Re: Dropping 'fringe' pixbuf loaders

From: Bastien Nocera <hadess hadess net>
To: Matthias Clasen <matthias clasen gmail com>, Cosimo Cecchi <cosimoc gnome org>
Cc: Owen Taylor <otaylor redhat com>, gtk-devel-list <gtk-devel-list gnome org>
Subject: Re: Dropping 'fringe' pixbuf loaders
Date: Thu, 24 Sep 2015 15:39:53 +0200

On Tue, 2015-09-22 at 01:20 +0200, Bastien Nocera wrote:

On Mon, 2015-09-21 at 18:38 -0400, Matthias Clasen wrote:


On Mon, Sep 21, 2015 at 5:10 PM, Cosimo Cecchi <cosimoc gnome org>
wrote:


On Mon, Sep 21, 2015 at 1:01 PM, Owen Taylor <otaylor redhat com>
wrote:

Do we trust this code or not? If not, we should either a)
sandbox
it or b) delete it.

Moving less-trusted loaders into a separate repo is a blame-
the-
user or blame-the-os-vendor move, depending on who installs
them
onto the system.

The only way to prevent the blame game you mention in a typical
distribution where everything is installed through packages would
be to stop supporting out of tree modules entirely, if I
interpret
your concern correctly.

My point is that as long as that's the case, at least maintaining
them in a central location gives people an aggregation point for
fixes.

But they are not being maintained by anybody, and the fixes have
not
been aggregating... every few years some security researchers
decide
to have a look at image loaders, and then we get a bunch of
overflows
and corruptions reported, and either me of Benjamin grudgingly fix
them. And both of us are tired of doing that.


I would argue that at least I have taken care of some of that work at
the end of 2014. I didn't get to see coverity scans or cppchecks, but
this isn't the most complicated code to fix up and review.

If removing some of those loaders helps lighten the number of
potential
bugs, sure, go for it.

As for removing those loaders, I'd double-check whether GIMP has
native
support for those (not through a gdk-pixbuf loader), so that at least
some modicum of support is left for those, making it less likely that
we'll crash when somebody has a duff file in their file manager.


I tested all those formats, and I think we can remove the PCX and TGA
loaders, and leave those to be loaded by GIMP, in the very short term.

For QTIF, either support in GIMP or in GStreamer (it's usually only
used along with QuickTime) would be fine.

ANI files really need to be supported by GIMP before we remove the
support for it.

In short, remove all the mentioned modules, except ANI, and file bugs
against GIMP/GStreamer for the unsupported ones.

Cheers

Supported by GIMP:
PCX [2]
TGA [2]

Unsupported by GIMP:
ANI [1]
QTIF [3]
WBMP [4] (display broken in gdk-pixbuf)
RAS [5] (broken/unsupported in gdk-pixbuf)

[1]: Tests in shared-mime-info and gdk-pixbuf
[2]: Tests in shared-mime-info
[3]: https://github.com/daeken/QtChaos/blob/master/Harnesses/Quicktime/Sample.qtif?raw=true
[4]: http://www.thepcmanwebsite.com/wap_images.shtml
[5]: http://samples.libav.org/image-samples/sunrast/

Follow-Ups:
- Re: Dropping 'fringe' pixbuf loaders
  - From: Matthias Clasen

References:
- Dropping 'fringe' pixbuf loaders
  - From: Matthias Clasen
- Re: Dropping 'fringe' pixbuf loaders
  - From: Cosimo Cecchi
- Re: Dropping 'fringe' pixbuf loaders
  - From: Owen Taylor
- Re: Dropping 'fringe' pixbuf loaders
  - From: Cosimo Cecchi
- Re: Dropping 'fringe' pixbuf loaders
  - From: Matthias Clasen
- Re: Dropping 'fringe' pixbuf loaders
  - From: Bastien Nocera

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]