I can confirm this fixes the problem for me. Thanks! - Derek
On Mon, 13 Dec 2021 17:10:40 -0500 Ben Wagner <[email protected]> wrote: > I think the earlier Q commit is really the culprit here. The bisected > change modified the error returned by the other modules when rejecting > data, so I think that change just allowed the code to get this far. > > Looking into getting the fuzzer going with MemorySanitizer to catch > this sort of issue, but because the fuzzer driver is C++ this means > needing to build and link against libc++ built with > -fsanitize=memory. This used to be part of the oss-fuzz base image > but no longer is. > > This particular issue should now be resolved with "[bdf] Fix use of > uninitialized value." > > On Thu, Dec 9, 2021, 4:00 PM Alexei Podtelezhnikov > <[email protected]> wrote: > > > Not the earlier Q-commit. Huh. > > > > > > I can reproduce locally and surprisingly this bisects to 8ef8072ba15 > > "[bdf, cid, pfr, winfonts] Improve rejection of other font > > formats." Will take a quick look. > > > > On Wed, Dec 8, 2021, 2:32 PM Derek B. Noonburg > > <[email protected]> wrote: > > > >> Valgrind is reporting an uninitialized value in _bdf_readstream for > >> certain (very broken) fonts in my xpdf regression testing on Linux. > >> > >> I'm attaching a sample font. It's essentially garbage (pulled out > >> of a damaged PDF file), but I think the uninitialized value is > >> still a problem. > >> > >> To reproduce: valgrind ftview 16 f1.cff > >> > >> Valgrind reports: > >> > >> ==22204== Conditional jump or move depends on uninitialised > >> value(s) ==22204== at 0x4E84410: _bdf_readstream (bdflib.c:577) > >> ==22204== by 0x4E84410: bdf_load_font (bdflib.c:2196) > >> ==22204== by 0x4E84410: BDF_Face_Init (bdfdrivr.c:376) > >> ==22204== by 0x4E51B2A: open_face (ftobjs.c:1465) > >> ==22204== by 0x4E53062: ft_open_face_internal (ftobjs.c:2537) > >> ==22204== by 0x4E5342B: FT_New_Face (ftobjs.c:1528) > >> ==22204== by 0x407FCF: FTDemo_Install_Font (ftcommon.c:543) > >> ==22204== by 0x403226: main (ftview.c:1809) > >> > >> This is new as of 2.11.1. > >> > >> - Derek > > > >
