Integer overflow

Post any defects you find in the released or beta versions of the ImageMagick software here. Include the ImageMagick version, OS, and any command-line required to reproduce the problem. Got a patch for a bug? Post it here.
Post Reply
broucaries
Posts: 467
Joined: 2008-12-21T11:51:10-07:00

Integer overflow

Post by broucaries » 2016-02-19T10:47:10-07:00

ear Maintainer,

I seem to have stumbled across an integer overflow issue with imagemagick, pertaining to calculated font metrics (width/bounds) for many fonts depending on pointsize. A more detailed bug report of mine can be found in the ImageMagick Forum:

https://www.imagemagick.org/discourse-s ... =3&t=29135


* What led up to the situation?

$ convert -debug annotate -pointsize 72 -font ./RNS.ttf label:g null:

NOTE RNS.ttf was taken from http://www.1001fonts.com/rns-font.html


* What was the outcome of this action?

2016-02-15T20:29:34+01:00 0:00.010 0.000u 6.9.3 Annotate convert[3989]: annotate.c/RenderFreetype/1421/Annotate
Font ./RNS.ttf; font-encoding none; text-encoding none; pointsize 72
2016-02-15T20:29:34+01:00 0:00.010 0.000u 6.9.3 Annotate convert[3989]: annotate.c/GetTypeMetrics/843/Annotate
Metrics: text: g; width: 3.35545e+07; height: 103; ascent: 70; descent: -31; max advance: 61; bounds: -3.35544e+07,-0.09375 35,55.1719; origin: 36,0; pixels per em: 72,72; underline position: -1.5625; underline thickness: 0.78125


* What outcome did you expect instead?

2016-02-12T06:56:07-05:00 0:00.110 0.010u 7.0.0 Annotate convert[22115]: annotate.c/RenderFreetype/1442/Annotate
Font ./RNS.ttf; font-encoding none; text-encoding none; pointsize 72
2016-02-12T06:56:07-05:00 0:00.110 0.010u 7.0.0 Annotate convert[22115]: annotate.c/GetTypeMetrics/860/Annotate
Metrics: text: g; width: 38.5625; height: 103; ascent: 70; descent: -31; max advance: 61; bounds: 0.4375,-0.09375 35,55.1719; origin: 36.2812,0; pixels per em: 72,72; underline position: -1.5625; underline thickness: 0.78125

Any help would be much appreciated.

User avatar
magick
Site Admin
Posts: 11064
Joined: 2003-05-31T11:32:55-07:00

Re: Integer overflow

Post by magick » 2016-02-19T12:18:25-07:00

Until we can reproduce the problem, we have little to offer as a solution. There of course could be a bug in ImageMagick that is exposed on certain hosts or certain compilers releases or perhaps a certain version of Freetype returns bogus metrics or ImageMagick was built with one version of Freetype but is now its linking to a different version with a structure offset. On all our systems, we are getting expected results from the RNS.ttf font.

Post Reply