GNOME Bugzilla – Bug 66067
Purify IMR error in mini-frididi/frididi.c
Last modified: 2004-12-22 21:47:04 UTC
This is occurring while in: run_length_encode_types [mini-fribidifribidi.c:153] current.pos = -1; for (i = 0; i <= type_len; i++) { => if (char_type[i] != current.type || i == type_len) { if (current.pos >= 0) { fribidi_analyse_string [mini-fribidifribidi.c:594] pango_log2vis_get_embedding_levels [mini-fribidifribidi.c:1081] pango_itemize [pangopango-context.c:406] pango_layout_check_lines [pangopango-layout.c:2905] pango_layout_get_extents_internal [pangopango-layout.c:1878] A fix is to test i == type_len first. if (i == type_len || char_type[i] != current.type)
Here is a copy of purify report onto the problem. UMR: Uninitialized memory read (26 times) This is occurring while in: run_length_encode_types [mini-fribidifribidi.c:153] fribidi_analyse_string [mini-fribidifribidi.c:594] pango_log2vis_get_embedding_levels [mini-fribidifribidi.c:1081] pango_itemize [pangopango-context.c:406] pango_layout_check_lines [pangopango-layout.c:2905] pango_layout_get_extents_internal [pangopango-layout.c:1878] Reading 4 bytes from 0xffbea7dc on the stack. Address 0xffbea7dc is 108 bytes below frame pointer in function fribidi_analyse_string. ---- It seems to happen when char_type[type_len] is evaluated since it is read beyond the allocated array.
Thu Jan 10 16:27:24 2002 Owen Taylor <otaylor@redhat.com> * pango/mini-fribidi/fribidi.c: Fix read of unitialized memory (#66067, Hidetoshi Tajima)