[MacPorts] #52029: fontconfig 2.12.1 breaks wine and wine-devel
MacPorts
noreply at macports.org
Thu Sep 15 06:25:10 CEST 2016
#52029: fontconfig 2.12.1 breaks wine and wine-devel
------------------------------+--------------------------
Reporter: mf2k@… | Owner: ryandesign@…
Type: defect | Status: new
Priority: Normal | Milestone:
Component: ports | Version: 2.3.4
Resolution: | Keywords: haspatch
Port: fontconfig wine |
------------------------------+--------------------------
Comment (by tc01@…):
It took me a while but I nailed down what the cause of this bug, and the
font files involved. It has to do with the security patch at
https://cgit.freedesktop.org/fontconfig/commit/?id=7a4a5bd7897d216f0794ca9dbce0a4a5c9d14940
.
The following patch code:
{{{
for (j = font->num, l = FcPatternEltValues(e); j >= 0 && l; j--, l =
FcValueListNext(l))
if (l->next != NULL && !FcIsEncodedOffset(l->next))
break;
if (j < 0)
return FcFalse;
}}}
is the cause of the bug. It is supposed to check the following:
''"Iterating linked lists must not take longer than the amount of elements
specified. A violation of this rule can break a possible endless loop."''
'''Font->num''' doesn't indicate the elements in the linked list, and I
couldn't find any variable which tracks this within its data structure.
The linked list contains the Font Family names for different languages.
Font->num indicates the number of elts a pattern has, so there is no
relationship between them.
On the Mac there are 33 fonts within the /System/Library/Fonts directory
which causes an issue with the above code since they contain Font Family
names in 31 different languages and the Pattern has 23 elts. (see attached
file '''SystemFontDetails.txt''' for font details)
I have attached my patch file '''patch-src-fccache.c.diff''' to fix this
bug in Fontconfig 2.12.1
--
Ticket URL: <https://trac.macports.org/ticket/52029#comment:15>
MacPorts <https://www.macports.org/>
Ports system for macOS
More information about the macports-tickets
mailing list