Bug 680419

Summary: fonttosfnt segfaults
Product: Red Hat Enterprise Linux 6 Reporter: Josh Boyer <jwboyer>
Component: xorg-x11-font-utilsAssignee: Peter Hutterer <peter.hutterer>
Status: CLOSED WONTFIX QA Contact: Desktop QE <desktop-qa-list>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 6.0Keywords: Patch, Triaged
Target Milestone: rc   
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-11-19 07:59:58 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 842499    
Attachments:
Description Flags
PCF file used
none
patch in question none

Description Josh Boyer 2011-02-25 13:45:43 UTC 
Description of problem:

When running fonttosftn on a simple pcf file, the application segfaults.

[root@localhost ~]# fonttosfnt -v -o font.ttf 4x6.pcf 
4x6.pcf Fixed Regular: 1 sizes
Segmentation fault
[root@localhost ~]# 

Version-Release number of selected component (if applicable):

[root@localhost ~]# rpm -q xorg-x11-font-utils glibc
xorg-x11-font-utils-7.2-10.el6.x86_64
glibc-2.12-1.7.el6.x86_64

How reproducible:

Always on x86_64.  I haven't seen this behavior on i686.

Steps to Reproduce:
1. Run the above command
2.
3.
  
Actual results:

Segfault

Expected results:

No segfault

Additional info:

A stacktrace.

[root@localhost ~]# gdb fonttosfnt
GNU gdb (GDB) Red Hat Enterprise Linux (7.1-29.el6)
Copyright (C) 2010 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/bin/fonttosfnt...Reading symbols from /usr/lib/debug/usr/bin/fonttosfnt.debug...done.
done.
(gdb) set args -v -o font.ttf 4x6.pcf
(gdb) run
Starting program: /usr/bin/fonttosfnt -v -o font.ttf 4x6.pcf
4x6.pcf Fixed Regular: 1 sizes

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff737fff7 in _IO_vfprintf_internal (s=<value optimized out>, 
    format=<value optimized out>, ap=<value optimized out>) at vfprintf.c:1593
1593		  process_string_arg (((struct printf_spec *) NULL));
Missing separate debuginfos, use: debuginfo-install freetype-2.3.11-5.el6.x86_64 libfontenc-1.0.5-2.el6.x86_64 zlib-1.2.3-25.el6.x86_64
(gdb) bt
#0  0x00007ffff737fff7 in _IO_vfprintf_internal (s=<value optimized out>, 
    format=<value optimized out>, ap=<value optimized out>) at vfprintf.c:1593
#1  0x00007ffff7430850 in ___vsnprintf_chk (s=0x60e010 "", 
    maxlen=<value optimized out>, flags=1, slen=<value optimized out>, 
    format=0x40651a "%s X.org bitmap size %dx%d", args=0x7fffffffe330)
    at vsnprintf_chk.c:65
#2  0x00000000004037c3 in vsnprintf (f=0x40651a "%s X.org bitmap size %dx%d", 
    args=0x7fffffffe330) at /usr/include/bits/stdio2.h:78
#3  vsprintf_reliable (f=0x40651a "%s X.org bitmap size %dx%d", 
    args=0x7fffffffe330) at util.c:93
#4  0x00000000004038ab in sprintf_reliable (f=<value optimized out>)
    at util.c:77
#5  0x00000000004019aa in readFile (filename=0x7fffffffe882 "4x6.pcf", 
    font=0x608030) at read.c:130
#6  0x000000000040127c in main (argc=5, argv=<value optimized out>)
    at fonttosfnt.c:110
(gdb)
Comment 1 Josh Boyer 2011-02-25 13:47:44 UTC 
Created attachment 480997 [details]
PCF file used

I've attached the 4x6.pcf file used just in case it was asked for.  There's nothing special about it, and the issue happens with other .pcf files as well.
Comment 3 RHEL Program Management 2011-02-25 14:17:49 UTC 
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated
in the current release, Red Hat is unfortunately unable to
address this request at this time. Red Hat invites you to
ask your support representative to propose this request, if
appropriate and relevant, in the next release of Red Hat
Enterprise Linux. If you would like it considered as an
exception in the current release, please ask your support
representative.
Comment 4 Josh Boyer 2011-03-01 00:29:43 UTC 
It seems a rather simple fix is available for this.  It could be applied directly to the code from what I can tell.  Seems silly not to include it.

http://cgit.freedesktop.org/xorg/app/fonttosfnt/commit/?id=4ecd697abe1026eb27e1373bf357ebca2ade4138

There are a few subsequent fixes in this area, but they seem to do more with non-GNU platforms which doesn't seem applicable to RHEL.
Comment 5 Matěj Cepl 2011-03-08 16:06:15 UTC 
Created attachment 482940 [details]
patch in question
Comment 6 Peter Hutterer 2015-11-19 07:59:58 UTC 
This bug has been reported against RHEL 6.0, with no updates in the last 4 years. I tried to reproduces this here on a x86_64 VM and the command succeeds. xorg-x11-font-utils is not scheduled for an update in the next version of RHEL 6.x, I am thus closing this as WONTFIX.

If you would like Red Hat to re-consider your feature request, please re-open
the feature request via appropriate support channels and provide additional
supporting details about the importance of this feature.