=== ChanServ changed the topic of #ubuntu-security to: Twitter: @ubuntu_sec || https://usn.ubuntu.com || https://wiki.ubuntu.com/SecurityTeam || https://wiki.ubuntu.com/Security/Features || Community: sbeattie
[18:13] <ItzSwirlz> Ok. So I just gdb'd gthumb to realize that all the commit did, which is already large in size.. just returns NULL basically.
[18:13] <ItzSwirlz> Then, when gthumb tries to set the cairo surface it asserts it; which fails
[18:13] <ItzSwirlz> I think this commitw ould fix it; but is it worth continuing trying to fix the CVE if its going to be this big
[18:13] <ItzSwirlz> because i know people dont like huge SRUs
[18:14] <ItzSwirlz> https://gitlab.gnome.org/GNOME/gthumb/-/commit/a17b1a903797495fe4de36645c0d4809f5aa74f2
[18:14] <ubottu> Commit a17b1a9 in GNOME/gthumb "gth-image: allow to set null surfaces"
[18:14] <ItzSwirlz> then theother stability commits go on with allowing the jpeg loader to try to allow for null surfaces
[18:14] <ItzSwirlz> is it worth continuing
[18:15] <ItzSwirlz> and loading the image threads... should I risk it
[18:25] <ItzSwirlz> The error is gthumb: ../../../../src/cairo-surface.c:930: cairo_surface_reference: Assertion 'CAIRO_REFERENCE_COUNT_HAS_REFERENCE (&surface->ref_count)' failed.
=== cpaelzer_ is now known as cpaelzer
[19:42] <ItzSwirlz> doing more digging in the stacktrace (first time with gdb, i'm sorry if im being annoying) - it might be this https://gitlab.gnome.org/GNOME/gthumb/-/commit/9729b8688d5d67c01deabea46ad469ec517250c5
[19:42] <ubottu> Commit 9729b86 in GNOME/gthumb "Fixed crash in case of some malformed jpegs"
[19:43] <ItzSwirlz> i did try removing a line that freed some image value data but then that'd make other parts of the application/gtk drawing freak out