Opened 15 years ago
Last modified 15 years ago
#105 closed defect
Division by zero in svghandler.cpp — at Version 1
| Reported by: | Dmitry A. Kuminov | Owned by: | |
|---|---|---|---|
| Priority: | blocker | Milestone: | Qt GA |
| Component: | General | Version: | 4.5.1 Beta 3 |
| Severity: | medium | Keywords: | |
| Cc: |
Description (last modified by )
The SVG module has a function, pathArc() defined in source:/trunk/src/svg/qsvghandler.cpp that uses its arguments as divisors w/o checking if they are zero or not.
This function is a reason why e.g. mp3diags traps. First of all, mp3diags somehow supplies a wrong SVG file to QIcon which contains these invalid zero arguments (this needs to be investigated, I suspect it's an OS/2 specific bug). Then, this function causes SIGFPE (which is originally XCPT_FLOAT_INVALID_OPERATION) because of division by zero.
The obvious fix is to replace
rx = qAbs(rx);
ry = qAbs(ry);
at around #1285 in svghandler.cpp to
rx = qAbs(rx);
ry = qAbs(ry);
if (rx == 0 || ry == 0)
return;
I didn't commit this fix though. This code is in the Qt code base for so long that it would definitely be fixed if it made problems on other platforms (it's very easy to create an invalid .svg to cause zero arguments to be passed in there). But it is still not fixed (see http://qt.gitorious.org/qt/qt/blobs/master/src/svg/qsvghandler.cpp) which means that for some reason it doesn't make any problems anywhere except OS/2.
