fdo-mirrors/xorg-libx11
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/xorg/lib/libx11.git synced 2026-05-05 12:17:59 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

set_fontset_extents crash after get_rotate_fontname fix in 2bef065b70

Browse source 
- In set_fontset_extents, check font_data is not NULL before running
  loop that may increment it to a non-NULL invalid pointer.
- Make sure get_rotate_fontname counts the final field

Fixes OpenSolaris bug 6913809: X application dumps core in ja_JP.UTF-8 locale
<http://bugs.opensolaris.org/bugdatabase/view_bug.do?bug_id=6913809>

Signed-off-by: Alan Coopersmith <alan.coopersmith@sun.com>
Reviewed-by: Adam Jackson <ajax@redhat.com>
This commit is contained in:
Osamu Sayama 2010-01-05 17:26:40 -08:00 committed by Alan Coopersmith
parent 87529c0390
commit 4d4676c0d6
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
modules/om/generic/omGeneric.c
View file

@ -412,11 +412,10 @@ set_fontset_extents(
}
}
if(font_set->vrotate_num > 0) {
if(font_set->vrotate_num > 0 && font_set->vrotate != NULL) {
font_data = (FontData) font_set->vrotate;
font_data_count = font_set->vrotate_num;
for( ; font_data_count-- ; font_data++) {
if(font_data != NULL)
if(font_data->font != NULL) {
check_fontset_extents(&overall, &logical_ascent,
&logical_descent,
@ -572,6 +571,7 @@ get_rotate_fontname(
if((ptr = strchr(ptr, '-'))) {
*ptr = '\0';
} else {
field_num++; /* Count last field */
break;
}
}