[Pidgin] #9120: Crash when changing buddy icon with mystatusbox enabled

Pidgin trac at pidgin.im
Wed May 6 00:00:47 EDT 2009 

#9120: Crash when changing buddy icon with mystatusbox enabled
------------------------+---------------------------------------------------
 Reporter:  darkrain42  |        Owner:  darkrain42
     Type:  defect      |       Status:  new       
Milestone:              |    Component:  libpurple 
  Version:  2.5.5       |   Resolution:            
 Keywords:  statusbox   |  
------------------------+---------------------------------------------------

Old description:

> The imgstore/buddy icons code doesn't handle references to the
> `PurpleStoredImage` properly in `purple_buddy_icons_set_account_icon()`,
> which leads to a crash when trying to change avatars with mystatusbox
> enabled (an image is freed and then used).
>
> Reported to Ubuntu LP at
> https://bugs.launchpad.net/ubuntu/+source/pidgin/+bug/371898
>
> I'm not 100% sure, but it looks like the `pointer_icon_cache` hash table
> in buddyicon.c is supposed to own a reference to all the images stored
> there (based on the comments about !StoredImage references in the
> header), but not all the code paths are doing that properly
> (purple_buddy_icons_find_account_icon,
> purple_buddy_icons_node_find_custom_icon,
> purple_buddy_icons_node_find_custom_icon don't when loading from disk).
>
> Also, it seems like pointer_icon_cache should have the destroy func set
> to purple_imgstore_unref (again not sure, just gut).
>
> Attaching the work-in-progress (this fixes the crash, but I think I'm
> still leaking !StoredImage references and the above issues haven't been
> dealt with). Patch is against head-ish

New description:

 The imgstore/buddy icons code doesn't handle references to the
 `PurpleStoredImage` properly in `purple_buddy_icons_set_account_icon()`,
 which leads to a crash when trying to change avatars with mystatusbox
 enabled (an image is freed and then used).

 Reported to Ubuntu LP at
 https://bugs.launchpad.net/ubuntu/+source/pidgin/+bug/371898

 Attaching the work-in-progress (this fixes the crash, but I think I'm
 still leaking !StoredImage references and the above issues haven't been
 dealt with). Patch is against head-ish

--

Comment(by darkrain42):

 I think I understand this better after some cogitation.

-- 
Ticket URL: <http://developer.pidgin.im/ticket/9120#comment:1>
Pidgin <http://pidgin.im>
Pidgin

More information about the Tracker mailing list