Package: xfstt / 1.7-8

Metadata

Package Version Patches format
xfstt 1.7-8 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
0000 fix_socket_dir_mode.patch | (download)

src/xfstt.cc | 1 1 + 0 - 0 !
1 file changed, 1 insertion(+)

---
0001 libfstt Fix segfault on font file open error.patch | (download)

libfstt/rafile.cc | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 [patch 01/02] libfstt: fix segfault on font file open error

RandomAccessFile::RandomAccessFile(char *filename)'s error path, on
failure to open a file, neglects to set absbase; this leads to
openError() failing to report that open failed, so instances think
they're OK and try to use methods that should only be used if open
succeeded, with consequent segfaults.

0002 Fix segfaults due to mmap failure.patch | (download)

libfstt/rafile.cc | 5 5 + 0 - 0 !
src/xfstt.cc | 15 15 + 0 - 0 !
2 files changed, 20 insertions(+)

 [patch 02/02] fix segfaults due to mmap failure

If mmap fails the returned address is going to be invalid which is
going to make subsequent usege of the instance use bogus values causing
segfaults, handle this case as a normal open error.

0003 Set info file magic and type TTFNheader fields in tw.patch | (download)

src/xfstt.cc | 3 2 + 1 - 0 !
1 file changed, 2 insertions(+), 1 deletion(-)

 [patch] set info file magic and type ttfnheader fields in two steps

The current code is perfectly legal, even though a bit ugly, but this
fixes an abort when using the fortify compiler support, as it exceeds
its bound checks.

0004 Fix a crash when listing fonts on fortified builds.patch | (download)

src/xfstt.cc | 7 6 + 1 - 0 !
1 file changed, 6 insertions(+), 1 deletion(-)

 [patch] fix a crash when listing fonts on fortified builds
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The code is writting the terminating NUL character past the panose
variable inside the TPFontName structure, which the fortify bound
checks catch and abort on. Even if the overwritten next variable
modifier gets initialized later on and thus there's no actual problem
with the code, it's obviously more correct and future-proof to only
write what the variable can hold.

Signed-off-by: Guillem Jover <guillem@hadrons.org>

debian changes 1.7 8 | (download)

config/config.guess | 300 168 + 132 - 0 !
config/config.sub | 239 187 + 52 - 0 !
2 files changed, 355 insertions(+), 184 deletions(-)

 upstream changes introduced in version 1.7-8
 This patch has been created by dpkg-source during the package build.
 Here's the last changelog entry, hopefully it gives details on why
 those changes were made:
 .
 xfstt (1.7-8) unstable; urgency=low
 .
   * Fix abort when listing fonts due to fortify support. The current code
     does not pose any real problem as the overwritten variable gets
     initialized later on, although the fix makes it correct and future-proof.
     Thanks to Erik Devriendt <erik.devriendt@siemens.com>. (Closes: #583202)
 .
 The person named in the Author field signed this changelog entry.