Bug 680419 - fonttosfnt segfaults
Summary: fonttosfnt segfaults
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: xorg-x11-font-utils
Version: 6.0
Hardware: x86_64
OS: Linux
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Peter Hutterer
QA Contact: Desktop QE
URL:
Whiteboard:
Depends On:
Blocks: 842499
TreeView+ depends on / blocked
 
Reported: 2011-02-25 13:45 UTC by Josh Boyer
Modified: 2015-11-19 07:59 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2015-11-19 07:59:58 UTC
Target Upstream Version:

Attachments (Terms of Use)
PCF file used (69.29 KB, application/font-tdpfr)
2011-02-25 13:47 UTC, Josh Boyer 		no flags Details
patch in question (1.13 KB, patch)
2011-03-08 16:06 UTC, Matěj Cepl 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Description Josh Boyer 2011-02-25 13:45:43 UTC 
Description of problem:

When running fonttosftn on a simple pcf file, the application segfaults.

[root@localhost ~]# fonttosfnt -v -o font.ttf 4x6.pcf 
4x6.pcf Fixed Regular: 1 sizes
Segmentation fault
[root@localhost ~]# 

Version-Release number of selected component (if applicable):

[root@localhost ~]# rpm -q xorg-x11-font-utils glibc
xorg-x11-font-utils-7.2-10.el6.x86_64
glibc-2.12-1.7.el6.x86_64

How reproducible:

Always on x86_64.  I haven't seen this behavior on i686.

Steps to Reproduce:
1. Run the above command
2.
3.
  
Actual results:

Segfault

Expected results:

No segfault

Additional info:

A stacktrace.

[root@localhost ~]# gdb fonttosfnt
GNU gdb (GDB) Red Hat Enterprise Linux (7.1-29.el6)
Copyright (C) 2010 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-redhat-linux-gnu".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /usr/bin/fonttosfnt...Reading symbols from /usr/lib/debug/usr/bin/fonttosfnt.debug...done.
done.
(gdb) set args -v -o font.ttf 4x6.pcf
(gdb) run
Starting program: /usr/bin/fonttosfnt -v -o font.ttf 4x6.pcf
4x6.pcf Fixed Regular: 1 sizes

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff737fff7 in _IO_vfprintf_internal (s=<value optimized out>, 
    format=<value optimized out>, ap=<value optimized out>) at vfprintf.c:1593
1593		  process_string_arg (((struct printf_spec *) NULL));
Missing separate debuginfos, use: debuginfo-install freetype-2.3.11-5.el6.x86_64 libfontenc-1.0.5-2.el6.x86_64 zlib-1.2.3-25.el6.x86_64
(gdb) bt
#0  0x00007ffff737fff7 in _IO_vfprintf_internal (s=<value optimized out>, 
    format=<value optimized out>, ap=<value optimized out>) at vfprintf.c:1593
#1  0x00007ffff7430850 in ___vsnprintf_chk (s=0x60e010 "", 
    maxlen=<value optimized out>, flags=1, slen=<value optimized out>, 
    format=0x40651a "%s X.org bitmap size %dx%d", args=0x7fffffffe330)
    at vsnprintf_chk.c:65
#2  0x00000000004037c3 in vsnprintf (f=0x40651a "%s X.org bitmap size %dx%d", 
    args=0x7fffffffe330) at /usr/include/bits/stdio2.h:78
#3  vsprintf_reliable (f=0x40651a "%s X.org bitmap size %dx%d", 
    args=0x7fffffffe330) at util.c:93
#4  0x00000000004038ab in sprintf_reliable (f=<value optimized out>)
    at util.c:77
#5  0x00000000004019aa in readFile (filename=0x7fffffffe882 "4x6.pcf", 
    font=0x608030) at read.c:130
#6  0x000000000040127c in main (argc=5, argv=<value optimized out>)
    at fonttosfnt.c:110
(gdb)
Comment 1 Josh Boyer 2011-02-25 13:47:44 UTC 
Created attachment 480997 [details]
PCF file used

I've attached the 4x6.pcf file used just in case it was asked for.  There's nothing special about it, and the issue happens with other .pcf files as well.
Comment 3 RHEL Program Management 2011-02-25 14:17:49 UTC 
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated
in the current release, Red Hat is unfortunately unable to
address this request at this time. Red Hat invites you to
ask your support representative to propose this request, if
appropriate and relevant, in the next release of Red Hat
Enterprise Linux. If you would like it considered as an
exception in the current release, please ask your support
representative.
Comment 4 Josh Boyer 2011-03-01 00:29:43 UTC 
It seems a rather simple fix is available for this.  It could be applied directly to the code from what I can tell.  Seems silly not to include it.

http://cgit.freedesktop.org/xorg/app/fonttosfnt/commit/?id=4ecd697abe1026eb27e1373bf357ebca2ade4138

There are a few subsequent fixes in this area, but they seem to do more with non-GNU platforms which doesn't seem applicable to RHEL.
Comment 5 Matěj Cepl 2011-03-08 16:06:15 UTC 
Created attachment 482940 [details]
patch in question
Comment 6 Peter Hutterer 2015-11-19 07:59:58 UTC 
This bug has been reported against RHEL 6.0, with no updates in the last 4 years. I tried to reproduces this here on a x86_64 VM and the command succeeds. xorg-x11-font-utils is not scheduled for an update in the next version of RHEL 6.x, I am thus closing this as WONTFIX.

If you would like Red Hat to re-consider your feature request, please re-open
the feature request via appropriate support channels and provide additional
supporting details about the importance of this feature.
Note You need to log in before you can comment on or make changes to this bug.