I haven't had time to track through this one to find out precisely what's going on, but it looks like CGImageRelease/CFRelease on a CGImage over-releases some internal CoreFoundation object. With the CFZombieLevel environment variable set to scribble released objects, the program crashes releasing a scribbled object.
This appears to occur for images created by Apple, as well as images I've created with CGImageSourceCreateImageAtIndex.
The application leaks memory if you don't release the image though, of course.
Sounds like a potential security issue to me!
update: This is fixed in 10.5.0
0 comments:
Post a Comment