Here is a patch that stops firefox crashing on sites like zdnet and
ebay. (Murphy's crappy article about OpenBSD was a great help to find
this null-pointer dereference ;) )
This patch also applies cleanly to mozilla.
BTW: If anybody has an url where firefox crashes repeatably, please
send me an email how i can reproduce it.
Tobias
--- gfx/src/gtk/nsFontMetricsXft.cpp.orig Tue Jun 21 08:08:27 2005
+++ gfx/src/gtk/nsFontMetricsXft.cpp Sat Mar 18 22:38:39 2006
@@ -872,8 +872,14 @@
mXHeight = nscoord(mXHeight * f);
// mUnderlineOffset (offset for underlines)
- val = CONVERT_DESIGN_UNITS_TO_PIXELS(face->underline_position,
+ if (face) {
+ val = CONVERT_DESIGN_UNITS_TO_PIXELS(face->underline_position,
face->size->metrics.y_scale);
+ }
+ else {
+ val = 0.0f;
+ }
+
if (val) {
mUnderlineOffset = NSToIntRound(val * f);
}
@@ -883,8 +889,14 @@
}
// mUnderlineSize (thickness of an underline)
- val = CONVERT_DESIGN_UNITS_TO_PIXELS(face->underline_thickness,
+ if (face) {
+ val = CONVERT_DESIGN_UNITS_TO_PIXELS(face->underline_thickness,
face->size->metrics.y_scale);
+ }
+ else {
+ val = 0.0f;
+ }
+
if (val) {
mUnderlineSize = nscoord(PR_MAX(f, NSToIntRound(val * f)));
}
@@ -894,7 +906,7 @@
}
// mSuperscriptOffset
- if (os2 && os2->ySuperscriptYOffset) {
+ if (face && os2 && os2->ySuperscriptYOffset) {
val = CONVERT_DESIGN_UNITS_TO_PIXELS(os2->ySuperscriptYOffset,
face->size->metrics.y_scale);
mSuperscriptOffset = nscoord(PR_MAX(f, NSToIntRound(val * f)));
@@ -904,7 +916,7 @@
}
// mSubscriptOffset
- if (os2 && os2->ySubscriptYOffset) {
+ if (face && os2 && os2->ySubscriptYOffset) {
val = CONVERT_DESIGN_UNITS_TO_PIXELS(os2->ySubscriptYOffset,
face->size->metrics.y_scale);
// some fonts have the incorrect sign.
--- gfx/src/gtk/nsFontMetricsXft.cpp.orig Tue Jun 21 08:08:27 2005
+++ gfx/src/gtk/nsFontMetricsXft.cpp Sat Mar 18 22:38:39 2006
@@ -872,8 +872,14 @@
mXHeight = nscoord(mXHeight * f);
// mUnderlineOffset (offset for underlines)
- val = CONVERT_DESIGN_UNITS_TO_PIXELS(face->underline_position,
+ if (face) {
+ val = CONVERT_DESIGN_UNITS_TO_PIXELS(face->underline_position,
face->size->metrics.y_scale);
+ }
+ else {
+ val = 0.0f;
+ }
+
if (val) {
mUnderlineOffset = NSToIntRound(val * f);
}
@@ -883,8 +889,14 @@
}
// mUnderlineSize (thickness of an underline)
- val = CONVERT_DESIGN_UNITS_TO_PIXELS(face->underline_thickness,
+ if (face) {
+ val = CONVERT_DESIGN_UNITS_TO_PIXELS(face->underline_thickness,
face->size->metrics.y_scale);
+ }
+ else {
+ val = 0.0f;
+ }
+
if (val) {
mUnderlineSize = nscoord(PR_MAX(f, NSToIntRound(val * f)));
}
@@ -894,7 +906,7 @@
}
// mSuperscriptOffset
- if (os2 && os2->ySuperscriptYOffset) {
+ if (face && os2 && os2->ySuperscriptYOffset) {
val = CONVERT_DESIGN_UNITS_TO_PIXELS(os2->ySuperscriptYOffset,
face->size->metrics.y_scale);
mSuperscriptOffset = nscoord(PR_MAX(f, NSToIntRound(val * f)));
@@ -904,7 +916,7 @@
}
// mSubscriptOffset
- if (os2 && os2->ySubscriptYOffset) {
+ if (face && os2 && os2->ySubscriptYOffset) {
val = CONVERT_DESIGN_UNITS_TO_PIXELS(os2->ySubscriptYOffset,
face->size->metrics.y_scale);
// some fonts have the incorrect sign.
