From 078a7d326d11b8324e094fedbcfef844d1c5b151 Mon Sep 17 00:00:00 2001
From: Thomas Leonard <talex5@gmail.com>
Date: Sat, 29 May 2010 14:39:55 +0100
Subject: [PATCH] Reverted SVG icon support

GDK SVG loader segfaults even on non-malicious XML (e.g. an HTML 404 page).
---
 zeroinstall/gtkui/icon.py     | 25 +++++++++++--------------
 zeroinstall/injector/fetch.py |  4 ++--
 2 files changed, 13 insertions(+), 16 deletions(-)

diff --git a/zeroinstall/gtkui/icon.py b/zeroinstall/gtkui/icon.py
index e1dc68d..46c8c55 100644
--- a/zeroinstall/gtkui/icon.py
+++ b/zeroinstall/gtkui/icon.py
@@ -34,18 +34,15 @@ def load_icon(icon_path, icon_width=None, icon_height=None):
 		loader.set_size(int(dest_width), int(dest_height))
 
 	# Restrict icon formats to avoid attacks
-	for format in ('png', 'svg'):
+	try:
+		loader = gtk.gdk.PixbufLoader(format)
+		if icon_width or icon_height:
+			loader.connect('size-prepared', size_prepared_cb)
 		try:
-			loader = gtk.gdk.PixbufLoader(format)
-			if icon_width or icon_height:
-				loader.connect('size-prepared', size_prepared_cb)
-			try:
-				loader.write(file(icon_path).read())
-			finally:
-				loader.close()
-			return loader.get_pixbuf()
-		except Exception, ex:
-			debug(_("Failed to load icon: %s") % ex)
-
-	warn(_("Failed to load cached icon"))
-	return None
+			loader.write(file(icon_path).read())
+		finally:
+			loader.close()
+		return loader.get_pixbuf()
+	except Exception, ex:
+		warn(_("Failed to load cached PNG icon: %s") % ex)
+		return None
diff --git a/zeroinstall/injector/fetch.py b/zeroinstall/injector/fetch.py
index 598d9c8..907758f 100644
--- a/zeroinstall/injector/fetch.py
+++ b/zeroinstall/injector/fetch.py
@@ -376,8 +376,8 @@ class Fetcher(object):
 		# Find a suitable icon to download
 		for icon in interface.get_metadata(XMLNS_IFACE, 'icon'):
 			type = icon.getAttribute('type')
-			if type not in ('image/png', 'image/svg+xml', 'image/svg+xml-compressed'):
-				debug(_('MIME type %(mime_type)s is not permited for feed icons'), {'mime_type': type})
+			if type != 'image/png':
+				debug(_('Skipping non-PNG icon'))
 				continue
 			source = icon.getAttribute('href')
 			if source:
-- 
2.11.4.GIT