[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#168791: xfs: A fix for xfs segfault



Package: xfs
Version: 4.2.1-3
Severity: important
Tags: patch

After upgrade to Xfree 4.2.1, several times we experienced xfs crashes.
(quite bad, because it causes several user sessions on terminals to crash)
At last one of our users found an reprodusable sequence of actions to
crash xfs. So I've tracked the bug.

It dereferences a NULL pointer in xc/lib/font/fontfile/fontenc.c

The following patch fixes the problem:

--- fontenc.c.orig	Tue Nov 12 17:11:37 2002
+++ fontenc.c	Tue Nov 12 17:25:29 2002
@@ -744,7 +744,7 @@
         /* Check whether the name is already known for this encoding */
         if(strcasecmp(encoding->name, encoding_name) == 0) {
             found = 1;
-        } else {
+        } else if (encoding->aliases) {
             for(alias=encoding->aliases; *alias; alias++)
                 if(!strcasecmp(*alias, encoding_name)) {
                     found = 1;
@@ -763,17 +763,21 @@
             if(new_name == NULL)
                 return NULL;
             strcpy(new_name, encoding_name);
-            for(alias = encoding->aliases; *alias; alias++)
-                numaliases++;
+	    if (encoding->aliases) {
+                for(alias = encoding->aliases; *alias; alias++)
+                    numaliases++;
+	    }
             new_aliases = (char**)xalloc((numaliases+2)*sizeof(char*));
             if(new_aliases == NULL) {
                 xfree(new_name);
                 return NULL;
             }
-            memcpy(new_aliases, encoding->aliases, numaliases*sizeof(char*));
+            if (encoding->aliases)  {
+	        memcpy(new_aliases, encoding->aliases, numaliases*sizeof(char*));
+		xfree(encoding->aliases);
+	    }
             new_aliases[numaliases] = new_name;
             new_aliases[numaliases+1] = NULL;
-            xfree(encoding->aliases);
             encoding->aliases = new_aliases;
         }
         
-- System Information:
Debian Release: 3.0
Architecture: i386
Kernel: Linux zigzag 2.4.19 #1 óÒÄ îÏÑ 6 17:54:30 MSK 2002 i686
Locale: LANG=ru_RU.KOI8-R, LC_CTYPE=ru_RU.KOI8-R

Versions of packages xfs depends on:
ii  debconf                       1.2.14     Debian configuration management sy
ii  libc6                         2.3.1-3    GNU C Library: Shared libraries an
ii  zlib1g                        1:1.1.4-1  compression library - runtime

-- debconf information:
* xfs/default_100dpi: 
* xfs/default_nolisten_tcp: 





Reply to: