Hello,
DrawText() in font.c uses the method Glyph() which may return a null pointer, but doesn't check the returned pointer.
I came across this bug, when checking a bug report from Sven Mueller:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=467512
When info.vdr contains an invalid character (like in the above example a 0xA0 - a Latin-1 NO-BREAK SPACE), Glyph() returns null, which then causes a segfault when dereferencing the null-pointer.
The easiest way to fix this, would probably be to ignore such invalid characters, which is, what the attached two-line-patch will do. But maybe it's better to replace such characters with a default character - maybe a space or a '?'.
bye,
Tobias
#! /bin/sh /usr/share/dpatch/dpatch-run ## 99_invalid-char-fix.dpatch by Tobias Grimm tg@e-tobi.net ## ## All lines beginning with `## DP:' are a description of the patch. ## DP: No description.
@DPATCH@ diff -urNad vdr-1.5.16~/font.c vdr-1.5.16/font.c --- vdr-1.5.16~/font.c 2008-02-09 12:52:25.000000000 +0100 +++ vdr-1.5.16/font.c 2008-02-29 00:50:55.000000000 +0100 @@ -258,6 +258,8 @@ uint sym = Utf8CharGet(s, sl); s += sl; cGlyph *g = Glyph(sym, AntiAliased); + if (!g) + continue; int kerning = Kerning(g, prevSym); prevSym = sym; uchar *buffer = g->Bitmap();
On 02/29/08 01:04, Tobi wrote:
Hello,
DrawText() in font.c uses the method Glyph() which may return a null pointer, but doesn't check the returned pointer.
I came across this bug, when checking a bug report from Sven Mueller:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=467512
When info.vdr contains an invalid character (like in the above example a 0xA0 - a Latin-1 NO-BREAK SPACE), Glyph() returns null, which then causes a segfault when dereferencing the null-pointer.
The easiest way to fix this, would probably be to ignore such invalid characters, which is, what the attached two-line-patch will do. But maybe it's better to replace such characters with a default character - maybe a space or a '?'.
I also think showing some replacement character is best.
Can you please verify if the attached patch does this correctly?
If this works, I'd like to include it in version 1.6.0.
Klaus
On 02/29/08 14:29, Klaus Schmidinger wrote:
On 02/29/08 01:04, Tobi wrote:
Hello,
DrawText() in font.c uses the method Glyph() which may return a null pointer, but doesn't check the returned pointer.
I came across this bug, when checking a bug report from Sven Mueller:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=467512
When info.vdr contains an invalid character (like in the above example a 0xA0 - a Latin-1 NO-BREAK SPACE), Glyph() returns null, which then causes a segfault when dereferencing the null-pointer.
The easiest way to fix this, would probably be to ignore such invalid characters, which is, what the attached two-line-patch will do. But maybe it's better to replace such characters with a default character - maybe a space or a '?'.
I also think showing some replacement character is best.
Can you please verify if the attached patch does this correctly?
If this works, I'd like to include it in version 1.6.0.
Maybe the attached version is even better, because there are also other places where Glyph() is called.
Klaus
Klaus Schmidinger wrote:
Can you please verify if the attached patch does this correctly?
Maybe the attached version is even better, because there are also other places where Glyph() is called.
The patch works, but you should also pass the AntiAliased parameter when recursivly calling Glyph().
Besides this - I have the 0xA0 about 80 times in my epg.data (very often on DMAX). As far as I can tell, the 0xA0 is used as NON-BREAKING SPACE to avoid the collapsing of two or more spaces. Therefore the 0xA0 might as well be rendered as normal single space by default:
if (CharCode == 0xA0) CharCode = 0x20;
Tobias
diff -urNad vdr-1.5.16~/font.c vdr-1.5.16/font.c --- vdr-1.5.16~/font.c 2008-02-29 22:21:30.000000000 +0100 +++ vdr-1.5.16/font.c 2008-02-29 22:24:05.000000000 +0100 @@ -214,6 +214,9 @@ return Glyph; } } +#define UNKNOWN_GLYPH_INDICATOR '?' + if (CharCode != UNKNOWN_GLYPH_INDICATOR) + return Glyph(UNKNOWN_GLYPH_INDICATOR, AntiAliased); return NULL; }
@@ -258,6 +261,8 @@ uint sym = Utf8CharGet(s, sl); s += sl; cGlyph *g = Glyph(sym, AntiAliased); + if (!g) + continue; int kerning = Kerning(g, prevSym); prevSym = sym; uchar *buffer = g->Bitmap();
On 02/29/08 23:01, Tobi wrote:
Klaus Schmidinger wrote:
Can you please verify if the attached patch does this correctly?
Maybe the attached version is even better, because there are also other places where Glyph() is called.
The patch works, but you should also pass the AntiAliased parameter when recursivly calling Glyph().
Right.
Besides this - I have the 0xA0 about 80 times in my epg.data (very often on DMAX). As far as I can tell, the 0xA0 is used as NON-BREAKING SPACE to avoid the collapsing of two or more spaces. Therefore the 0xA0 might as well be rendered as normal single space by default:
if (CharCode == 0xA0) CharCode = 0x20;
That's certainly the correct solution - 0xA0 is officially specified as non-breaking space.
Attached is the complete patch, please verify.
Klaus
-
Klaus Schmidinger -
Tobi