Bug#493363: #493363 Some SVG images make kio_thumbnail / Konqueror take 95% CPU and more than 1GB of memory
On Sun, Aug 03, 2008 at 06:47:44PM +0100, Steve Cotton wrote:
> severity 493363 grave
> tags 493363 + patch
> Severity justification: This bug allocates memory in an infinite
> loop, which leads to the system near-freezing while thrashing,
> until the Xserver crashes.
> >From opening the attached minimal test case image in Konqueror,
> it's less than ten seconds before the system starts thrashing.
> In SVGAnimatedPointsImpl::parsePoints there's a for loop over an
> iterator. Each time through the loop takes two elements from the
> iterator, but only tests the exit condition once.
> A malformed SVG polygon with an odd number of coordinates will
> trigger the bug. A minimal test case is attached, as is a patch
> which will silently ignore such malformed polygons (while still
> rendering the rest of the SVG).
Nice. could you forward this patch to the KDE SVN, so they can merge it into
I would do but it is your patch :D