Bug 331996 – avoid crashes in win32 font handling

After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.

Bug 331996 - avoid crashes in win32 font handling


Summary:	avoid crashes in win32 font handling


Status:	RESOLVED FIXED

Product:	pango
Classification:	Platform
Component:	win32
Version:	1.10.x
Hardware:	Other All

Importance:	Normal normal
Target Milestone:	---
Assigned To:	gtk-win32 maintainers
QA Contact:	pango-maint

URL:
Whiteboard:

Depends on:
Blocks:

Reported:	2006-02-21 08:45 UTC by Arnaud Charlet
Modified:	2006-02-21 10:20 UTC

See Also:
GNOME target:	---
GNOME version:	---

Description Arnaud Charlet 2006-02-21 08:45:57 UTC

Please describe the problem:
The following patch avoids crashes or bad behavior when selecting
invalid on badly handled font in e.g. the font selector:

--- pango/glyphstring.c.old   2006-02-21 09:41:05.000000000 +0100
+++ pango/glyphstring.c       2006-02-21 09:42:09.000000000 +0100
@@ -184,6 +184,9 @@ pango_glyph_string_extents_range (PangoG

       PangoGlyphGeometry *geometry = &glyphs->glyphs[i].geometry;

+      if (font == NULL)
+        goto skip_font;
+
       pango_font_get_glyph_extents (font, glyphs->glyphs[i].glyph,
                                    ink_rect ? &glyph_ink : NULL,
                                    logical_rect ? &glyph_logical : NULL);
@@ -231,6 +234,7 @@ pango_glyph_string_extents_range (PangoG
            }
        }

+skip_font:
       x_pos += geometry->width;
     }
 }
--- pango/pangowin32.c.old    2006-02-21 09:45:05.000000000 +0100
+++ pango/pangowin32.c        2006-02-21 09:45:30.000000000 +0100
@@ -87,6 +87,9 @@ pango_win32_get_hfont (PangoFont *font)
   PangoWin32FontCache *cache;
   TEXTMETRIC tm;

+  if (!win32font)
+    return NULL;
+
   if (!win32font->hfont)
     {
       cache = pango_win32_font_map_get_font_cache (win32font->fontmap);

Steps to reproduce:


Actual results:


Expected results:


Does this happen every time?


Other information:

Comment 1 Behdad Esfahbod 2006-02-21 10:20:27 UTC

I'm curious to know what kinds of crashes does this change fix.
I picked the second part of the patch, but not the first part.  I've guarded pango_font_get_glyph_extents against font==NULL, so that should be fine.  Please test.

2006-02-21  Behdad Esfahbod  <behdad@gnome.org>

        * pango/fonts.c, pango/glyphstring.c, pango/pango-fontmap.c,
        pango/pango-ot-buffer.c, pango/pangocairo-font.c, pango/pangoft2.c,
        pango/pangoxft-font.c, pango/shape.c: Change g_critical to g_warning.
        We already handle them gracefully.

        Bug 331994 – --disable-debug removes G_DISABLE_CAST_CHECKS
        Patch from charlet@act-europe.fr

        * configure.in: Do not lose PANGO_DEBUG_FLAGS when reassigning.

        Bug 331995 – pango_layout_set_text optimization
        Patch from charlet@act-europe.fr

        * pango/pango-layout.c: Do not validate input text if asserts are
        disabled.  Moreover, do not truncate input text on invalid sequence.

        Bug 331996 – avoid crashes in win32 font handling
        Patch from charlet@act-europe.fr

        * pango/pangofc-fontmap.c, pango/pangowin32-fontmap.c,
        pango/pangowin32.c: if (!font) return NULL in a number of places.