Menu
▾
▴
[Mlterm-dev-en] Segfault on Red Hat 9 plus patch.
|
From: Peter H. <pe...@sa...> - 2003-10-13 20:52:48
|
I was getting a segfault everytime I started mlterm on Red Hat 9. I tracked
the problem down to a memory overflow bug in xwindow/x_font_cache.c. On my
system, in x_get_font_name_list_for_fontset, all of the custom font
functions return null. So when we get down to the realloc line,
font_name_list is null. This means that realloc completeley alocates a new
uninitialized memory block which isn't necessary all zeros. In my case it
was a long list of ???? which caused it to overwrite some other memory which
caused a crash later on.
Anyway, here's a patch. I did sort of a minimal patch, but I highly
recommend always using snprintf instead of sprintf in the future which would
probably have made this bug easier to find.
--- x_font_cache.c.orig 2003-10-13 13:26:01.000000000 -0700
+++ x_font_cache.c 2003-10-13 13:38:44.000000000 -0700
@@ -266,8 +266,8 @@
x_font_cache_t * font_cache
)
{
+ char * custom_font_name_list ;
char * font_name_list ;
- char * p ;
size_t list_len ;
if( font_cache->font_custom->font_present & FONT_AA)
@@ -277,42 +277,41 @@
if( ( font_custom = x_acquire_font_custom(
font_cache->font_custom->font_present & ~FONT_AA)) == NULL)
{
- font_name_list = NULL ;
+ custom_font_name_list = NULL ;
}
else
{
- font_name_list = x_get_all_custom_font_names( font_custom , font_cache->font_size) ;
+ custom_font_name_list = x_get_all_custom_font_names( font_custom , font_cache->font_size) ;
x_release_font_custom( font_custom) ;
}
}
else
{
- font_name_list = x_get_all_custom_font_names( font_cache->font_custom ,
+ custom_font_name_list = x_get_all_custom_font_names( font_cache->font_custom ,
font_cache->font_size) ;
}
- if( font_name_list)
+ if( custom_font_name_list)
{
- list_len = strlen( font_name_list) ;
+ list_len = strlen( custom_font_name_list) ;
}
else
{
list_len = 0 ;
}
- if( ( p = realloc( font_name_list , list_len + 28 + DIGIT_STR_LEN(font_cache->font_size) + 1))
+ if( ( font_name_list = malloc( list_len + 28 + DIGIT_STR_LEN(font_cache->font_size) + 1))
== NULL)
{
- return font_name_list ;
+ return custom_font_name_list ;
}
- font_name_list = p ;
-
- if( font_name_list)
+ if( custom_font_name_list)
{
sprintf( font_name_list , "%s,-*-*-medium-r-*--%d-*-*-*-*-*" ,
- font_name_list , font_cache->font_size) ;
+ custom_font_name_list , font_cache->font_size) ;
+ free( custom_font_name_list) ;
}
else
{
@@ -320,5 +319,5 @@
font_cache->font_size) ;
}
- return p ;
+ return font_name_list ;
}
|
