Re: crash in hangul module + patch

From: Radek Doulík <rodo ximian com>
To: Owen Taylor <otaylor redhat com>
Cc: gtk-i18n-list gnome org
Subject: Re: crash in hangul module + patch
Date: Fri, 20 Feb 2004 17:35:48 +0100

On Thu, 2004-02-19 at 18:09 -0500, Owen Taylor wrote:

> On Thu, 2004-02-19 at 15:23, Radek Doulík wrote:
> > On Thu, 2004-02-19 at 08:58 -0500, Owen Taylor wrote:
> > 
> > > On Thu, 2004-02-19 at 06:21, Radek Doulík wrote:
> > > > Hi,
> > > > 
> > > > I am experiencing crashes in pango when rendering attached file (text.
> > > > utf8). The crash happens in hangul module, where it access memory
> > > > outside array (__jamo_to_ksc5601) boundaries.
> > > > 
> > > > While the attached patch checks the boundaries and avoid the crash, it
> > > > probably doesn't fix the whole problem. I didn't look deeper into it,
> > > > but it seems that pango_itemize should probably make 2 items instead of
> > > > one with hangul shaper.
> > > 
> > > http://bugzilla.gnome.org/show_bug.cgi?id=129741
> > > 
> > > In general all shapers need to be handle any characters fed to them, at
> > > least in a simplistic fashion because there is an actual need to feed
> > > neutral characters such as white space, zero width marks, etc to the
> > > shaper handling the adjacent text.
> > > 
> > > I'd really love it if someone could take a look at this bug and figure
> > > out the right fix.
> > 
> > okie, why not to use my fix meanwhile, so it doesn't crash anymore? it
> > may print some warning if necessary.
> 
> You patch will cause more subtle crashes by violating the constraint
> that every input glyph must end up as part of a cluster; I think
> this one is best solved right, which probably isn't even very hard.

Let render unknown glyph then. New patch attached.

Radek

Index: hangul-fc.c
===================================================================
RCS file: /cvs/gnome/pango/modules/hangul/hangul-fc.c,v
retrieving revision 1.13
diff -u -p -r1.13 hangul-fc.c
--- hangul-fc.c	23 Sep 2003 23:11:51 -0000	1.13
+++ hangul-fc.c	20 Feb 2004 16:29:09 -0000
@@ -246,16 +246,26 @@ render_syllable (PangoFont *font, gunich
       /* This font has no glyphs on the Hangul Jamo area!  Find a
 	 fallback from the Hangul Compatibility Jamo area.  */
       jindex = text[i] - LBASE;
-      for (j = 0; j < 3 && (__jamo_to_ksc5601[jindex][j] != 0); j++)
+      if (0 <= jindex && jindex < 0x100)
+        {
+          for (j = 0; j < 3 && (__jamo_to_ksc5601[jindex][j] != 0); j++)
+	    {
+	      wc = __jamo_to_ksc5601[jindex][j] - KSC_JAMOBASE + UNI_JAMOBASE;
+	      index = (wc >= 0x3131) ? find_char (font, wc) : 0;
+	      pango_glyph_string_set_size (glyphs, *n_glyphs + 1);
+	      if (!index)
+	        set_glyph (font, glyphs, *n_glyphs, cluster_offset,
+		           get_unknown_glyph (font, index));
+	      else
+	        set_glyph (font, glyphs, *n_glyphs, cluster_offset, index);
+	      (*n_glyphs)++;
+	    }
+        }
+      else
 	{
-	  wc = __jamo_to_ksc5601[jindex][j] - KSC_JAMOBASE + UNI_JAMOBASE;
-	  index = (wc >= 0x3131) ? find_char (font, wc) : 0;
 	  pango_glyph_string_set_size (glyphs, *n_glyphs + 1);
-	  if (!index)
-	    set_glyph (font, glyphs, *n_glyphs, cluster_offset,
-		       get_unknown_glyph (font, index));
-	  else
-	    set_glyph (font, glyphs, *n_glyphs, cluster_offset, index);
+	  set_glyph (font, glyphs, *n_glyphs, cluster_offset,
+		     get_unknown_glyph (font, text [i]));
 	  (*n_glyphs)++;
 	}
     }

References:
- crash in hangul module + patch
  - From: Radek Doulík
- Re: crash in hangul module + patch
  - From: Owen Taylor
- Re: crash in hangul module + patch
  - From: Radek Doulík
- Re: crash in hangul module + patch
  - From: Owen Taylor

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]