-4101.ref.css', 'css-21-malformed-declarations.css', 'css-21-malformed-declarations.errors', 'css-21-malformed-declarations.ref.css',