From f961196d1bbe01c706368eef581f01eeae273ed7 Mon Sep 17 00:00:00 2001
From: Paolo Bacchilega <paobac@src.gnome.org>
Date: Fri, 14 Jul 2017 08:47:13 +0200
Subject: SEGFAULT when a svg image could not be loaded

[bug 784886]
---
 extensions/cairo_io/cairo-image-surface-svg.c | 18 +++++++++++++-----
 gthumb/gth-image-viewer.c                     |  5 ++++-
 2 files changed, 17 insertions(+), 6 deletions(-)

diff --git a/extensions/cairo_io/cairo-image-surface-svg.c b/extensions/cairo_io/cairo-image-surface-svg.c
index ee07770..75e6f48 100644
--- extensions/cairo_io/cairo-image-surface-svg.c
+++ extensions/cairo_io/cairo-image-surface-svg.c
@@ -140,22 +140,26 @@ gth_image_svg_new (void)
 }
 
 
-static void
+static gboolean
 gth_image_svg_set_handle (GthImageSvg *self,
 			  RsvgHandle  *rsvg)
 {
 	RsvgDimensionData dimension_data;
 
 	if (self->rsvg == rsvg)
-		return;
+		return TRUE;
 
-	self->rsvg = g_object_ref (rsvg);
+	rsvg_handle_get_dimensions (rsvg, &dimension_data);
+	if ((dimension_data.width == 0) || (dimension_data.height == 0))
+		return FALSE;
 
-	rsvg_handle_get_dimensions (self->rsvg, &dimension_data);
+	self->rsvg = g_object_ref (rsvg);
 	self->original_width = dimension_data.width;
 	self->original_height = dimension_data.height;
 
 	gth_image_svg_set_zoom (GTH_IMAGE (self), 1.0, NULL, NULL);
+
+	return TRUE;
 }
 
 
@@ -183,7 +187,11 @@ _cairo_image_surface_create_from_svg (GInputStream  *istream,
 						 cancellable,
 						 error);
 	if (rsvg != NULL) {
-		gth_image_svg_set_handle (GTH_IMAGE_SVG (image), rsvg);
+		if (! gth_image_svg_set_handle (GTH_IMAGE_SVG (image), rsvg)) {
+			g_set_error (error, G_IO_ERROR, G_IO_ERROR_INVALID_DATA, "Error");
+			g_object_unref (image);
+			image = NULL;
+		}
 		g_object_unref (rsvg);
 	}
 
diff --git a/gthumb/gth-image-viewer.c b/gthumb/gth-image-viewer.c
index 587c5f3..0bc45ad 100644
--- gthumb/gth-image-viewer.c
+++ gthumb/gth-image-viewer.c
@@ -815,7 +815,10 @@ image_has_alpha (GthImageViewer *viewer)
 	if (image == NULL)
 		return FALSE;
 
-	first_pixel = cairo_image_surface_get_data (image);
+	first_pixel = _cairo_image_surface_flush_and_get_data (image);
+	if (first_pixel == NULL)
+		return FALSE;
+
 	return first_pixel[CAIRO_ALPHA] < 255;
 }
 
-- 
cgit v0.12