#135 Fix OSD crashes

closed-fixed
nobody
None
5
2011-09-12
2011-09-10
皇帝陛下
No

Putting a "\n" in OSDCLASS->addLine SIGSEGVs.

A newline is 10 in ASCII while the libagg's font starts from a 32 (a space), so it nicely underflows and accesses out-of-bounds memory in agg_glyph_raster_bin.h:90:

m_font + 4 + (glyph - start_char) * 2
m_font + 4 + (16 - 32) * 2

Discussion

  • 皇帝陛下
    皇帝陛下
    2011-09-10

     
  • 皇帝陛下
    皇帝陛下
    2011-09-10

     
  • Is this the crash is hitting on 64bit?

     
  • 皇帝陛下
    皇帝陛下
    2011-09-12

    Yes.

     
  • Applied in r4092, thanks.

     
    • status: open --> closed-fixed