[Webkit-unassigned] [Bug 37751] New: Infinite recursion in WebCore::SVGPatternElement::buildPattern leads to stack exhaustion
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sat Apr 17 02:32:48 PDT 2010
https://bugs.webkit.org/show_bug.cgi?id=37751
Summary: Infinite recursion in
WebCore::SVGPatternElement::buildPattern leads to
stack exhaustion
Product: WebKit
Version: 528+ (Nightly build)
Platform: All
OS/Version: All
Status: UNCONFIRMED
Severity: Normal
Priority: P2
Component: SVG
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: tk.chromium at googlemail.com
Opening the attached SVG file causes infinite recursion in
WebCore::SVGPatternElement::buildPattern, which leads to stack exhaustion.
Code snippet:
http://svn.webkit.org/repository/webkit/trunk/WebCore/svg/SVGPatternElement.cpp
[..]
void SVGPatternElement::buildPattern(const FloatRect& targetRect) const
{
[..]
// Render subtree into ImageBuffer
for (Node* n = attributes.patternContentElement()->firstChild(); n; n =
n->nextSibling()) {
if (!n->isSVGElement() || !static_cast<SVGElement*>(n)->isStyled() ||
!n->renderer())
continue;
renderSubtreeToImage(patternImage.get(), n->renderer());
}
[..]
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list