Version: (using KDE KDE 3.4.1) Installed from: Gentoo Packages Compiler: gcc (GCC) 3.3.5-20050130 (Gentoo 3.3.5.20050130-r1, ssp-3.3.5.20050130-1, pie-8.7.7.1) OS: Linux When somebody opens a special created svg file with a motified points list, konqueror freezes and eats more and more memory. The special points list is just a pointlist with a missing param (something like this: "1,1 2 3,3").
Created attachment 11340 [details] polyline_crash.svg svg with a polyline. The polyline has a incomplete pointslist: <polyline points="1,0 1 1,20" /> KSVG will just freeze and eat more and more memory
Created attachment 26833 [details] Silently ignore polygons and polylines that would trigger this I've fixed this in Debian bug 493363 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=493363 In SVGAnimatedPointsImpl::parsePoints there's a for loop over an iterator. Each time through the loop takes two elements from the iterator, but only tests the exit condition once. The initial report here suggests that only maliciously-constructed images can trigger this. It can be triggered by images in the OpenClipart project that use the SVG path element's extended grammar instead of using the SVG basic shape elements' simple grammar (I think that's a bug in OpenClipart).
This component has been replaced with the QtSvg based "svgpart" in KDE 4. If this issue still needs to be addressed, please add a comment.