freeze exception: freetype, RC bug but includes udeb

To: debian-release@lists.debian.org
Cc: debian-boot@lists.debian.org
Subject: freeze exception: freetype, RC bug but includes udeb
From: Steve Langasek <vorlon@debian.org>
Date: Thu, 21 Aug 2008 13:12:49 -0700
Message-id: <[🔎] 20080821201248.GJ25706@dario.dodds.net>
Mail-followup-to: debian-release@lists.debian.org, debian-boot@lists.debian.org

This is a request for a freeze exception on freetype 2.3.7-1, just uploaded
to unstable to fix RC bug #487101.

The full debdiff is attached.

This is a straightforward fix, but freetype provides a udeb, so I'm asking
here before unblocking.

-- 
Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
Ubuntu Developer                                    http://www.debian.org/
slangasek@ubuntu.com                                     vorlon@debian.org

diff -u freetype-2.3.7/debian/changelog freetype-2.3.7/debian/changelog
--- freetype-2.3.7/debian/changelog
+++ freetype-2.3.7/debian/changelog
@@ -1,3 +1,12 @@
+freetype (2.3.7-2) unstable; urgency=high
+
+  * High-urgency upload for RC bugfix.
+  * Add debian/patches-freetype/no-segfault-on-load_mac_face, patch from
+    upstream to fix a segfault due to uninitialized memory in certain
+    failures of FT_Stream_New.  Closes: #487101.
+
+ -- Steve Langasek <vorlon@debian.org>  Thu, 21 Aug 2008 12:09:17 -0700
+
 freetype (2.3.7-1) unstable; urgency=low
 
   * New upstream release
diff -u freetype-2.3.7/debian/patches-freetype/series freetype-2.3.7/debian/patches-freetype/series
--- freetype-2.3.7/debian/patches-freetype/series
+++ freetype-2.3.7/debian/patches-freetype/series
@@ -5,0 +6 @@
+no-segfault-on-load_mac_face
only in patch2:
unchanged:
--- freetype-2.3.7.orig/debian/patches-freetype/no-segfault-on-load_mac_face
+++ freetype-2.3.7/debian/patches-freetype/no-segfault-on-load_mac_face
@@ -0,0 +1,50 @@
+2008-08-19  suzuki toshiya <mpsuzuki@hiroshima-u.ac.jp>
+
+	* src/base/ftobjs.c (FT_Stream_New): Initialize *astream
+	always, even if passed library or arguments are invalid.
+	This fixes a bug that uninitialized stream is freed when
+	an invalid library handle is passed. Originally proposed
+	by Mike Fabian, 2008/08/18 on freetype-devel.
+	(FT_Open_Face): Ditto (stream).
+	(load_face_in_embedded_rfork): Ditto (stream2).
+
+Fixes Debian bug #487101.
+
+Index: freetype-2.3.7/src/base/ftobjs.c
+===================================================================
+--- freetype-2.3.7.orig/src/base/ftobjs.c
++++ freetype-2.3.7/src/base/ftobjs.c
+@@ -128,13 +128,14 @@
+     FT_Stream  stream;
+ 
+ 
++    *astream = 0;
++
+     if ( !library )
+       return FT_Err_Invalid_Library_Handle;
+ 
+     if ( !args )
+       return FT_Err_Invalid_Argument;
+ 
+-    *astream = 0;
+     memory   = library->memory;
+ 
+     if ( FT_NEW( stream ) )
+@@ -1600,7 +1601,7 @@
+     FT_Error   errors[FT_RACCESS_N_RULES];
+ 
+     FT_Open_Args  args2;
+-    FT_Stream     stream2;
++    FT_Stream     stream2 = 0;
+ 
+ 
+     FT_Raccess_Guess( library, stream,
+@@ -1713,7 +1714,7 @@
+     FT_Error     error;
+     FT_Driver    driver;
+     FT_Memory    memory;
+-    FT_Stream    stream;
++    FT_Stream    stream = 0;
+     FT_Face      face = 0;
+     FT_ListNode  node = 0;
+     FT_Bool      external_stream;

Reply to:

Follow-Ups:
- Re: freeze exception: freetype, RC bug but includes udeb
  - From: Otavio Salvador <otavio@debian.org>

Prev by Date: Exception for roundcube
Next by Date: Re: Freeze exception for vgrabbj? (Was: Bug#494935: vgrabbj: Patch used in my NMU version 0.9.6-3.1 (freeze exception?))
Previous by thread: Re: Exception for roundcube
Next by thread: Re: freeze exception: freetype, RC bug but includes udeb
Index(es):
- Date
- Thread