To my regret, a crash still occurs when I start openbve in Linux Mint 17. The libgdiplus version reported by synaptic is the one mentioned above.
-- You received this bug notification because you are a member of Desktop Packages, which is subscribed to libgdiplus in Ubuntu. https://bugs.launchpad.net/bugs/1296786 Title: Use of Uninitialized variable, when loading certain png files. Status in “libgdiplus” package in Ubuntu: Fix Released Bug description: Png details that causes this crash: Find Dictionary.png... Image Width: 16 Image Length: 16 Bitdepth (Bits/Sample): 8 Channels (Samples/Pixel): 1 Pixel depth (Pixel Depth): 8 Colour Type (Photometric Interpretation): PALETTED COLOUR with alpha (256 colours, 1 transparent) Image filter: Single row per byte filter Interlacing: No interlacing Compression Scheme: Deflate method 8, 32k window Resolution: 2834, 2834 (pixels per meter) FillOrder: msb-to-lsb Byte Order: Network (Big Endian) Number of text strings: 0 of 0 Problem code is: File: pngcode.c Function: gdip_load_png_image_from_file_or_stream Problem: use of a call to png_get_tRNS without checking return value. For this png return value is 0 (fail), and this causes use of a uninitialized variables trans_color and num_trans. This causes seg fault if trans_color or num_trans. happen to be certian values. I will a minimal test case that can be build using mono. I will also attach a suggested patch, that checks return value of png_get_tRNS, and doesn't attempt to use unitilized variables. StackTrace looks like this: at <unknown> <0xffffffff> at (wrapper managed-to-native) System.Drawing.GDIPlus.GdipLoadImageFromDelegate_linux (System.Drawing.GDIPlus/StreamGetHeaderDelegate,System.Drawing.GDIPlus/StreamGetBytesDelegate,System.Drawing.GDIPlus/StreamPutBytesDelegate,System.Drawing.GDIPlus/StreamSeekDelegate,System.Drawing.GDIPlus/StreamCloseDelegate,System.Drawing.GDIPlus/StreamSizeDelegate,intptr&) <0xffffffff> at System.Drawing.Image.InitFromStream (System.IO.Stream) <0x001b3> at System.Drawing.Image..ctor (System.Runtime.Serialization.SerializationInfo,System.Runtime.Serialization.StreamingContext) <0x0010f> at System.Drawing.Bitmap..ctor (System.Runtime.Serialization.SerializationInfo,System.Runtime.Serialization.StreamingContext) <0x0002f> at (wrapper runtime-invoke) <Module>.runtime_invoke_void__this___object_StreamingContext (object,intptr,intptr,intptr) <0xffffffff> at <unknown> <0xffffffff> at (wrapper managed-to-native) System.Reflection.MonoCMethod.InternalInvoke (System.Reflection.MonoCMethod,object,object[],System.Exception&) <0xffffffff> at System.Reflection.MonoCMethod.InternalInvoke (object,object[]) <0x0003f> at System.Reflection.MonoCMethod.DoInvoke (object,System.Reflection.BindingFlags,System.Reflection.Binder,object[],System.Globalization.CultureInfo) <0x00103> at System.Reflection.MonoCMethod.Invoke (object,System.Reflection.BindingFlags,System.Reflection.Binder,object[],System.Globalization.CultureInfo) <0x00083> at System.Reflection.MethodBase.Invoke (object,object[]) <0x00032> at System.Runtime.Serialization.ObjectRecord.LoadData (System.Runtime.Serialization.ObjectManager,System.Runtime.Serialization.ISurrogateSelector,System.Runtime.Serialization.StreamingContext) <0x002ff> at System.Runtime.Serialization.ObjectManager.DoFixups () <0x0015f> at System.Runtime.Serialization.Formatters.Binary.ObjectReader.ReadNextObject (System.IO.BinaryReader) <0x00051> at System.Runtime.Serialization.Formatters.Binary.ObjectReader.ReadObjectGraph (System.Runtime.Serialization.Formatters.Binary.BinaryElement,System.IO.BinaryReader,bool,object&,System.Runtime.Remoting.Messaging.Header[]&) <0x0010b> at System.Runtime.Serialization.Formatters.Binary.BinaryFormatter.NoCheckDeserialize (System.IO.Stream,System.Runtime.Remoting.Messaging.HeaderHandler) <0x00143> at System.Runtime.Serialization.Formatters.Binary.BinaryFormatter.Deserialize (System.IO.Stream) <0x0001f> at System.Resources.ResourceReader.ReadNonPredefinedValue (System.Type) <0x0003f> at System.Resources.ResourceReader.ReadValueVer2 (int) <0x00443> at System.Resources.ResourceReader.LoadResourceValues (System.Resources.ResourceReader/ResourceCacheItem[]) <0x0021f> at System.Resources.ResourceReader/ResourceEnumerator.FillCache () <0x0009b> at System.Resources.ResourceReader/ResourceEnumerator..ctor (System.Resources.ResourceReader) <0x00053> at System.Resources.ResourceReader.GetEnumerator () <0x00033> at System.Resources.ResourceSet.ReadResources () <0x0008d> at System.Resources.ResourceSet.GetObjectInternal (string,bool) <0x0006b> at System.Resources.ResourceSet.GetObject (string,bool) <0x00027> at System.Resources.RuntimeResourceSet.GetObject (string,bool) <0x00033> at System.Resources.ResourceManager.GetObject (string,System.Globalization.CultureInfo) <0x000a1> at PngTest.MainClass.Main (string[]) <0x0007c> at (wrapper runtime-invoke) <Module>.runtime_invoke_void_object (object,intptr,intptr,intptr) <0xffffffff> To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libgdiplus/+bug/1296786/+subscriptions -- Mailing list: https://launchpad.net/~desktop-packages Post to : desktop-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~desktop-packages More help : https://help.launchpad.net/ListHelp
