#75 libwmf-0.2.5 seg fault

open-fixed
None
5
2002-06-16
2002-06-10
No

wmf_player_int in player.c does not initialize the data
structure properly and causes a seg fault when it tires to
access the default_font later.
When it tries to access the user_data element for font
resolution in wmf_ipa_font_map(font.c) it crashes
because the user_data element in _wmfFont (ipa.h)
is not initialized to NULL.

2 fixes:
place a memset(P,0,sizeof(wmfPlayer_t)) after the new
line, or

P->flags = 0;
P->default_font.user_data = 0;

I like the first option, less room for possible other
uninitialized data.

Discussion

  • Francis James Franklin

    • assigned_to: nobody --> fjfranklin
    • status: open --> open-fixed
     
  • Francis James Franklin

    Logged In: YES
    user_id=146639

    I dislike the memset approach because it hides so much -
    what if something is supposed to be set to non-zero?

    Anyway, the bug is valid, fixed in CVS now (2nd option but
    in player/defaults.h not player.c).

    Thanks Corby,
    Frank

     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

JavaScript is required for this form.





No, thanks