OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Jakub Bogusz (qbooshpld.org.pl)
Date: Tue Jun 11 2002 - 12:59:54 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    On Tue, Jun 11, 2002 at 03:05:31PM +0200, Stijn Jonker wrote:
    [...]
    > What happens is that XFS consumes huge amounts of ram, and finally bails
    > out. So end of story for the fonts in X. As a result X is practicly
    > useless.
    >
    > I can only guess what happens when you don't use XFS but Xserver based
    > fontrendering, the X server consumes huge amounts of mem and cpu and bails
    > out => server crash => Bye Bye X.
    >
    > The solution(s):
    > (a) Fix every app to disallow font sizes bigger then <maxvalue>
    > (b) Fix XFS to return an error code to the calling application
    > when requested font size is greater then configured <maxvalue>

    I think it's not XFS, but libXfont.

    Here's the end of strace before xfs dies:

    | open("/usr/share/fonts/Type1/ariam___-ISO-8859-2.pfb", O_RDONLY) = 7
    | read(7, "\200\1\352\26\0\0%!PS-AdobeFont-1.0: Arial-"..., 512) = 512
    [...]
    | read(7, "\375KlWqU\200\321\20\2274;\214k\207\222\357\7[Q0\235\213"..., 512) = 512
    | close(7) = 0
    | old_mmap(NULL, 6311936, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x408d7000
    | old_mmap(NULL, 13180928, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40edc000
    | old_mmap(NULL, 31662080, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x41b6e000
    | old_mmap(NULL, 33607680, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x439a0000
    | old_mmap(NULL, 46592000, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x459ad000
    | write(2, "xfs error: ", 11) = -1 EBADF (Bad file descriptor)
    | write(2, "Beziers this big not yet support"..., 34) = -1 EBADF (Bad file descriptor)
    | rt_sigprocmask(SIG_UNBLOCK, [ABRT], NULL, 8) = 0
    | getpid() = 21200
    | kill(21200, SIGABRT) = 0
    | --- SIGABRT (Aborted) ---

    In XFree86 (4.2.0) in xc/lib/font/Type1/curves.c about line 219 there is:

    | struct segment *
    | StepBezier(struct region *R, /* Region under construction or NULL */
    [...]
    | if ( TOOBIG(xB) || TOOBIG(yB) || TOOBIG(xC) || TOOBIG(yC)
    | || TOOBIG(xD) || TOOBIG(yD) )
    | abort("Beziers this big not yet supported");

    It isn't very good idea to abort() on wrong parameters in shared library
    function... 

    -- 
Jakub Bogusz    http://prioris.mini.pw.edu.pl/~qboosh/
PLD Linux       http://www.pld.org.pl/