--- Begin Message ---
Package: fontforge
Version: 0.0.20110222-3
Severity: normal
Tags: patch
User: ubuntu-devel@lists.ubuntu.com
Usertags: origin-ubuntu precise ubuntu-patch
In Ubuntu, the attached patch was applied to prevent a crash when reading optimized png files.
Ubuntu routinely runs optipng on installed png files, and that revealed a bug in fontforge's built-in png reader code. This probably isn't super important for Debian, as you don't run optipng, but it appears to be a real bug and would let us get in sync again if it was applied.
I've also forwarded this patch to the fontforge mailing list.
Thanks for considering the patch.
-- System Information:
Debian Release: wheezy/sid
APT prefers oneiric-updates
APT policy: (500, 'oneiric-updates'), (500, 'oneiric-security'), (500, 'oneiric')
Architecture: i386 (i686)
Kernel: Linux 3.0.0-12-generic (SMP w/4 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -Nru fontforge-0.0.20110222/debian/patches/902_fix_optipng_reads.diff fontforge-0.0.20110222/debian/patches/902_fix_optipng_reads.diff
--- fontforge-0.0.20110222/debian/patches/902_fix_optipng_reads.diff 1969-12-31 19:00:00.000000000 -0500
+++ fontforge-0.0.20110222/debian/patches/902_fix_optipng_reads.diff 2011-10-25 14:25:46.000000000 -0400
@@ -0,0 +1,21 @@
+Description: If trans_alpha is NULL (likely due to optimized png), don't crash
+Author: Michael Terry <michael.terry@canonical.com>
+Forwarded: yes
+Bug-Ubuntu: https://launchpad.net/bugs/805752
+
+Index: fontforge-0.0.20110222/gutils/gimagereadpng.c
+===================================================================
+--- fontforge-0.0.20110222.orig/gutils/gimagereadpng.c 2011-10-25 14:17:10.856004364 -0400
++++ fontforge-0.0.20110222/gutils/gimagereadpng.c 2011-10-25 14:17:14.640004404 -0400
+@@ -282,9 +282,9 @@
+ (trans_color->green>>8),
+ (trans_color->blue>>8));
+ else if ( base->image_type == it_mono )
+- base->trans = trans_alpha[0];
++ base->trans = trans_alpha ? trans_alpha[0] : 0;
+ else
+- base->clut->trans_index = base->trans = trans_alpha[0];
++ base->clut->trans_index = base->trans = trans_alpha ? trans_alpha[0] : 0;
+ }
+
+ row_pointers = galloc(_png_get_image_height(png_ptr,info_ptr)*sizeof(png_bytep));
diff -Nru fontforge-0.0.20110222/debian/patches/series fontforge-0.0.20110222/debian/patches/series
--- fontforge-0.0.20110222/debian/patches/series 2011-06-05 08:14:54.000000000 -0400
+++ fontforge-0.0.20110222/debian/patches/series 2011-10-25 14:16:21.000000000 -0400
@@ -5,3 +5,4 @@
027_catch_ctrl-c_signal.diff
900_debian_HelpDir_path.diff
901_ld_as_needed.diff
+902_fix_optipng_reads.diff
--- End Message ---
--- Begin Message ---
Source: fontforge
Source-Version: 0.0.20110222-4
We believe that the bug you reported is fixed in the latest version of
fontforge, which is due to be installed in the Debian FTP archive:
fontforge-dbg_0.0.20110222-4_i386.deb
to main/f/fontforge/fontforge-dbg_0.0.20110222-4_i386.deb
fontforge-nox_0.0.20110222-4_i386.deb
to main/f/fontforge/fontforge-nox_0.0.20110222-4_i386.deb
fontforge_0.0.20110222-4.debian.tar.gz
to main/f/fontforge/fontforge_0.0.20110222-4.debian.tar.gz
fontforge_0.0.20110222-4.dsc
to main/f/fontforge/fontforge_0.0.20110222-4.dsc
fontforge_0.0.20110222-4_i386.deb
to main/f/fontforge/fontforge_0.0.20110222-4_i386.deb
libfontforge-dev_0.0.20110222-4_i386.deb
to main/f/fontforge/libfontforge-dev_0.0.20110222-4_i386.deb
libfontforge1_0.0.20110222-4_i386.deb
to main/f/fontforge/libfontforge1_0.0.20110222-4_i386.deb
libgdraw4_0.0.20110222-4_i386.deb
to main/f/fontforge/libgdraw4_0.0.20110222-4_i386.deb
python-fontforge_0.0.20110222-4_i386.deb
to main/f/fontforge/python-fontforge_0.0.20110222-4_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 646619@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Christian Perrier <bubulle@debian.org> (supplier of updated fontforge package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Wed, 26 Oct 2011 04:22:18 +0200
Source: fontforge
Binary: fontforge fontforge-nox libfontforge-dev libfontforge1 libgdraw4 python-fontforge fontforge-dbg
Architecture: source i386
Version: 0.0.20110222-4
Distribution: unstable
Urgency: low
Maintainer: Debian Fonts Task Force <pkg-fonts-devel@lists.alioth.debian.org>
Changed-By: Christian Perrier <bubulle@debian.org>
Description:
fontforge - font editor
fontforge-dbg - debugging symbols for fontforge
fontforge-nox - font editor - non-X version
libfontforge-dev - font editor - runtime library (development files)
libfontforge1 - font editor - runtime library
libgdraw4 - font editor - runtime graphics and widget library
python-fontforge - font editor - Python bindings
Closes: 646619
Changes:
fontforge (0.0.20110222-4) unstable; urgency=low
.
* If trans_alpha is NULL (likely due to optimized png), don't crash
Closes: #646619
Checksums-Sha1:
1a7f99e4bc30b997adf54c7304eda354bd1286f3 2677 fontforge_0.0.20110222-4.dsc
8fada07647f102351bb1d7d1c4da487356e7142f 5126031 fontforge_0.0.20110222.orig.tar.bz2
dd2f5d62c08c18ee67f6df663e664e5a2ce34735 18098 fontforge_0.0.20110222-4.debian.tar.gz
a00d192edadef33608dec1d62ffef243496a3e6f 2241320 fontforge_0.0.20110222-4_i386.deb
74d76f98e19fe09efb0305b2a84689cd29fdae11 1256434 fontforge-nox_0.0.20110222-4_i386.deb
9c53528cf7bb6da9ae6fb1a5c2e8e24a4a5e1fa1 133046 libfontforge-dev_0.0.20110222-4_i386.deb
6f65b8b71cceb9840f75533f72d0957d90cc7f9f 2308452 libfontforge1_0.0.20110222-4_i386.deb
26af98c1ba45c9903f996112ff61fd8647ca1b3e 327224 libgdraw4_0.0.20110222-4_i386.deb
d3e5cb1c22735a06d310234061887185a3372c29 15834 python-fontforge_0.0.20110222-4_i386.deb
88732fb48337793386b0bb204cd6fa5fa76fafb1 206624 fontforge-dbg_0.0.20110222-4_i386.deb
Checksums-Sha256:
79830cb09f2a728e4164122a3092c1a922548cd23854cf128a8e7ee97050d2be 2677 fontforge_0.0.20110222-4.dsc
8fa2818026f84bb7b8a77451d21cab7e9dea8aa904e5218afa158be6a320433e 5126031 fontforge_0.0.20110222.orig.tar.bz2
e0205c9ac7bcad8f09a0ce19b2cf1b52522c0c60b77efbdbdb11c40874089a80 18098 fontforge_0.0.20110222-4.debian.tar.gz
710d7b37ac338e9097f8ed6ab854a6fa8dd555f7e327ac5ddec307851c0301c9 2241320 fontforge_0.0.20110222-4_i386.deb
e720fbb81f13bed346d904a7daafba99931d768befe8f441114dcafef68e290e 1256434 fontforge-nox_0.0.20110222-4_i386.deb
3792efc2a7d8f284f5cf350fc6268bda8fda3125e27f564c4f4d5ca392843287 133046 libfontforge-dev_0.0.20110222-4_i386.deb
9b8b35694561951326c02ae94fa1c5d39815da6e4ec1bb009b6e07437570446c 2308452 libfontforge1_0.0.20110222-4_i386.deb
578f2096b16e5b5e44d54e52a16cc8b59c3c7b20226252f569b341bf65a20081 327224 libgdraw4_0.0.20110222-4_i386.deb
aa17dd2a3f49ba6d105cad7fbb2eba151241f0fc216dc578fe68919e0ca4b573 15834 python-fontforge_0.0.20110222-4_i386.deb
5a8b1d85fc01491cc8bb1a4006ddb9498ad939c1a7ddbd6d3108fa1c7dbfb32e 206624 fontforge-dbg_0.0.20110222-4_i386.deb
Files:
fccd47b2e28c1338ce4337b98b9a19ce 2677 fonts optional fontforge_0.0.20110222-4.dsc
5be4dda345b5d73a27cc399df96e463a 5126031 fonts optional fontforge_0.0.20110222.orig.tar.bz2
a6d8fcb873fcab64404867eaee8f1367 18098 fonts optional fontforge_0.0.20110222-4.debian.tar.gz
ec6b5f24918a4c70120cec3879e83af6 2241320 fonts optional fontforge_0.0.20110222-4_i386.deb
c393bbacf757c5ea7a933514b94bfd54 1256434 fonts optional fontforge-nox_0.0.20110222-4_i386.deb
5b53466a9018a726d0d47fce2859d5dc 133046 libdevel optional libfontforge-dev_0.0.20110222-4_i386.deb
96efa763f56b48c2b812edd9ccc5c519 2308452 libs optional libfontforge1_0.0.20110222-4_i386.deb
ca882c5b384bd5e7e7e3647054786eff 327224 libs optional libgdraw4_0.0.20110222-4_i386.deb
0ad49d7c4a6a110122bb53609e86fc7b 15834 python optional python-fontforge_0.0.20110222-4_i386.deb
bd03aea6c0f5e8579841ae96cb55d2ea 206624 debug extra fontforge-dbg_0.0.20110222-4_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIVAwUBTqd5kYcvcCxNbiWoAQIToQ/+O5FeLEXjI07rN1swL8H61SDw4MBERiHv
9+EsN79F+b5HG0jsnFS5MOshDuhK2bnTrUoIarrnM7wLaINjwsbx8KwtjINKPR+1
08W+ih8sveLu8JRnlwgXkj9OUmMOKYsVw/+hkBGVDsxtsTSYNc0LgFRfuHpSo7gS
4wzTVCotYY4ud3l623AzAiOUtS3p7hL+mr6fbrNZ8efA9YEQ1a41vC8zc7AzZElV
j0dA0rq7OeCfT+zFRGBdHPbObrcJiV6x1Vt+ArWts8eBHDI23YounvVOtenVRBSE
qLwMFSsYl3WlDCVmCPm6nKfOBdLWIvDMZd6Oq4foTe8Je/rGMi9pMOOlzzovS53B
Cq3ZwY+6XzjXQnNGVSqEoqaBZ5nsyPb9oh7gyOrx5WzDifBcPqUZoUXaDNrNh+RT
3k6o6vuyP/0WcI80IdiVFKOFpXQRyeo+ygMxKUy+6VOTfuIyyU8F1DE6z6enhzz5
aH858To/6gl5Gy3b3iP/D0j+KqVTvC7e+JNT4ccfjCFezjjasl3AjPyGq1S9zbwU
IMP/Nygk9dsSSrNfF4YYaZfeZn6xrNJHtkxizJtwSINwdYHdC2a9OpigVAzyUghH
nLK76Onv07Ajr/njyOYg/BXz4Yb85BOujAK+EmVGgdxr+2R2/CrWwCye1STKoWl4
Pqt6UnOa8tI=
=/oTR
-----END PGP SIGNATURE-----
--- End Message ---