Bug 149677

Summary: Crash when using an SVG font with > 390 glyphs
Product: WebKit Reporter: Myles C. Maxfield <mmaxfield>
Component: New BugsAssignee: Myles C. Maxfield <mmaxfield>
Status: RESOLVED FIXED    
Severity: Normal CC: dino, jonlee, simon.fraser, thorton, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch
none
Patch simon.fraser: review+

Myles C. Maxfield
Reported Wednesday, September 30, 2015 9:38:06 PM UTC
Crash when the SVG -> OTF font converter generates an invalid font
Attachments
Patch (1.94 KB, patch)
2015-09-30 13:39 PDT, Myles C. Maxfield 		no flags
DetailsFormatted DiffDiff
Patch (1.03 MB, patch)
2015-09-30 16:31 PDT, Myles C. Maxfield 		simon.fraser: review+
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Myles C. Maxfield
Comment 1 Wednesday, September 30, 2015 9:39:09 PM UTC
Created attachment 262189 [details] Patch
Myles C. Maxfield
Comment 2 Wednesday, September 30, 2015 9:41:56 PM UTC
<rdar://problem/21676402>
Myles C. Maxfield
Comment 3 Thursday, October 1, 2015 12:31:48 AM UTC
Created attachment 262204 [details] Patch
Myles C. Maxfield
Comment 4 Thursday, October 1, 2015 12:33:22 AM UTC
Comment on attachment 262204 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=262204&action=review > Source/WebCore/ChangeLog:3 > + Crash when the SVG -> OTF font converter generates an invalid font Crash when using an SVG font with > 390 glyphs
Simon Fraser (smfr)
Comment 5 Thursday, October 1, 2015 12:35:50 AM UTC
Comment on attachment 262204 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=262204&action=review > Source/WebCore/ChangeLog:4 > + https://bugs.webkit.org/show_bug.cgi?id=149677 Radar? > Source/WebCore/svg/SVGToOTFFontConversion.cpp:642 > - append32(userDefinedStringStartIndex + 1); > + append32(userDefinedStringStartIndex + 2); Is this part of the same fix?
Myles C. Maxfield
Comment 6 Thursday, October 1, 2015 12:52:07 AM UTC
Comment on attachment 262204 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=262204&action=review >> Source/WebCore/svg/SVGToOTFFontConversion.cpp:642 >> + append32(userDefinedStringStartIndex + 2); > > Is this part of the same fix? Yep.
Myles C. Maxfield
Comment 7 Thursday, October 1, 2015 1:04:38 AM UTC
Committed r190375: <http://trac.webkit.org/changeset/190375>
Note You need to log in before you can comment on or make changes to this bug.