abcf1048e2
If a cursor file contains multiple images for the same size, this typically indicates an animation. The compositor weston uses wl_cursor_frame_and_duration to figure out at which time a specific image should be shown. The total delay is the sum of all image delays. But if all images have a delay of 0, the total delay is 0 as well. The code does not check for this special condition and triggers a floating point exception by eventually performing a modulo operation with 0. This, of course, could also happen if the sum of all image delays triggers an unsigned int overflow. But since a comment in the code already indicates that it does not try to "fix" handling of weird files, I would argue that it's "okay" if that happens. At least the program won't crash. Proof of Concept: install -D ~/.icons/poc/cursors base64 -d > ~/.icons/poc/cursors/left_ptr << EOF WGN1chAAAAAAAAEAAgAAAAIA/f8BAAAAKAAAAAIA/f8BAAAAKAAAACQAAAACAP3/AQAAAAEAAAAB AAAAAQAAAAEAAAABAAAAAAAAAAAAAAA= EOF cat > /tmp/weston.ini << EOF [shell] cursor-theme=poc EOF weston -c /tmp/weston.ini Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org> |
||
|---|---|---|
| .. | ||
| convert_font.c | ||
| cursor-data.h | ||
| cursor.pcf | ||
| meson.build | ||
| os-compatibility.c | ||
| os-compatibility.h | ||
| wayland-cursor.c | ||
| wayland-cursor.h | ||
| xcursor.c | ||
| xcursor.h | ||