[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[Pkg-fonts-devel] Bug#656359: Bug#656359: Bug#656359: [Fontforge-devel] Segfault when pressing modifier/arrow keys if more than 4 points are selected

tags 656359 + patch
thanks

On 01/19/2012 07:39 AM, Theppitak Karoonboonyanan wrote:
> On Thu, Jan 19, 2012 at 5:30 PM, Paul Flo Williams <paul@frixxon.co.uk> wrote:
> 
>> See if this one line patch is relevant, as it sounds familiar. This was
>> applied back in March.
>>
>> http://fontforge.git.sourceforge.net/git/gitweb.cgi?p=fontforge/fontforge;a=blobdiff;f=fontforge/charview.c;h=5e529185424e1dad2f66a1c29c6ceb706e1a315b;hp=ce84acec1dd9492954cc63e921d0f43aba691358;hb=38744f1f74ac88b1012585b9b1a6eb94818cc783;hpb=f17fa77717a1f19bb95eb9bc8c56be3c2c8ae95f
> 
> Yes, it does fix the crash in my box. Thank you!
> So, let's apply it to the debian package.

agreed, it also fixes the bug for me. i don't apparently have access to
scm_pkg-fonts on svn.debian.org; maybe someone else can apply the
attached patch?

thanks,

	--dkg

commit fb91b231818fd320a2b662abf7236c0fbd8773bd
Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Date:   Thu Jan 19 12:22:59 2012 -0500

    fix #656443

diff --git a/debian/changelog b/debian/changelog
index af95d37..c6d63c9 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -2,6 +2,11 @@ fontforge (0.0.20110222-7) unstable; urgency=low
 
   * Build using dh_python2. Patch from Ubuntu.
 
+  [ Daniel Kahn Gillmor ]
+  * Fix memory corruption when moving spline points via upstream patch by
+    Paul Flo Williams
+    Closes: #656443
+  
  -- Christian Perrier <bubulle@debian.org>  Sun, 08 Jan 2012 13:44:41 +0100
 
 fontforge (0.0.20110222-6) unstable; urgency=low
diff --git a/debian/patches/905_fix_selection_crashes.diff b/debian/patches/905_fix_selection_crashes.diff
new file mode 100644
index 0000000..cb3c9e4
--- /dev/null
+++ b/debian/patches/905_fix_selection_crashes.diff
@@ -0,0 +1,24 @@
+Description: Fix crashes during selection and moving of keys
+Author: Paul Flo Willians
+Forwarded: yes
+Bug: http://bugs.debian.org/656443
+
+From 38744f1f74ac88b1012585b9b1a6eb94818cc783 Mon Sep 17 00:00:00 2001
+From: George Williams <pfaedit@users.sourceforge.net>
+Date: Mon, 14 Mar 2011 14:17:22 -0700
+Subject: [PATCH] Patch by Paul Flo Williams.
+ The charview hint routines used a routine which could try to store 5 points in an array that only held 4. The resultant memory corruption could cause crashes.
+
+diff --git a/fontforge/charview.c b/fontforge/charview.c
+index ce84ace..5e52918 100644
+--- a/fontforge/charview.c
++++ b/fontforge/charview.c
+@@ -8659,7 +8659,7 @@ static void CVMenuClearHints(GWindow gw,struct gmenuitem *mi,GEvent *e) {
+ static int CVNumForePointsSelected(CharView *cv, BasePoint **bp) {
+     SplineSet *spl;
+     SplinePoint *test, *first;
+-    BasePoint *bps[4];
++    BasePoint *bps[5];
+     int i, cnt;
+ 
+     if ( cv->b.drawmode!=dm_fore )
diff --git a/debian/patches/series b/debian/patches/series
index f0c8cee..36b4c6f 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -7,3 +7,4 @@
 900_debian_HelpDir_path.diff
 901_ld_as_needed.diff
 902_fix_optipng_reads.diff
+905_fix_selection_crashes.diff

Attachment: signature.asc
Description: OpenPGP digital signature

Reply to: