FS#4955 - convbdf segfaults on very large fonts

Attached to Project: Rockbox
Opened by Anonymous Submitter - Thursday, 30 March 2006, 13:57 GMT
Last edited by Daniel Stenberg (bagder) - Tuesday, 31 July 2007, 09:43 GMT
Task Type Bugs
Category Build environment
Status Closed
Assigned To No-one
Operating System All players
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No


When running convbdf on large files, it segfaults. By littering the source with printfs, I've narrowed it down to that the segfault happens in writestr(), and it's being called from line 1071 (writestr(ofp, (char *)bytemap, size);), whatever that means.

The following is an example of a file that causes convbdf to segfault:*checkout*/xorg/xc/fonts/bdf/100dpi/UTB___24.bdf
This task depends upon

Closed by  Daniel Stenberg (bagder)
Tuesday, 31 July 2007, 09:43 GMT
Reason for closing:  Fixed
Additional comments about closing:  Fixed in SVN right now
Comment by Frank Dischner (phaedrus961) - Thursday, 30 March 2006, 15:55 GMT
Works fine here. Are you using the latest version of convbdf?
Comment by Jonas Häggqvist (rasher) - Friday, 31 March 2006, 12:43 GMT
I also have this problem with current convbdf on Debian unstable (gcc 4.0.3). The resulting file is about a third of the one you've attached.

Ah, I just noticed something curious. The file is 65536 bytes large, I'm guessing that might mean something?
Comment by Frank Dischner (phaedrus961) - Friday, 31 March 2006, 17:43 GMT
maybe it has something to do with gcc 4.0? I am using gcc 3.3.5.
Comment by Jonas Häggqvist (rasher) - Friday, 31 March 2006, 18:15 GMT
Bingo! Just tried compiling convbdf with gcc 3.3.6 and there was no problem. No idea what to do about it though, but at least there's a workaround.
Comment by Jonas Häggqvist (rasher) - Friday, 31 March 2006, 18:26 GMT
Hrm, I still get segfaults on some files even when using gcc 3.3 - no longer on that particular file though.
This one still causes a segfault, even with gcc 3.3.6:*checkout*/xorg/xc/fonts/bdf/100dpi/luIS24.bdf
Comment by Jonas Häggqvist (rasher) - Friday, 31 March 2006, 18:27 GMT
And again the file ends up being 65536 bytes. I can't help but assume that this means something.
Comment by Marcoen Hirschberg (marcoen) - Monday, 18 September 2006, 22:54 GMT
This fixes at least the problem with lulS24.bdf. I didn't yet check why.

Index: convbdf.c
RCS file: /cvsroot/rockbox/tools/convbdf.c,v
retrieving revision 1.20
diff -u -p -r1.20 convbdf.c
--- convbdf.c 18 Apr 2006 17:24:14 -0000 1.20
+++ convbdf.c 18 Sep 2006 22:52:12 -0000
@@ -1048,7 +1048,7 @@ int gen_fnt_file(struct font* pf, char *
bitmap_t* bits;
int width = pf->width ? pf->width[i] : pf->maxwidth;
int size;
- unsigned char bytemap[256];
+ unsigned char bytemap[512];

/* Skip missing glyphs */
if (pf->offset && (pf->offset[i] == (unsigned int)-1))