[Devel] Re: Bug#216605: Patch for FreeType 2.1.5 (stroke_width, paint

freetype-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Devel] Re: Bug#216605: Patch for FreeType 2.1.5 (stroke_width, paint_ty

From:	Anthony Fok
Subject:	[Devel] Re: Bug#216605: Patch for FreeType 2.1.5 (stroke_width, paint_type)
Date:	Wed, 22 Oct 2003 03:01:31 +0800
User-agent:	Mutt/1.5.4i

Hello Josselin,

Many thanks for your detailed analysis and fix.
I'm forwarding your message to the upstream FreeType development
mailing list.  :-)

I'll be doing an upload this morning to fix Bug#213232, #214732 and
#216605.  In case you don't see 2.1.5-3 uploaded within a few hours,
feel free to NMU.  :-)

On Tue, Oct 21, 2003 at 04:37:18PM +0200, Josselin Mouette wrote:
> The attached patch solves the crashes when reading Type1 fonts with
> non-zero StrokeWidth or PaintType.
> 
> Unless there are objections, I will apply it in a NMU in a few hours.
> 
> Regards,
> -- 
>  .''`.           Josselin Mouette        /\./\
> : :' :           address@hidden
> `. `'                        address@hidden
>   `-  Debian GNU/Linux -- The power of freedom

> --- freetype-2.1.5/src/type1/t1objs.c.orig    2003-10-21 15:58:18.000000000 
> +0200
> +++ freetype-2.1.5/src/type1/t1objs.c 2003-10-21 15:58:40.000000000 +0200
> @@ -229,8 +229,8 @@
>        FT_FREE( type1->encoding.char_name );
>        FT_FREE( type1->font_name );
>  
> -      FT_FREE( type1->paint_type );
> -      FT_FREE( type1->stroke_width );
> +      /* FT_FREE( type1->paint_type ); */
> +      /* FT_FREE( type1->stroke_width ); */
>  
>  #ifndef T1_CONFIG_OPTION_NO_AFM
>        /* release afm data if present */
> --- freetype-2.1.5/src/type42/t42objs.c.orig  2003-10-21 15:59:47.000000000 
> +0200
> +++ freetype-2.1.5/src/type42/t42objs.c       2003-10-21 16:00:02.000000000 
> +0200
> @@ -398,8 +398,8 @@
>        FT_FREE( type1->encoding.char_name );
>        FT_FREE( type1->font_name );
>  
> -      FT_FREE( type1->paint_type );
> -      FT_FREE( type1->stroke_width );
> +      /* FT_FREE( type1->paint_type ); */
> +      /* FT_FREE( type1->stroke_width ); */
>  
>        FT_FREE( face->ttf_data );
>  
> --- freetype-2.1.5/include/freetype/internal/t1types.h.orig   2003-10-21 
> 16:00:42.000000000 +0200
> +++ freetype-2.1.5/include/freetype/internal/t1types.h        2003-10-21 
> 16:00:56.000000000 +0200
> @@ -108,14 +108,14 @@
>      FT_Byte**        charstrings;       /* array of glyph charstrings */
>      FT_Int*          charstrings_len;
>  
> -    FT_Byte*         paint_type;
> +    FT_Byte          paint_type;
>      FT_Byte          font_type;
>      FT_Matrix        font_matrix;
>      FT_Vector        font_offset;
>      FT_BBox          font_bbox;
>      FT_Long          font_id;
>  
> -    FT_Fixed*        stroke_width;
> +    FT_Fixed         stroke_width;
>  
>    } T1_FontRec, *T1_Font;


Werner and David, here is the link to the Debian bug report, originally
filed against "fontconfig" (which Josselin maintains), but turns out to
be a FreeType bug afterall:

        http://bugs.debian.org/216605

In case you can't browse the page conveniently, here is a summary:

Laurent Bonnaud reports (19 Oct 2003):

        # apt-get install --reinstall fontconfig
        [...]
        Setting up fontconfig (2.2.1-6) ...
        [...]
        Regenerating fonts cache...
           /var/lib/dpkg/info/fontconfig.postinst:
                line 131:  7543 Segmentation fault
                HOME=/root fc-cache -f -v >/var/log/fontconfig.log 2>&1
                failed.

He added:

        To reproduce this bug, you need to install the gsfonts-other package.
        The crash occurs when fc-cache tries to process Hershey fonts.

Josselin was quick in locating the problem (20 Oct 2003):

        Okay, this is a freetype bug.
        These fonts contain a PaintType entry:
                /PaintType 1 def
        Freetype reads this entry, as shows t1tokens.h:
                T1_FIELD_NUM  ( "PaintType", paint_type )
        But... it is assigned to a pointer, as shows t1types.h!
                FT_Byte*         paint_type;
        Of course, when it is time to free that property, in t1objs.c:
                FT_FREE( type1->paint_type );
        ... the program segfaults.

and provided the patch on 21 Oct 2003.

Initially, I was worried that Josselin's patch would break binary
compatibility, but it turns out that he's actually restoring it.  ;-)

    2003-05-30  Werner Lemberg
        * include/freetype/internal/t1types.h (T1_Font): Change paint_type
          and stroke_width to pointers.
        Ditto for src/type1/t1tokens.h, src/type1/t1objs.c, 
src/type42/t42parse.c,
        src/type42/t42objs.c, etc.
        
    2003-07-25  David Turner
        This change reimplements fix from 2003-05-30 without breaking
        binary compatibility.
        * src/type42/t42parse.c, src/type1/t1tokens.h: `paint_type', `stroke 
width'
          are reverted to normal values.

Oops, t1types.h, t1objs.c and t42objs.c didn't get reverted to normal
values, just as Josselin discovered.

Thanks to everyone who have been helping to fix recent bugs in
FreeType 2.1.5.  :-)

Cheers,

Anthony

-- 
Anthony Fok Tung-Ling
ThizLinux Laboratory   <address@hidden> http://www.thizlinux.com/
Debian Chinese Project <address@hidden>       http://www.debian.org/intl/zh/
Come visit Our Lady of Victory Camp!           http://www.olvc.ab.ca/

[Prev in Thread]

Current Thread

[Next in Thread]

[Devel] Re: Bug#216605: Patch for FreeType 2.1.5 (stroke_width, paint_type), Anthony Fok <=
- Re: [Devel] Re: Bug#216605: Patch for FreeType 2.1.5 (stroke_width, paint_type), Werner LEMBERG, 2003/10/22

Prev by Date: RE: [Devel] Re: [Freetype] Freetype 2 on Mac
Next by Date: [Devel] TTC to TTF algorithm
Previous by thread: [Devel] installing FreeType 2 on Solaris
Next by thread: Re: [Devel] Re: Bug#216605: Patch for FreeType 2.1.5 (stroke_width, paint_type)
Index(es):
- Date
- Thread