[Libreoffice-commits] core.git: external/graphite

Stephan Bergmann sbergman at redhat.com
Wed Jul 5 09:29:53 UTC 2017


 external/graphite/ubsan.patch |   11 +++++++++++
 1 file changed, 11 insertions(+)

New commits:
commit 1a637473b5aa6a43acb4d1f820044fba962cc6a4
Author: Stephan Bergmann <sbergman at redhat.com>
Date:   Wed Jul 5 11:28:19 2017 +0200

    external/graphite: Avoid -fsanitize=pointer-overflow
    
    ...as seen during CppunitTest_sc_subsequent_filters_test:
    
    > workdir/UnpackedTarball/graphite/src/TtfUtil.cpp:1250:25: runtime error: unsigned pointer index expression result is 0x7fc5e2857433, preceding its base 0x7fc5e2857434
    >     #0 0x7fc663188640 in graphite2::TtfUtil::GlyfLookup(void const*, unsigned long, unsigned long) workdir/UnpackedTarball/graphite/src/TtfUtil.cpp:1250:25
    >     #1 0x7fc663159b1d in graphite2::GlyphCache::Loader::read_glyph(unsigned short, graphite2::GlyphFace&, int*) const workdir/UnpackedTarball/graphite/src/GlyphCache.cpp:360:28
    >     #2 0x7fc663158e37 in graphite2::GlyphCache::GlyphCache(graphite2::Face const&, unsigned int) workdir/UnpackedTarball/graphite/src/GlyphCache.cpp:142:52
    >     #3 0x7fc66314eaf9 in graphite2::Face::readGlyphs(unsigned int) workdir/UnpackedTarball/graphite/src/Face.cpp:98:29
    >     #4 0x7fc66314167e in (anonymous namespace)::load_face(graphite2::Face&, unsigned int) workdir/UnpackedTarball/graphite/src/gr_face.cpp:54:19
    >     #5 0x7fc6631413eb in gr_make_face_with_ops workdir/UnpackedTarball/graphite/src/gr_face.cpp:89:16
    >     #6 0x7fc6631419d7 in gr_make_face workdir/UnpackedTarball/graphite/src/gr_face.cpp:99:12
    >     #7 0x7fc663135362 in _hb_graphite2_shaper_face_data_create workdir/UnpackedTarball/harfbuzz/src/hb-graphite2.cc:113:18
    >     #8 0x7fc663076a1e in hb_graphite2_shaper_face_data_ensure(hb_face_t*) workdir/UnpackedTarball/harfbuzz/src/./hb-shaper-list.hh:35:1
    >     #9 0x7fc663076530 in hb_shape_plan_create_cached workdir/UnpackedTarball/harfbuzz/src/./hb-shaper-list.hh:35:1
    >     #10 0x7fc66262932e in CommonSalLayout::LayoutText(ImplLayoutArgs&) vcl/source/gdi/CommonSalLayout.cxx:608:40
    >     #11 0x7fc661ea3287 in OutputDevice::ImplLayout(rtl::OUString const&, int, int, Point const&, long, long const*, SalLayoutFlags, vcl::TextLayoutCache const*) const vcl/source/outdev/text.cxx:1359:36
    >     #12 0x7fc661ea5916 in OutputDevice::GetTextArray(rtl::OUString const&, long*, int, int, vcl::TextLayoutCache const*, SalLayout const*) const vcl/source/outdev/text.cxx:1004:22
    >     #13 0x7fc661ea56ee in OutputDevice::GetTextWidth(rtl::OUString const&, int, int, vcl::TextLayoutCache const*, SalLayout const*) const vcl/source/outdev/text.cxx:924:19
    >     #14 0x7fc662a49b18 in ImplFontMetricData::ImplInitTextLineSize(OutputDevice const*) vcl/source/font/fontmetric.cxx:338:30
    >     #15 0x7fc661e69138 in OutputDevice::ImplNewFont() const vcl/source/outdev/font.cxx:1097:42
    >     #16 0x7fc661e6ce1e in OutputDevice::GetFontCharMap(tools::SvRef<FontCharMap>&) const vcl/source/outdev/font.cxx:235:9
    >     #17 0x7fc661e7d5a9 in OutputDevice::HasGlyphs(vcl::Font const&, rtl::OUString const&, int, int) const vcl/source/outdev/font.cxx:1506:17
    >     #18 0x7fc61da7a450 in VCLXFont::hasGlyphs(rtl::OUString const&) toolkit/source/awt/vclxfont.cxx:206:23
    >     #19 0x7fc605fce1d3 in oox::xls::Font::finalizeImport() sc/source/filter/oox/stylesbuffer.cxx:787:28
    >     #20 0x7fc606037909 in void std::_Bind<std::_Mem_fn<void (oox::xls::Font::*)()> (std::_Placeholder<1>)>::__call<void, oox::xls::Font&, 0ul>(std::tuple<oox::xls::Font&>&&, std::_Index_tuple<0ul>) /usr/lib/gcc/x86_64-redhat-linux/6.3.1/../../../../include/c++/6.3.1/functional:933:11
    >     #21 0x7fc606037692 in void std::_Bind<std::_Mem_fn<void (oox::xls::Font::*)()> (std::_Placeholder<1>)>::operator()<oox::xls::Font&, void>(oox::xls::Font&) /usr/lib/gcc/x86_64-redhat-linux/6.3.1/../../../../include/c++/6.3.1/functional:991:17
    >     #22 0x7fc606034c6a in oox::RefVector<oox::xls::Font>::ForEachFunctor<std::_Bind<std::_Mem_fn<void (oox::xls::Font::*)()> (std::_Placeholder<1>)> > std::for_each<__gnu_debug::_Safe_iterator<__gnu_cxx::__normal_iterator<std::shared_ptr<oox::xls::Font> const*, std::__cxx1998::vector<std::shared_ptr<oox::xls::Font>, std::allocator<std::shared_ptr<oox::xls::Font> > > >, std::__debug::vector<std::shared_ptr<oox::xls::Font>, std::allocator<std::shared_ptr<oox::xls::Font> > > >, oox::RefVector<oox::xls::Font>::ForEachFunctor<std::_Bind<std::_Mem_fn<void (oox::xls::Font::*)()> (std::_Placeholder<1>)> > >(__gnu_debug::_Safe_iterator<__gnu_cxx::__normal_iterator<std::shared_ptr<oox::xls::Font> const*, std::__cxx1998::vector<std::shared_ptr<oox::xls::Font>, std::allocator<std::shared_ptr<oox::xls::Font> > > >, std::__debug::vector<std::shared_ptr<oox::xls::Font>, std::allocator<std::shared_ptr<oox::xls::Font> > > >, __gnu_debug::_Safe_iterator<__gnu_cxx::__normal_iterator<std::shared_p
 tr<oox::xls::Font> const*, std::__cxx1998::vector<std::shared_ptr<oox::xls::Font>, std::allocator<std::shared_ptr<oox::xls::Font> > > >, std::__debug::vector<std::shared_ptr<oox::xls::Font>, std::allocator<std::shared_ptr<oox::xls::Font> > > >, oox::RefVector<oox::xls::Font>::ForEachFunctor<std::_Bind<std::_Mem_fn<void (oox::xls::Font::*)()> (std::_Placeholder<1>)> >) /usr/lib/gcc/x86_64-redhat-linux/6.3.1/../../../../include/c++/6.3.1/bits/stl_algo.h:3769:2
    >     #23 0x7fc6060348ad in void oox::RefVector<oox::xls::Font>::forEach<std::_Bind<std::_Mem_fn<void (oox::xls::Font::*)()> (std::_Placeholder<1>)> >(std::_Bind<std::_Mem_fn<void (oox::xls::Font::*)()> (std::_Placeholder<1>)>) const include/oox/helper/refvector.hxx:62:29
    >     #24 0x7fc606005f5a in void oox::RefVector<oox::xls::Font>::forEachMem<void (oox::xls::Font::*)()>(void (oox::xls::Font::*)()) const include/oox/helper/refvector.hxx:70:29
    >     #25 0x7fc605ffab14 in oox::xls::StylesBuffer::finalizeImport() sc/source/filter/oox/stylesbuffer.cxx:2769:13
    >     #26 0x7fc6163aa7e6 in sax_fastparser::FastSaxParserImpl::parseStream(com::sun::star::xml::sax::InputSource const&) sax/source/fastparser/fastparser.cxx:855:40
    >     #27 0x7fc641f9ab9c in oox::core::FastParser::parseStream(com::sun::star::xml::sax::InputSource const&, bool) oox/source/core/fastparser.cxx:123:15
    >     #28 0x7fc641f9b0be in oox::core::FastParser::parseStream(com::sun::star::uno::Reference<com::sun::star::io::XInputStream> const&, rtl::OUString const&) oox/source/core/fastparser.cxx:131:5
    >     #29 0x7fc64201cb63 in oox::core::XmlFilterBase::importFragment(rtl::Reference<oox::core::FragmentHandler> const&, oox::core::FastParser&) oox/source/core/xmlfilterbase.cxx:354:21
    >     #30 0x7fc64201c40a in oox::core::XmlFilterBase::importFragment(rtl::Reference<oox::core::FragmentHandler> const&) oox/source/core/xmlfilterbase.cxx:296:12
    >     #31 0x7fc6060c309e in oox::xls::WorkbookFragment::finalizeImport() sc/source/filter/oox/workbookfragment.cxx:360:9
    >     #32 0x7fc6163aa7e6 in sax_fastparser::FastSaxParserImpl::parseStream(com::sun::star::xml::sax::InputSource const&) sax/source/fastparser/fastparser.cxx:855:40
    >     #33 0x7fc641f9ab9c in oox::core::FastParser::parseStream(com::sun::star::xml::sax::InputSource const&, bool) oox/source/core/fastparser.cxx:123:15
    >     #34 0x7fc641f9b0be in oox::core::FastParser::parseStream(com::sun::star::uno::Reference<com::sun::star::io::XInputStream> const&, rtl::OUString const&) oox/source/core/fastparser.cxx:131:5
    >     #35 0x7fc64201cb63 in oox::core::XmlFilterBase::importFragment(rtl::Reference<oox::core::FragmentHandler> const&, oox::core::FastParser&) oox/source/core/xmlfilterbase.cxx:354:21
    >     #36 0x7fc64201c40a in oox::core::XmlFilterBase::importFragment(rtl::Reference<oox::core::FragmentHandler> const&) oox/source/core/xmlfilterbase.cxx:296:12
    >     #37 0x7fc605bff1da in oox::xls::ExcelFilter::importDocument() sc/source/filter/oox/excelfilter.cxx:100:32
    >     #38 0x7fc641fa97b1 in oox::core::FilterBase::filter(com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&) oox/source/core/filterbase.cxx:488:55
    >     #39 0x7fc605c005f8 in oox::xls::ExcelFilter::filter(com::sun::star::uno::Sequence<com::sun::star::beans::PropertyValue> const&) sc/source/filter/oox/excelfilter.cxx:154:25
    >     #40 0x7fc62e0ed38d in SfxObjectShell::ImportFrom(SfxMedium&, com::sun::star::uno::Reference<com::sun::star::text::XTextRange> const&) sfx2/source/doc/objstor.cxx:2219:34
    >     #41 0x7fc62e0cdff3 in SfxObjectShell::DoLoad(SfxMedium*) sfx2/source/doc/objstor.cxx:759:23
    >     #42 0x7fc6302f087c in ScBootstrapFixture::load(bool, rtl::OUString const&, rtl::OUString const&, rtl::OUString const&, rtl::OUString const&, SfxFilterFlags, SotClipboardFormatId, unsigned long, rtl::OUString const*) sc/qa/unit/helper/qahelper.cxx:585:21
    >     #43 0x7fc6302f12cb in ScBootstrapFixture::loadDoc(rtl::OUString const&, int, bool) sc/qa/unit/helper/qahelper.cxx:616:12
    >     #44 0x7fc64b042040 in ScFiltersTest::testColumnStyle2XLSX() sc/qa/unit/subsequent_filters-test.cxx:3729:28
    >     #45 0x7fc64b0b4c56 in void std::_Bind<std::_Mem_fn<void (ScFiltersTest::*)()> (ScFiltersTest*)>::__call<void, , 0ul>(std::tuple<>&&, std::_Index_tuple<0ul>) /usr/lib/gcc/x86_64-redhat-linux/6.3.1/../../../../include/c++/6.3.1/functional:933:11
    >     #46 0x7fc64b0b4a1d in void std::_Bind<std::_Mem_fn<void (ScFiltersTest::*)()> (ScFiltersTest*)>::operator()<, void>() /usr/lib/gcc/x86_64-redhat-linux/6.3.1/../../../../include/c++/6.3.1/functional:991:17
    >     #47 0x7fc67f692258 in CppUnit::TestCaseMethodFunctor::operator()() const workdir/UnpackedTarball/cppunit/src/cppunit/TestCase.cpp:32:5
    >     #48 0x7fc67f6630d5 in CppUnit::ProtectorChain::ProtectFunctor::operator()() const workdir/UnpackedTarball/cppunit/src/cppunit/ProtectorChain.cpp:20:25
    >     #49 0x7fc67f6630d5 in CppUnit::ProtectorChain::ProtectFunctor::operator()() const workdir/UnpackedTarball/cppunit/src/cppunit/ProtectorChain.cpp:20:25
    >     #50 0x7fc6738fe014 in (anonymous namespace)::Prot::protect(CppUnit::Functor const&, CppUnit::ProtectorContext const&) unotest/source/cpp/unoexceptionprotector/unoexceptionprotector.cxx:63:16
    >     #51 0x7fc67f6630d5 in CppUnit::ProtectorChain::ProtectFunctor::operator()() const workdir/UnpackedTarball/cppunit/src/cppunit/ProtectorChain.cpp:20:25
    >     #52 0x7fc67f5f932d in CppUnit::DefaultProtector::protect(CppUnit::Functor const&, CppUnit::ProtectorContext const&) workdir/UnpackedTarball/cppunit/src/cppunit/DefaultProtector.cpp:15:12
    >     #53 0x7fc67f6630d5 in CppUnit::ProtectorChain::ProtectFunctor::operator()() const workdir/UnpackedTarball/cppunit/src/cppunit/ProtectorChain.cpp:20:25
    >     #54 0x7fc67f65c5fa in CppUnit::ProtectorChain::protect(CppUnit::Functor const&, CppUnit::ProtectorContext const&) workdir/UnpackedTarball/cppunit/src/cppunit/ProtectorChain.cpp:86:18
    >     #55 0x7fc67f6f4598 in CppUnit::TestResult::protect(CppUnit::Functor const&, CppUnit::Test*, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&) workdir/UnpackedTarball/cppunit/src/cppunit/TestResult.cpp:182:28
    >     #56 0x7fc67f690859 in CppUnit::TestCase::run(CppUnit::TestResult*) workdir/UnpackedTarball/cppunit/src/cppunit/TestCase.cpp:91:13
    >     #57 0x7fc67f694624 in CppUnit::TestComposite::doRunChildTests(CppUnit::TestResult*) workdir/UnpackedTarball/cppunit/src/cppunit/TestComposite.cpp:64:30
    >     #58 0x7fc67f69387c in CppUnit::TestComposite::run(CppUnit::TestResult*) workdir/UnpackedTarball/cppunit/src/cppunit/TestComposite.cpp:23:3
    >     #59 0x7fc67f694624 in CppUnit::TestComposite::doRunChildTests(CppUnit::TestResult*) workdir/UnpackedTarball/cppunit/src/cppunit/TestComposite.cpp:64:30
    >     #60 0x7fc67f69387c in CppUnit::TestComposite::run(CppUnit::TestResult*) workdir/UnpackedTarball/cppunit/src/cppunit/TestComposite.cpp:23:3
    >     #61 0x7fc67f722f5c in CppUnit::TestRunner::WrappingSuite::run(CppUnit::TestResult*) workdir/UnpackedTarball/cppunit/src/cppunit/TestRunner.cpp:47:27
    >     #62 0x7fc67f6f304e in CppUnit::TestResult::runTest(CppUnit::Test*) workdir/UnpackedTarball/cppunit/src/cppunit/TestResult.cpp:149:9
    >     #63 0x7fc67f723e7e in CppUnit::TestRunner::run(CppUnit::TestResult&, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&) workdir/UnpackedTarball/cppunit/src/cppunit/TestRunner.cpp:96:14
    >     #64 0x532f3d in (anonymous namespace)::ProtectedFixtureFunctor::run() const sal/cppunittester/cppunittester.cxx:316:20
    >     #65 0x53101c in sal_main() sal/cppunittester/cppunittester.cxx:466:20
    >     #66 0x530a36 in main sal/cppunittester/cppunittester.cxx:373:1
    >     #67 0x7fc67dc44400 in __libc_start_main /usr/src/debug/glibc-2.24-59-g86ac4a7/csu/../csu/libc-start.c:289
    >     #68 0x4385a9 in _start (workdir/LinkTarget/Executable/cppunittester+0x4385a9)
    
    Change-Id: I7289846da81944c53756b842b2ac246ec1aecea7

diff --git a/external/graphite/ubsan.patch b/external/graphite/ubsan.patch
index 53585cf72628..86039de4e1c8 100644
--- a/external/graphite/ubsan.patch
+++ b/external/graphite/ubsan.patch
@@ -1,3 +1,14 @@
+--- src/TtfUtil.cpp
++++ src/TtfUtil.cpp
+@@ -1247,7 +1247,7 @@
+ void * GlyfLookup(const void * pGlyf, size_t nGlyfOffset, size_t nTableLen)
+ {
+     const uint8 * pByte = reinterpret_cast<const uint8 *>(pGlyf);
+-        if (nGlyfOffset + pByte < pByte || nGlyfOffset + sizeof(Sfnt::Glyph) >= nTableLen)
++        if (nGlyfOffset > nTableLen || sizeof(Sfnt::Glyph) >= nTableLen - nGlyfOffset)
+             return NULL;
+     return const_cast<uint8 *>(pByte + nGlyfOffset);
+ }
 --- src/gr_face.cpp
 +++ src/gr_face.cpp
 @@ -87,7 +87,7 @@


More information about the Libreoffice-commits mailing list