Menu
▾
▴
[Fontforge-devel] _GDraw_DoText8() crash with invalid UTF-8 string
|
From: KANOU H. <ka...@kh...> - 2006-01-28 12:19:18
|
If a broken UTF8 string is given to _GDraw_DoText8() in gdraw/gdrawtxt.c,
FontForge will crash.
The mechanism is:
1.(line 2099) utf8-ildb() returns -1,
2.(line 2111) plane=0xffff;
3.(line 2122) enc=65567;
4.(line 2125) invalid fd is dereferenced.
If a font has a non-UTF8 string in name table, warning messages will be
displayed when the font is opened.
Warning: Mac and Windows entries in the 'name' table differ for the
XXXXX string in the language Japanese.
Mac String: YYYYYYYY
Windows String: ZZZZZZZZ
In this warning message, YYYYYYYYY is stored in SJIS (MacJapanese, plat=1 &
spec=1) while ZZZZZZZZ in UTF-16 (Windows Unicode, plat=3 & spec=1).
The crash described above occurs while displaying YYYYYYYY.
This patch doesn't fix the interpretation of the strings, but avoids crash
by simply ignoring erroneous characters returned by utf8-ildb().
--- gdrawtxt.c.orig Sun Jan 1 22:53:26 2006
+++ gdrawtxt.c Fri Jan 27 22:42:09 2006
@@ -2107,7 +2107,7 @@
}
text = last;
dist += _GDraw_DoText(gw,x+dist,y,ubuffer,upt-ubuffer,mods,col,drawit,arg);
- } else {
+ } else if (val!=(uint32)(-1)) {
int plane = (val>>16);
upt = ubuffer;
while ( (val>>16)==plane && text<=end &&
|