215760 – Bug in rendering ASCII space character

Bug 215760 - Bug in rendering ASCII space character

Summary: Bug in rendering ASCII space character

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Red Hat Enterprise Linux 5
Classification:	Red Hat
Component:	freetype
Sub Component:
Version:	5.0
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Target Release:	---
Assignee:	Behdad Esfahbod
QA Contact:	Brock Organ
Docs Contact:
URL:
Whiteboard:
Depends On:	214048
Blocks:
TreeView+	depends on / blocked

Reported:	2006-11-15 16:59 UTC by Matthias Clasen
Modified:	2007-11-30 22:07 UTC (History)
CC List:	2 users (show)
Fixed In Version:	beta2
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2006-12-23 02:45:13 UTC
Target Upstream Version:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Matthias Clasen 2006-11-15 16:59:47 UTC

+++ This bug was initially created as a clone of Bug #214048 +++

Description of problem:
freetype returns an "invalid argument" error (6) when rendering character code
32 (if there are no strokes in the glyph) because it leads to allocating a
0-length block of memory and ftutil.c considers that an error.

Version-Release number of selected component (if applicable):
freetype-2.2.1-10

How reproducible:
Always.  An example of a program that is affected by this bug is tuxtype2, which
segfaults immediately on startup (trying to dereference a null pointer).

Steps to Reproduce:
1. Install tuxtype2 from the Fedora 6 Extras collection
2. Run tuxtype2
  
Actual results:
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1209043264 (LWP 26955)]
black_outline (t=0x80594c9 "Fish Cascade", font=0xa0b00e0, c=0x805fe28) at
alphabet.c:123
123             out = SDL_CreateRGBSurface(SDL_SWSURFACE, (tmp->w)+5,
(tmp->h)+5, 32, rmask, gmask, bmask, amask);
(gdb) bt
#0  black_outline (t=0x80594c9 "Fish Cascade", font=0xa0b00e0, c=0x805fe28) at
alphabet.c:123
#1  0x0804f51b in TitleScreen_load_menu () at titlescreen.c:75
#2  0x0804fdf4 in TitleScreen () at titlescreen.c:293
#3  0x0804e1b5 in main (argc=2, argv=0xbf888d84) at main.c:151
#4  0x00151f2c in __libc_start_main


Expected results:
Program should display rendered text.


Additional info:
The fix can be found on
http://cvs.savannah.gnu.org/viewcvs/freetype2/src/base/ftutil.c

-- Additional comment from trevin on 2006-11-04 23:03 EST --
Created an attachment (id=140377)
Patch to bring src/util/ftutil.c up from 1.22 to 1.24


-- Additional comment from steve on 2006-11-15 11:53 EST --
Ping?




Behdad, I guess we need this fix in RHEL5, too ?

Comment 1 RHEL Program Management 2006-11-15 17:20:22 UTC

This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux major release.  Product Management has requested further
review of this request by Red Hat Engineering, for potential inclusion in a Red
Hat Enterprise Linux Major release.  This request is not yet committed for
inclusion.

Comment 2 Behdad Esfahbod 2006-11-27 20:57:13 UTC

Built.

Comment 3 Zack Cerza 2006-12-06 19:28:29 UTC

Is there another way to reproduce this? I tried to rebuild tuxtype2 for RHEL5,
but had missing BRs.

[root@tallest ~]# yum install SDL_image-devel SDL_mixer-devel SDL_ttf-devel
...
No Match for argument: SDL_image-devel
No Match for argument: SDL_mixer-devel
No Match for argument: SDL_ttf-devel

Comment 4 RHEL Program Management 2006-12-23 02:45:13 UTC

A package has been built which should help the problem described in 
this bug report. This report is therefore being closed with a resolution 
of CURRENTRELEASE. You may reopen this bug report if the solution does 
not work for you.

Note You need to log in before you can comment on or make changes to this bug.