Hello,
a crash in libfontconfig was reported to me. Run
$ fc-query startchar.bdf
(startchar.bdf is reproducer for buffer overflow
in libXfont, see [1])
The problem is following:
Breakpoint 3, IA__FcFreeTypeQueryFace (face=0x608dd0,
file=0x7fffffffebb9 "startchar.bdf", id=0, blanks=0x0) at
fcfreetype.c:1591
1591 width = FcIsWidth ((FcChar8 *) prop.u.atom);
(gdb) p prop.u.atom
$6 = 0x0
Following patch fixes problem for me, but maybe this is not correct
place for this check.
Index: src/fcstr.c
===================================================================
--- src/fcstr.c.orig 2013-10-11 05:10:18.000000000 +0200
+++ src/fcstr.c 2014-01-28 09:34:05.409800632 +0100
@@ -26,6 +26,7 @@
#include <stdlib.h>
#include <ctype.h>
#include <string.h>
+#include <limits.h>
#ifdef HAVE_REGEX_H
#include <regex.h>
#endif
@@ -211,6 +212,7 @@
FcChar8 c1, c2;
if (s1 == s2) return 0;
+ if (!s1 || !s2) return INT_MAX;
FcStrCaseWalkerInit (s1, &w1);
FcStrCaseWalkerInit (s2, &w2);
Petr
[1]
http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=4d024ac10f964f6bd372ae0dd14f02772a6e5f63
Attachment:
startchar.bdf
Description: application/font-bdf
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ Fontconfig mailing list Fontconfig@xxxxxxxxxxxxxxxxxxxxx http://lists.freedesktop.org/mailman/listinfo/fontconfig
