1667239 – pango_fc_font_key_get_variations(key) causing crash when key is null

Bug 1667239 - pango_fc_font_key_get_variations(key) causing crash when key is null

Summary: pango_fc_font_key_get_variations(key) causing crash when key is null

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 7
Classification:	Red Hat
Component:	pango
Sub Component:
Version:	7.6
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	urgent
Target Milestone:	rc
Target Release:	---
Assignee:	Peng Wu
QA Contact:	Desktop QE
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	1640542 1685811 1690325
TreeView+	depends on / blocked

Reported:	2019-01-17 20:02 UTC by Andrew Mike
Modified:	2020-09-28 08:33 UTC (History)
CC List:	8 users (show)
Fixed In Version:	pango-1.42.4-3.el7
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Clones:	1685811 1690325 (view as bug list)
Environment:
Last Closed:	2019-08-06 12:38:30 UTC
Target Upstream Version:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Links
System	ID	Priority	Status	Summary	Last Updated
Debian BTS	898960	None	None	None	2019-01-17 20:04:11 UTC
Gentoo	671136	None	None	None	2019-01-17 20:03:51 UTC
Red Hat Bugzilla	1657542	unspecified	CLOSED	crash in pango_fc_font_key_get_variations for some (eclipse based?) apps	2021-02-22 00:41:40 UTC
Red Hat Knowledge Base (Solution)	4098661	Troubleshoot	None	Upgrading pango causes applications to fail	2019-05-01 14:40:57 UTC
Red Hat Product Errata	RHBA-2019:2044	None	None	None	2019-08-06 12:38:55 UTC

Description Andrew Mike 2019-01-17 20:02:56 UTC

Description of problem:
Behavior in pango_fc_font_key_get_variations(key) causes a crash in some applications when the key parameter is NULL due to lack of parameter validation.

Version-Release number of selected component (if applicable):
pango-1.42.4-1.el7

How reproducible:
Unable to reproduce Eclipse or pango-view, but customers have reported issues, and the issue is seen in other distros (see external bug list).

Additional info:
Patch is available upstream:

Fix crash in pango_fc_font_key_get_variations() when key is null (ad92e199) · Commits · GNOME / pango · GitLab
https://gitlab.gnome.org/GNOME/pango/commit/ad92e199f221499c19f22dce7a16e7d770ad3ae7

Comment 2 Peng Wu 2019-01-18 08:49:19 UTC

I just updated pango in Fedora, will check this bug later.

Comment 20 errata-xmlrpc 2019-08-06 12:38:30 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2019:2044

Note You need to log in before you can comment on or make changes to this bug.