Re: [Freetype] Re: Freetype2 2.0.8 segfault on FOXJUMP.TTF

[David Turner]

Hello,


"Nelson H. F. Beebe" a écrit :
> 
> Anthony Fok <address@hidden> writes on Wed, 27 Feb 2002
> 10:49:33 +0800:
> 
> >> I ...  tried running "ftview 24 FOXJUMP.TTF" (FreeType-2.0.8) on both
> >> Debian and Thiz Linux, and I experienced segfault too
>

I finally nailed the problem. This font is extremely buggy. Among other
things, it has some invalid entries in the name table with offsets pointing
_out_ of the table. This caused an invalid name table to be created in
TT_Load_Names (src/sfnt/ttload.c), which later caused NULL pointer
dereferences in 'Get_Name' (src/sfnt/sfobjs.c)

I have fixed TT_Load_Names (simplifying it a bit by the way) so that it be
able to support individual name entries, even though FOXJUMP.TTF seems to 
have a really buggy 'name' table anyway and doesn't return very meaningful
names.. :o) At least the crash completely disappeared..

Note that since I'm currently heavily re-factoring the FreeType sources to
make 2.2, the bug-fix has been applied to both the 'STABLE' and 'HEAD'
branch in the CVS.

'STABLE' was created recently off of VER-2-0-8 and will be used for
sub-sequent bug-fixing releases of FreeType. I recommend you to catch
the updates in the 'STABLE' branch. Regarding 'HEAD', I try very hard
to commit changes that do not break the library (i.e. make it
un-compilable), so you can also try it with this if you like..
 even though I cannot guarantee that it will compile every day..

And since this change fixes a critical bug (i.e. library crash), I'll
probably make a 2.0.9 release in the following days if we don't encounter
something as nasty meanwhile..


Cheers,

- David Turner