https://bugzilla.redhat.com/show_bug.cgi?id=1241552
Bug ID: 1241552 Summary: Buffer overrun with pango_ft2_render_layout_line() with undersized FT_Bitmap. Product: Fedora Version: 22 Component: pango Severity: high Assignee: tagoh@redhat.com Reporter: peter@peter-b.co.uk QA Contact: extras-qa@fedoraproject.org CC: fonts-bugs@lists.fedoraproject.org, i18n-bugs@lists.fedoraproject.org, tagoh@redhat.com
Description of problem:
pango installed from the F22 "updates" repo contains a critical bug that causes a buffer overrun on 64-bit architectures when rendering a glyph into a FT_Bitmap that is too small.
When pango 1.36.8 is built from source on the same system, no buffer overrun is observed (using valgrind).
Version-Release number of selected component (if applicable):
pango-1.36.8-5.fc22.x86_64
How reproducible:
Always.
Steps to Reproduce:
See http://quality.runrev.com/show_bug.cgi?id=15581 for detailed instructions for reproducing, plus logs.
https://bugzilla.redhat.com/show_bug.cgi?id=1241552
--- Comment #1 from Peter TB Brett peter@peter-b.co.uk --- I ran some more tests. The following builds contain the buffer overrun bug:
- pango-1.36.8-5.fc22.x86_64 package - Build from pango-1.36.8.tar.xz archive - Build from pango git, tag 1.36.8
The following builds do *not* contain the buffer overrun:
- Build from pango git, tag 1.37.0 - Build from pango git, tag 1.37.1
Bisect indicates that the bug is fixed in upstream commit fafc7915: https://git.gnome.org/browse/pango/commit/?id=fafc7915334be2dc7eb3952ea05988...
That patch applies cleanly against 1.36.8, but backporting that patch alone doesn't appear to fix the issue.
Could 1.37.0 be built and distributed through F22 "updates" repo, please?
https://bugzilla.redhat.com/show_bug.cgi?id=1241552
--- Comment #2 from Fedora Update System updates@fedoraproject.org --- pango-1.36.8-6.fc22 has been submitted as an update for Fedora 22. https://admin.fedoraproject.org/updates/pango-1.36.8-6.fc22
https://bugzilla.redhat.com/show_bug.cgi?id=1241552
Fedora Update System updates@fedoraproject.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |MODIFIED
https://bugzilla.redhat.com/show_bug.cgi?id=1241552
--- Comment #3 from Fedora Update System updates@fedoraproject.org --- pango-1.36.8-6.fc21 has been submitted as an update for Fedora 21. https://admin.fedoraproject.org/updates/pango-1.36.8-6.fc21
https://bugzilla.redhat.com/show_bug.cgi?id=1241552
Fedora Update System updates@fedoraproject.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|MODIFIED |ON_QA
--- Comment #4 from Fedora Update System updates@fedoraproject.org --- Package pango-1.36.8-6.fc21: * should fix your issue, * was pushed to the Fedora 21 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing pango-1.36.8-6.fc21' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2015-11370/pango-1.36.8-6.fc2... then log in and leave karma (feedback).
https://bugzilla.redhat.com/show_bug.cgi?id=1241552
Fedora Update System updates@fedoraproject.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|ON_QA |CLOSED Fixed In Version| |pango-1.36.8-6.fc22 Resolution|--- |ERRATA Last Closed| |2015-07-17 22:10:27
--- Comment #5 from Fedora Update System updates@fedoraproject.org --- pango-1.36.8-6.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report.
https://bugzilla.redhat.com/show_bug.cgi?id=1241552
Fedora Update System updates@fedoraproject.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Fixed In Version|pango-1.36.8-6.fc22 |pango-1.36.8-6.fc21
--- Comment #6 from Fedora Update System updates@fedoraproject.org --- pango-1.36.8-6.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.
fonts-bugs@lists.fedoraproject.org