[Webkit-unassigned] [Bug 40837] Chrome/Safari Crashes on SVG Image
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Jun 23 06:53:12 PDT 2010
https://bugs.webkit.org/show_bug.cgi?id=40837
inferno at chromium.org changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |inferno at chromium.org
--- Comment #6 from inferno at chromium.org 2010-06-23 06:53:12 PST ---
W. James, you might want to use http://upload.wikimedia.org/wikipedia/commons/d/d9/Unix_history-simple.en.svg (from security bug https://bugs.webkit.org/show_bug.cgi?id=39253) as your testcase since it reliably crashes every time i use it :). Dirk is already taking a look at 39253. Also have a quick question, do you see any security issue like memory corruption, etc inside debugger. when we were testing bug 39253, we could also reproduce a null ptr exception arising from a imagebuffer can't being allocated from large size. If that is the case, we can unhide/remove security flags from 39253 as well. Otherwise, we need to mark this bug as security and hide it.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list