freeze exception: freetype, RC bug but includes udeb
This is a request for a freeze exception on freetype 2.3.7-1, just uploaded
to unstable to fix RC bug #487101.
The full debdiff is attached.
This is a straightforward fix, but freetype provides a udeb, so I'm asking
here before unblocking.
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developer http://www.debian.org/
slangasek@ubuntu.com vorlon@debian.org
diff -u freetype-2.3.7/debian/changelog freetype-2.3.7/debian/changelog
--- freetype-2.3.7/debian/changelog
+++ freetype-2.3.7/debian/changelog
@@ -1,3 +1,12 @@
+freetype (2.3.7-2) unstable; urgency=high
+
+ * High-urgency upload for RC bugfix.
+ * Add debian/patches-freetype/no-segfault-on-load_mac_face, patch from
+ upstream to fix a segfault due to uninitialized memory in certain
+ failures of FT_Stream_New. Closes: #487101.
+
+ -- Steve Langasek <vorlon@debian.org> Thu, 21 Aug 2008 12:09:17 -0700
+
freetype (2.3.7-1) unstable; urgency=low
* New upstream release
diff -u freetype-2.3.7/debian/patches-freetype/series freetype-2.3.7/debian/patches-freetype/series
--- freetype-2.3.7/debian/patches-freetype/series
+++ freetype-2.3.7/debian/patches-freetype/series
@@ -5,0 +6 @@
+no-segfault-on-load_mac_face
only in patch2:
unchanged:
--- freetype-2.3.7.orig/debian/patches-freetype/no-segfault-on-load_mac_face
+++ freetype-2.3.7/debian/patches-freetype/no-segfault-on-load_mac_face
@@ -0,0 +1,50 @@
+2008-08-19 suzuki toshiya <mpsuzuki@hiroshima-u.ac.jp>
+
+ * src/base/ftobjs.c (FT_Stream_New): Initialize *astream
+ always, even if passed library or arguments are invalid.
+ This fixes a bug that uninitialized stream is freed when
+ an invalid library handle is passed. Originally proposed
+ by Mike Fabian, 2008/08/18 on freetype-devel.
+ (FT_Open_Face): Ditto (stream).
+ (load_face_in_embedded_rfork): Ditto (stream2).
+
+Fixes Debian bug #487101.
+
+Index: freetype-2.3.7/src/base/ftobjs.c
+===================================================================
+--- freetype-2.3.7.orig/src/base/ftobjs.c
++++ freetype-2.3.7/src/base/ftobjs.c
+@@ -128,13 +128,14 @@
+ FT_Stream stream;
+
+
++ *astream = 0;
++
+ if ( !library )
+ return FT_Err_Invalid_Library_Handle;
+
+ if ( !args )
+ return FT_Err_Invalid_Argument;
+
+- *astream = 0;
+ memory = library->memory;
+
+ if ( FT_NEW( stream ) )
+@@ -1600,7 +1601,7 @@
+ FT_Error errors[FT_RACCESS_N_RULES];
+
+ FT_Open_Args args2;
+- FT_Stream stream2;
++ FT_Stream stream2 = 0;
+
+
+ FT_Raccess_Guess( library, stream,
+@@ -1713,7 +1714,7 @@
+ FT_Error error;
+ FT_Driver driver;
+ FT_Memory memory;
+- FT_Stream stream;
++ FT_Stream stream = 0;
+ FT_Face face = 0;
+ FT_ListNode node = 0;
+ FT_Bool external_stream;
Reply to: