Your message dated Mon, 12 Feb 2007 20:24:20 +0100
with message-id <[EMAIL PROTECTED]>
and subject line Bug#298720: libx11-6: XCreateFontSet crashes with "*" as font
name
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: libx11-6
Version: 4.3.0.dfsg.1-12.0.1
Severity: normal
Hello,
root-tail seems to trigger a bug in XLib, as reported in #298708.
It seems XCreateFontSet() crashes when passed the string "*" as
second argument (font name). Here is a simple test case which
triggers the bug :
#include <X11/Xlib.h>
#include <stdio.h>
int
main (int argc, char **argv)
{
Display *dpy = NULL;
char *base_name = "*";
char **missing_charset = NULL;
int missing_charsetn = -1;
char *def_str = NULL;
XFontSet font_set = NULL;
dpy = XOpenDisplay (NULL);
if (!dpy)
{
fprintf(stderr, "Cannot open display");
return -1;
}
font_set =
XCreateFontSet(dpy,
base_name,
&missing_charset,
&missing_charsetn,
&def_str);
if (font_set)
XFreeFontSet(dpy, font_set);
XCloseDisplay(dpy);
return 0;
}
Which gives :
$ gcc -Wall -ggdb test.c -o test -L/usr/X11R6/lib -lX11
$ gdb ./test
[...]
(gdb) r
Program received signal SIGSEGV, Segmentation fault.
0x40163af4 in mallopt () from /lib/tls/libc.so.6
(gdb) bt
#0 0x40163af4 in mallopt () from /lib/tls/libc.so.6
#1 0x40162a4b in free () from /lib/tls/libc.so.6
#2 0x4001f36a in _Xutf8DefaultDrawImageString ()
from /usr/X11R6/lib/X11/locale/lib/common/xomGeneric.so.2
#3 0x4001f52f in _Xutf8DefaultDrawImageString ()
from /usr/X11R6/lib/X11/locale/lib/common/xomGeneric.so.2
#4 0x4001f868 in _Xutf8DefaultDrawImageString ()
from /usr/X11R6/lib/X11/locale/lib/common/xomGeneric.so.2
#5 0x4001fe09 in destroy_fontdata ()
from /usr/X11R6/lib/X11/locale/lib/common/xomGeneric.so.2
#6 0x40079491 in XCreateOC () from /usr/X11R6/lib/libX11.so.6
#7 0x40078825 in XCreateFontSet () from /usr/X11R6/lib/libX11.so.6
#8 0x08048658 in main (argc=1, argv=0xbffffa64) at test.c:21
(gdb)
It seems like there's a double-free somewhere, but I couldn't
find it at first look, and I'm surely not as familiar as you
are with this code. :)
Thanks a lot,
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.8-1-386
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15)
Versions of packages libx11-6 depends on:
ii debconf [debconf-2.0] 1.4.46 Debian configuration management sy
ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an
ii xfree86-common 4.3.0.dfsg.1-12 X Window System (XFree86) infrastr
ii xlibs-data 4.3.0.dfsg.1-12 X Window System client data
-- debconf information excluded
--- End Message ---
--- Begin Message ---
Closing since the test program that the submitter provided does not
crash anymore with Xorg/Etch.
Brice
--- End Message ---
