Skip to content

Segfault during Open() when LANG=C and metadata contain Unicode chars #5326

Closed
Closed
Segfault during Open() when LANG=C and metadata contain Unicode chars#5326
@gioele

Description

@gioele
gioele
opened on Dec 21, 2023

Original report: https://bugs.debian.org/1030842

Problem description

fontforge segfaults while opening a TTF file that contains Unicode chars in its metadata fields when LANG=C.

To reproduce:

$ wget https://salsa.debian.org/fonts-team/fonts-femkeklaver/-/raw/master/femkeklaver.ttf
$ echo 'Open($1)' > open.pe
$ export LANG=C
$ fontforge -script open.pe femkeklaver.ttf 
Program root: /usr
Copyright (c) 2000-2023. See AUTHORS for Contributors.
 License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
 with many parts BSD <http://fontforge.org/license.html>. Please read LICENSE.
 Version: 20230101
 Based on sources from 2023-01-18 18:05 UTC-D.
Segmentation fault

Backtrace provided by Bernhard Übelacker

$ LANG=C rr record fontforge -script /home/benutzer/source/fonts-femkeklaver/git/fonts-femkeklaver/debian/clear-fstype.pe /home/benutzer/source/fonts-femkeklaver/git/fonts-femkeklaver/femkeklaver.ttf
$ rr replay -o-q
...
Breakpoint 3, iconv (cd=cd@entry=0x55b4437f72d0, inbuf=inbuf@entry=0x7fff48abee88, inbytesleft=inbytesleft@entry=0x7fff48abee80, outbuf=outbuf@entry=0x7fff48abeea0, outbytesleft=outbytesleft@entry=0x7fff48abee98) at ./iconv/iconv.c:32
32      {
(rr) finish
Run till exit from #0  iconv (cd=cd@entry=0x55b4437f72d0, inbuf=inbuf@entry=0x7fff48abee88, inbytesleft=inbytesleft@entry=0x7fff48abee80, outbuf=outbuf@entry=0x7fff48abeea0, outbytesleft=outbytesleft@entry=0x7fff48abee98) at ./iconv/iconv.c:32
0x00007fd0fc8a0b69 in do_iconv (cd=0x55b4437f72d0, inbuf=<optimized out>, inbuf@entry=0x7fff48abeef0, incount=<optimized out>, inunitsize=inunitsize@entry=1, outunitsize=outunitsize@entry=1) at ./Unicode/ucharmap.c:101
101             if (iconv(cd, (iconv_arg2_t)&inbuf, &incount, &dst, &outremain) == (size_t)-1) {
Value returned is $19 = 18446744073709551615
(rr) next
102                 if (errno == E2BIG) {
(rr) print errno
$20 = 84
(rr) print inbuf
$21 = <optimized out>
(rr) up
#1  0x00007fd0fc8a0fd5 in utf82def_copy (ufrom=ufrom@entry=0x7fff48abeef0 "Warning: Mac and Windows entries in the 'name' table differ for the\n Copyright string in the language English (US)\n Mac String: Typeface © (your company). 2008. All Rights Reserved\nWindows String: Typeface © (femkeklaver.nl). 2008. All Rights Reserved\n") at ./Unicode/ucharmap.c:159
159         return do_iconv(from_utf8, ufrom, strlen(ufrom), sizeof(ufrom[0]), sizeof(char));
(rr) print ufrom
$22 = 0x7fff48abeef0 "Warning: Mac and Windows entries in the 'name' table differ for the\n Copyright string in the language English (US)\n Mac String: Typeface © (your company). 2008. All Rights Reserved\nWindows String: Typeface © (femkeklaver.nl). 2008. All Rights Reserved\n"
(rr) bt
#0  do_iconv (cd=0x55b4437f72d0, inbuf=<optimized out>, inbuf@entry=0x7fff48abeef0, incount=<optimized out>, inunitsize=inunitsize@entry=1, outunitsize=outunitsize@entry=1) at ./Unicode/ucharmap.c:102
#1  0x00007fd0fc8a0fd5 in utf82def_copy (ufrom=ufrom@entry=0x7fff48abeef0 "Warning: Mac and Windows entries in the 'name' table differ for the\n Copyright string in the language English (US)\n Mac String: Typeface © (your company). 2008. All Rights Reserved\nWindows String: Typeface © (femkeklaver.nl). 2008. All Rights Reserved\n") at ./Unicode/ucharmap.c:159
#2  0x00007fd0fc958a84 in NOUI__LogError (format=<optimized out>, ap=ap@entry=0x7fff48abf0b0) at ./fontforge/nouiutil.c:55
#3  0x00007fd0fc958c49 in NOUI_LogError (format=<optimized out>) at ./fontforge/nouiutil.c:66
#4  0x00007fd0fc98555a in TTFAddLangStr (language=<optimized out>, spec=<optimized out>, plat=<optimized out>, stroff=<optimized out>, strlength=<optimized out>, id=0, info=0x7fff48abf220, ttf=0x55b4437ff990) at ./fontforge/parsettf.c:1609
#5  readttfcopyrights (info=0x7fff48abf220, ttf=0x55b4437ff990) at ./fontforge/parsettf.c:1748
#6  readttfpreglyph (info=0x7fff48abf220, ttf=0x55b4437ff990) at ./fontforge/parsettf.c:1814
#7  readttf (filename=0x55b4437ff930 "/home/benutzer/source/fonts-femkeklaver/git/fonts-femkeklaver/femkeklaver.ttf", info=0x7fff48abf220, ttf=0x55b4437ff990) at ./fontforge/parsettf.c:5554
#8  _SFReadTTF (ttf=ttf@entry=0x55b4437ff990, flags=flags@entry=0, openflags=openflags@entry=0, filename=filename@entry=0x55b4437ff930 "/home/benutzer/source/fonts-femkeklaver/git/fonts-femkeklaver/femkeklaver.ttf", chosenname=chosenname@entry=0x0, fd=fd@entry=0x0) at ./fontforge/parsettf.c:6342
[...]
(rr) finish
Run till exit from #1  0x00007fd0fc8a0fd5 in utf82def_copy (ufrom=ufrom@entry=0x7fff48abeef0 "Warning: Mac and Windows entries in the 'name' table differ for the\n Copyright string in the language English (US)\n Mac String: Typeface © (your company). 2008. All Rights Reserved\nWindows String: Typeface © (femkeklaver.nl). 2008. All Rights Reserved\n") at ./Unicode/ucharmap.c:159
0x00007fd0fc958a84 in NOUI__LogError (format=<optimized out>, ap=ap@entry=0x7fff48abf0b0) at ./fontforge/nouiutil.c:56
56          fprintf(stderr,"%s",str);
Value returned is $23 = 0x0

Version information

fontforge version 20230101~dfsg-1, on Debian testing (trixie)

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions