[Webkit-unassigned] [Bug 31254] New: [GTK] FontCache::getFontDataForCharacters() crashes when a page uses custom fonts

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Nov 9 05:55:58 PST 2009 

https://bugs.webkit.org/show_bug.cgi?id=31254

           Summary: [GTK] FontCache::getFontDataForCharacters() crashes
                    when a page uses custom fonts
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: PC
               URL: http://jacobian.org/writing/python-is-unix/
        OS/Version: Linux
            Status: UNCONFIRMED
          Severity: Normal
          Priority: P2
         Component: WebKit Gtk
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: jgresula+webkitbugs at gmail.com


http://jacobian.org/writing/python-is-unix/ crashes GtkLauncher
with the following backtrace:

#0  0x00007f70b895e800 in ?? () from /usr/lib/libfontconfig.so.1
#1  0x00007f70b895e8a0 in ?? () from /usr/lib/libfontconfig.so.1
#2  0x00007f70b895c577 in FcFontSetSort () from /usr/lib/libfontconfig.so.1
#3  0x00007f70b895cb39 in FcFontSort () from /usr/lib/libfontconfig.so.1
#4  0x00007f70bd4a9440 in WebCore::FontCache::getFontDataForCharacters (...) at
WebCore/platform/graphics/gtk/FontCacheGtk.cpp:43
#5  0x00007f70bd1a47ed in WebCore::Font::glyphDataForCharacter (...) at
WebCore/platform/graphics/FontFastPath.cpp:151
#6  0x00007f70bd1be6e9 in WebCore::WidthIterator::advance (...) at
WebCore/platform/graphics/WidthIterator.cpp:116
#7  0x00007f70bd1a3a23 in WebCore::Font::floatWidthForSimpleText (...) at
WebCore/platform/graphics/FontFastPath.cpp:327
[..]

The reason is that WebCore::FontCache::getFontDataForCharacters() assumes that
prim->m_pattern is always non-NULL which is not the case for a custom font.

The following fix works for me:

--- a/WebCore/platform/graphics/gtk/FontCacheGtk.cpp
+++ b/WebCore/platform/graphics/gtk/FontCacheGtk.cpp
@@ -39,6 +39,10 @@ const SimpleFontData*
FontCache::getFontDataForCharacters(const Font& font, cons
     FcResult fresult;
     FontPlatformData* prim =
const_cast<FontPlatformData*>(&font.primaryFont()->platformData());

+    // prim->m_pattern can be null if it is a custom font
+    if (!prim->m_pattern)
+        return 0;
+
     if (!prim->m_fallbacks)
         prim->m_fallbacks = FcFontSort(NULL, prim->m_pattern, FcTrue, NULL,
&fresult);

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list