Summary: | >=www-client/firefox{,-bin}-31.0 - segfault when opening this particular webm file - out of memory: 0xFFFFFFFFFFFFFFFF bytes requested | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | headcrabextra |
Component: | Current packages | Assignee: | Mozilla Gentoo Team <mozilla> |
Status: | RESOLVED FIXED | ||
Severity: | normal | ||
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://8chan.co/tex/src/1414374176674.webm | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- | |
Attachments: |
The webm file that crashes firefox
webm: ensure 'samples' is not negative |
Description
headcrabextra
2014-10-27 07:11:27 UTC
Created attachment 387496 [details]
The webm file that crashes firefox
Not specific to Gentoo as the same crash happens on Windows7. Crash occurs on 34.0_beta2 as well, and on firefox-bin-31.2. As mentioned this isn't a gentooism, but I'll try to apply the upstream patch as soon as it's available. Created attachment 387666 [details, diff] webm: ensure 'samples' is not negative This patch seems to take care of things -- 0xFFFFFFFF... just so happens to be about right for a near-zero negative integer, and this particular bit of code had integer subtractions wihtout checking if values went below zero. Upstream has addressed this another way for mozilla-35 , but I've submitted it there for inclusion in 34 and the next 31.x release: https://bugzilla.mozilla.org/show_bug.cgi?id=1090405 Once approved I'll apply it to our ebuilds as well. In the meantime you can use epatch_user to apply the attached, if you would like to test. Fixed in firefox-31.2-r1 and firefox-33.0-r1 (as well as seamonkey-2.30-r1) |