Bug#384138: marked as done (crash in gtk_entry_completion_default_completion_func)

Thu, 22 Feb 2007 12:14:20 -0800 

Your message dated Thu, 22 Feb 2007 18:52:10 +0100
with message-id <[EMAIL PROTECTED]>
and subject line crash in gtk_entry_completion_default_completion_func
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message --- 
Package: libgtk2.0-0
Version: 2.8.18-1
Severity: important

(This code is the same in 2.8.20 at the same line numbers)
(The code is in 2.10.2 starting at line 711 instead of 744)

These lines:

744           normalized_string = g_utf8_normalize (item, -1, G_NORMALIZE_ALL);
745           case_normalized_string = g_utf8_casefold (normalized_string, -1);
746           
747           if (!strncmp (key, case_normalized_string, strlen (key)))
748             ret = TRUE;

(gdb) print item
$5 = (gchar *) 0x34dc630 "#PC���"
(gdb) print normalized_string
$6 = (gchar *) 0x0
(gdb) print case_normalized_string
$7 = (gchar *) 0x0

You can guess what happens when NULL is passed to strncmp on line 747.
Segfault.

The utf8 normalize is failing, I suppose, because item is not valid
utf-8:

(gdb) x/8xb item 
0x34dc630:      0x23    0x50    0x43    0xb8    0xed    0xc1    0xb6    0x00


This is apparently a font name, and is causing Inkscape to crash.


BTW: I'm attaching a patch, but there is probably a better solution.
Probably at least a warning should be printed.

-- System Information:
Debian Release: testing/unstable
  APT prefers testing
  APT policy: (500, 'testing'), (130, 'unstable'), (120, 'experimental')
Architecture: amd64 (x86_64)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.17-2-amd64
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)

Versions of packages libgtk2.0-0 depends on:
ii  libatk1.0-0                 1.12.1-1     The ATK accessibility toolkit
ii  libc6                       2.3.6-15     GNU C Library: Shared libraries
ii  libcairo2                   1.2.2-1      The Cairo 2D vector graphics libra
ii  libfontconfig1              2.3.2-7      generic font configuration library
ii  libglib2.0-0                2.10.3-3     The GLib library of C routines
ii  libgtk2.0-0                 2.8.18-1     The GTK+ graphical user interface 
ii  libgtk2.0-bin               2.8.18-1     The programs for the GTK+ graphica
ii  libgtk2.0-common            2.8.18-1     Common files for the GTK+ graphica
ii  libjpeg62                   6b-13        The Independent JPEG Group's JPEG 
ii  libpango1.0-0               1.12.3-1+b1  Layout and rendering of internatio
ii  libpng12-0                  1.2.8rel-5.2 PNG library - runtime
ii  libtiff4                    3.8.2-6      Tag Image File Format (TIFF) libra
ii  libx11-6                    2:1.0.0-8    X11 client-side library
ii  libxcursor1                 1.1.5.2-5    X cursor management library
ii  libxext6                    1:1.0.0-4    X11 miscellaneous extension librar
ii  libxfixes3                  1:3.0.1.2-4  X11 miscellaneous 'fixes' extensio
ii  libxi6                      1:1.0.0-5    X11 Input extension library
ii  libxinerama1                1:1.0.1-4    X11 Xinerama extension library
ii  libxrandr2                  2:1.1.0.2-4  X11 RandR extension library
ii  libxrender1                 1:0.9.0.2-4  X Rendering Extension client libra

Versions of packages libgtk2.0-0 recommends:
ii  hicolor-icon-theme            0.8-4      default fallback theme for FreeDes

-- no debconf information

diff -rdbU3 gtk+-2.8.18.orig/gtk/gtkentrycompletion.c 
gtk+-2.8.18/gtk/gtkentrycompletion.c
--- gtk+-2.8.18.orig/gtk/gtkentrycompletion.c   2006-02-10 14:21:58.000000000 
-0500
+++ gtk+-2.8.18/gtk/gtkentrycompletion.c        2006-08-21 22:40:44.000000000 
-0400
@@ -744,7 +744,7 @@
       normalized_string = g_utf8_normalize (item, -1, G_NORMALIZE_ALL);
       case_normalized_string = g_utf8_casefold (normalized_string, -1);
       
-      if (!strncmp (key, case_normalized_string, strlen (key)))
+      if (case_normalized_string && !strncmp (key, case_normalized_string, 
strlen (key)))
        ret = TRUE;
       
       g_free (item);

--- End Message ---
--- Begin Message --- 
        Hi,

 This is a followup for Debian bug <http://bugs.debian.org/384138>.

 I'm afraid this bug wasn't considered very promptly.

On Mon, Aug 21, 2006, Anthony DeRobertis wrote:
> These lines:
> 744           normalized_string = g_utf8_normalize (item, -1, 
> G_NORMALIZE_ALL);
> 745           case_normalized_string = g_utf8_casefold (normalized_string, 
> -1);
> 746           
> 747           if (!strncmp (key, case_normalized_string, strlen (key)))
> 748             ret = TRUE;
> (gdb) print item
> $5 = (gchar *) 0x34dc630 "#PC���"
> (gdb) print normalized_string
> $6 = (gchar *) 0x0
[...]
> The utf8 normalize is failing, I suppose, because item is not valid
> utf-8:
[...]
> This is apparently a font name, and is causing Inkscape to crash.

 The API of g_utf8_normalize() says:
    str :        a UTF-8 encoded string.

 I think it's the responsability of the caller to ensure the string is
 in proper UTF-8 and hence I'm closing this bug.

   Bye,
-- 
Loïc Minier <[EMAIL PROTECTED]>

--- End Message ---

Reply via email to