[Xpert]Possible bug in xf86bigfont.c

Tue, 20 Aug 2002 16:22:18 -0700 

Greetings all,

First, apologies if this gets posted twice, it appears as if my first
post is in the moderator queue.

I've tracked down a situation which I believe to be a bug in XFree86.
I'm using RedHat 7.3, version 4.2.0-8.

The gist is a null pointer exception in line 667 & 668 of xf86bigfont.c.

pFont->info.props is null and it's being assigned without checking
whether it's null or not. I'm not sure if the simple answer is to wrap
the assign statements in a null pointer check or if it's more complex
than that.

I'm not an X developer, but I'd love to assist in the confirmation and
patch of this particular error, as it's causing me a huge headache right
now. I've been hanging out on #xfree86-devel, but I see no traffic.


Thanks.

--Chris


(gdb) list xf86bigfont.c:667
662                 xFontProp* prFP;
663                 int i;
664                 for (i = 0, pFP = pFont->info.props, prFP =
(xFontProp *) p;
665                      i < nfontprops;
666                      i++, pFP++, prFP++) {
667                     prFP->name = pFP->name;
668                     prFP->value = pFP->value;
669                     if (client->swapped) {
670                         char tmp;
671                         swapl(&prFP->name, tmp);
(gdb) print *pFont
$5 = {refcnt = 142373721, info = {firstCol = 57392, lastCol = 16914,
firstRow = 0, lastRow = 0, defaultCh = 0, noOverlap = 0, terminalFont =
0, constantMetrics = 0, constantWidth = 0, inkInside = 0, inkMetrics =
0, allExist = 0, drawDirection = 0, cachable = 1, anamorphic = 0,
maxOverlap = 0, pad = 0, maxbounds = { leftSideBearing = 2,
rightSideBearing = 18, characterWidth = 18, ascent = 18, descent = 4,
attributes = 0}, minbounds = {leftSideBearing = -3, rightSideBearing =
1, characterWidth = 4, ascent = -2, descent = -11, attributes = 0},
ink_maxbounds = {leftSideBearing = 2, rightSideBearing = 18,
characterWidth = 18, ascent = 18, descent = 4, attributes = 0},
ink_minbounds = {leftSideBearing = -3, rightSideBearing = 1,
characterWidth = 4, ascent = -2, descent = -11, attributes = 0},
fontAscent = 16, fontDescent = 4, nprops = 27, props = 0x0, isStringProp
= 0x8a439a8 "\001\001\001\001\001\001"}, bit = 0 '\0', byte = 0 '\0', 
glyph = 4 '\004', scan = 1 '\001', format = 512, get_glyphs = 0x8121ee8
<_fs_get_glyphs>, get_metrics = 0x8122418 <_fs_get_metrics>, unload_font
= 0x8122726 <_fs_unload_font>, unload_glyphs = 0, fpe = 0x873f2a0,
svrPrivate = 0x0, fontPrivate = 0x87d32b0, fpePrivate = 0x87d32c0,
maxPrivate = 1, devPrivates = 0x8a43724}
(gdb) quit

-- 
Homepage: http://interclypse.net
Registered Linux user #215241 (http://counter.li.org/)

Attachment: signature.asc
Description: This is a digitally signed message part

Reply via email to