Comment 0 for bug 1728360

Symptom:

When selecting a part of the image and performing Edit -> Copy gnome-paint crashes with SIGSEGV.

Analysis of the disassembly:

If a C function is not declared (e.g. in an #include file) the compilers assume the function returns a 32-bit integer. Some other (64-bit) compilers seem to assume a 64-bit return value.

The function "gp_selection_get_pixbuf()" is used by the function "Edit -> Copy" but it is not declared in any #include file (nor in the .c file where it is used).

The function returns a pointer (64-bit).

The compiler which was used to compile the binaries distributed with Ubuntu 17.10 seem to be one of the compilers assuming a signed 32-bit integer.

Therefore the compiler will sign-extend the value returned by "gp_selection_get_pixbuf()" to 64 bits (instead of using the 64-bit pointer)!

The result will be an invalid pointer and therefore a SIGSEGV when this pointer is used.

Disassembly for reference:

    18dc0 <on_menu_copy_activate@@Base>:
       18dc0: 55 push %rbp
       18dc1: 53 push %rbx
       ...
       18e55: 48 89 c5 mov %rax,%rbp
       18e58: 31 c0 xor %eax,%eax
       18e5a: e8 51 1a 00 00 callq 1a8b0 <gp_selection_get_pixbuf@@Base>
       18e5f: 48 89 ee mov %rbp,%rsi

       # This line must be "mov %eax,%rdi" (48 89 C7):
       18e62: 48 63 f8 movslq %eax,%rdi

       18e65: e8 b6 23 ff ff callq b220 <g_type_check_instance_cast@plt>
       ...

To check if this is really the problem I replaced the bytes 0x63 F8 by the bytes 0x89 C7 in the file /usr/bin/gnome-paint using a hex-editor.

Result: After this patch Edit -> Copy works without problems.

A really correct solution was to add the function "gp_selection_get_pixbuf()" to a header file and to re-compile.