mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-12-02 01:48:05 +00:00
99c29cce56
Before bug 753 landed, we implicitly tracked whether we'd called EndImageFrame() by setting mImageFrame to null inside EndImageFrame(). Once we stopped doing that, we tried writing to memory that had already been freed. (This memory is actually freed once we error out on the invalid GIF, but the internal state-tracking mechanics made it so we never wrote to that memory even though we have stale pointers to it. Unfortunately when we entered EndImageFrame() a second time, that state tracking was invalid and we attempted to write to the stale pointer.) This patch introduces a tracking variable, mCurrentFrame, which is set to the frame of the currently-decoding frame when we're in the middle of decoding it, and -1 otherwise. This ensures we don't enter EndImageFrame() a second time, restoring the functionality we had prior to bug 753. |
||
---|---|---|
.. | ||
build | ||
decoders | ||
encoders | ||
public | ||
src | ||
test | ||
Makefile.in |