Re: master 48af19c: Fix buffer overflow in ns_compute_glyph_string_overhangs

Re: master 48af19c: Fix buffer overflow in ns_compute_glyph_string_overhangs

[Michael Albinus]

larsi@gnus.org (Lars Ingebrigtsen) writes:

> branch: master
> commit 48af19c1f06c2f3b20e4056bedf137a5e3c0e05e
> Author: Daniel Martín <mardani29@yahoo.es>
> Commit: Lars Ingebrigtsen <larsi@gnus.org>
>
>     Fix buffer overflow in ns_compute_glyph_string_overhangs
>
>     * src/nsterm.m (ns_compute_glyph_string_overhangs): When the first
>     glyph of a glyph string is a composite glyph, `s->nchars' is 0, so
>     "s->char2b + s->nchars - 1" dereferenced a position before buffer
>     `s->char2b'.  Instead, rewrite part of the function to distinguish
>     between character glyphs and composite glyphs.  For character glyphs,
>     calculate the font metrics using the `text_extents' function, passing
>     it the entire glyph string; for composite glyphs, call
>     `composition_gstring_width'. (Bug#51105)
> ---
>  src/nsterm.m | 29 ++++++++++++++++++-----------
>  1 file changed, 18 insertions(+), 11 deletions(-)

This breaks the compilation on emba, see for example
<https://emba.gnu.org/emacs/emacs/-/jobs/31765/raw>.

Best regards, Michael.

Re: master 48af19c: Fix buffer overflow in ns_compute_glyph_string_overhangs

[Daniel Martín]

[-- Attachment #1: Type: text/plain, Size: 256 bytes --]

Michael Albinus <michael.albinus@gmx.de> writes:

>
> This breaks the compilation on emba, see for example
> <https://emba.gnu.org/emacs/emacs/-/jobs/31765/raw>.
>
> Best regards, Michael.

Thanks for the report.  Does the attached patch solve the issue?


[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: 0001-Fix-GNUstep-build.patch --]
[-- Type: text/x-patch, Size: 1121 bytes --]

From 216fd1d886d3ff983ddf24ad056eab3cdbbbaa0e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20Mart=C3=ADn?= <mardani29@yahoo.es>
Date: Fri, 5 Nov 2021 21:03:33 +0100
Subject: [PATCH] Fix GNUstep build

* src/nsterm.m (ns_compute_glyph_string_overhangs): Declare the font
variable so that it's in scope for the GNUstep code.
---
 src/nsterm.m | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/nsterm.m b/src/nsterm.m
index f3dd0d791c..54989a2373 100644
--- a/src/nsterm.m
+++ b/src/nsterm.m
@@ -2849,12 +2849,13 @@ Hide the window (X11 semantics)
      External (RIF); compute left/right overhang of whole string and set in s
    -------------------------------------------------------------------------- */
 {
+  struct font *font = s->font;
+
   if (s->char2b)
     {
       struct font_metrics metrics;
       if (s->first_glyph->type == CHAR_GLYPH && !s->font_not_found_p)
         {
-          struct font *font = s->font;
           font->driver->text_extents (font, s->char2b, s->nchars, &metrics);
           s->left_overhang = -metrics.lbearing;
           s->right_overhang
-- 
2.31.0

Re: master 48af19c: Fix buffer overflow in ns_compute_glyph_string_overhangs

[Lars Ingebrigtsen]

Daniel Martín <mardani29@yahoo.es> writes:

> Thanks for the report.  Does the attached patch solve the issue?

It looks "obviously correct", so I've pushed the patch now.

-- 
(domestic pets only, the antidote for overdose, milk.)
   bloggy blog: http://lars.ingebrigtsen.no

Re: master 48af19c: Fix buffer overflow in ns_compute_glyph_string_overhangs

[Michael Albinus]

Lars Ingebrigtsen <larsi@gnus.org> writes:

> Daniel Martín <mardani29@yahoo.es> writes:
>
>> Thanks for the report.  Does the attached patch solve the issue?
>
> It looks "obviously correct", so I've pushed the patch now.

Yep. Compilation for GNUStep passes now on emba.

Thanks, and best regards, Michael.