United StatesChange Country, Oracle Worldwide Web Sites Communities I am a... I want to...
JDK-4762039 : EXCEPTION_ACCESS_VIOLATION in Fontmanager.dll

Details
Type:
Bug
Submit Date:
2002-10-11
Status:
Resolved
Updated Date:
2003-02-26
Project Name:
JDK
Resolved Date:
2003-02-25
Component:
client-libs
OS:
windows_2000
Sub-Component:
2d
CPU:
x86
Priority:
P4
Resolution:
Fixed
Affected Versions:
1.4.0
Fixed Versions:
1.4.2 (b17)

Related Reports
Backport:
Relates:

Sub Tasks

Description

Name: gm110360			Date: 10/11/2002


FULL PRODUCT VERSION :
java version "1.4.0"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.0-b92)
Java HotSpot(TM) Client VM (build 1.4.0-b92, mixed mode)

FULL OPERATING SYSTEM VERSION :
Microsoft Windows 2000 [Version 5.00.2195]

ADDITIONAL OPERATING SYSTEMS :
This bug occurs on all Windows versions

A DESCRIPTION OF THE PROBLEM :
sun.awt.font.NativeFontWrapper.registerFonts occasionally
traps on an illegal memory read. This occurs because the
information in the table headers in the font files -
specifically table sizes - are not checked for consistency.


STEPS TO FOLLOW TO REPRODUCE THE PROBLEM :
1.Compile and run test program below, with one of the
following font files installed:

ameb____.TTF
bdbi____.TTF
bdb_____.TTF
bdri____.TTF
bd______.TTF
bl______.TTF
cpb_____.TTF

2. Let the test program run until the access violation
exception occurs, or use a debugger to verify that an
illegal memory access is in fact made in InitializeCMAPin
cmaps.cpp every time.



ERROR MESSAGES/STACK TRACES THAT OCCUR :
An unexpected exception has been detected in native code outside the VM.
Unexpected Signal : EXCEPTION_ACCESS_VIOLATION occurred at PC=0x6D1B3B4C
Function=[Unknown.]
Library=D:\j2sdk1.4.0\jre\bin\fontmanager.dll

NOTE: We are unable to locate the function name symbol for the error
      just occurred. Please refer to release documentation for possible
      reason and solutions.


Current Java thread:
	at sun.awt.font.NativeFontWrapper.registerFonts(Native Method)
	- locked <06AF6468> (a java.lang.Class)
	at FontTester.addPathFonts(FontTester.java:32)
	at FontTester.main(FontTester.java:41)

Dynamic libraries:
0x00400000 - 0x00406000 	D:\j2sdk1.4.0\bin\java.exe
0x77F80000 - 0x77FFB000 	D:\WINNT\System32\ntdll.dll
0x77DB0000 - 0x77E0D000 	D:\WINNT\system32\ADVAPI32.dll
0x77E80000 - 0x77F36000 	D:\WINNT\system32\KERNEL32.DLL
0x77D30000 - 0x77DA1000 	D:\WINNT\system32\RPCRT4.DLL
0x78000000 - 0x78046000 	D:\WINNT\system32\MSVCRT.dll
0x6D330000 - 0x6D442000 	D:\j2sdk1.4.0\jre\bin\client\jvm.dll
0x77E10000 - 0x77E75000 	D:\WINNT\system32\USER32.dll
0x77F40000 - 0x77F7C000 	D:\WINNT\system32\GDI32.DLL
0x77570000 - 0x775A0000 	D:\WINNT\System32\WINMM.dll
0x6D1D0000 - 0x6D1D7000 	D:\j2sdk1.4.0\jre\bin\hpi.dll
0x6D300000 - 0x6D30D000 	D:\j2sdk1.4.0\jre\bin\verify.dll
0x6D210000 - 0x6D228000 	D:\j2sdk1.4.0\jre\bin\java.dll
0x6D320000 - 0x6D32D000 	D:\j2sdk1.4.0\jre\bin\zip.dll
0x6D000000 - 0x6D0F6000 	D:\j2sdk1.4.0\jre\bin\awt.dll
0x77800000 - 0x7781E000 	D:\WINNT\System32\WINSPOOL.DRV
0x76620000 - 0x76630000 	D:\WINNT\system32\MPR.DLL
0x75E60000 - 0x75E7A000 	D:\WINNT\System32\IMM32.dll
0x77A50000 - 0x77B45000 	D:\WINNT\system32\ole32.dll
0x6D180000 - 0x6D1D0000 	D:\j2sdk1.4.0\jre\bin\fontmanager.dll
0x77920000 - 0x77943000 	D:\WINNT\system32\imagehlp.dll
0x72A00000 - 0x72A2D000 	D:\WINNT\system32\DBGHELP.dll
0x690A0000 - 0x690AB000 	D:\WINNT\System32\PSAPI.DLL

Local Time = Sat Sep 28 00:19:49 2002
Elapsed Time = 4
#
# The exception above was detected in native code outside the VM
#
# Java VM: Java HotSpot(TM) Client VM (1.4.0-b92 mixed mode)
#


REPRODUCIBILITY :
This bug can be reproduced occasionally.

---------- BEGIN SOURCE ----------

import java.io.*;
import java.util.*;
import sun.awt.font.*;

public class FontTester {
 static Vector vector2 = new Vector();
 static {
   vector2.add(new Vector());
 }

 static void addPathFonts(String s, FilenameFilter
   filenamefilter, int i) {
   File file = new File(s);
   String as[] = file.list(filenamefilter);
   if (as == null) {
     return;
   }
   for (int j = 0; j < as.length; j++) {
     File file1 = new File(file, as[j]);
     String s1 = null;
         try {
           s1 = file1.getCanonicalPath();
       }
         catch(IOException ex) {
           s1 = file1.getAbsolutePath();
       }

         Vector vector = new Vector(1);
     vector.addElement(s1);
     System.out.println("Registering (" + i + ") " + s1);
     NativeFontWrapper.registerFonts(vector, 1, vector2, i, false);
   }
 }

 public static void main(String[] args) {
   String directory = "d:/temp/fonts";
   for (int i = 0; i < 10000; i++) {
     System.out.println("Test Number: " + i);
     addPathFonts(directory,
       new FilenameFilter() {
       public boolean accept(File file, String s) {
         return s.endsWith(".ttf") || s.endsWith(".TTF") || s.endsWith(".ttc")
|| s.endsWith(".TTC");
       }
     }, 0);
     addPathFonts(directory,
       new FilenameFilter() {
       public boolean accept(File file, String s) {
         return s.endsWith(".ps") || s.endsWith(".PS") || s.endsWith(".pfb") ||
s.endsWith(".PFB") || s.endsWith(".pfa") || s.endsWith(".PFA");
       }
     }, 1);
     addPathFonts(directory,
       new FilenameFilter() {
       public boolean accept(File file, String s) {
         return s.endsWith(".t2k") || s.endsWith(".T2K");
       }
     }, 2);
   }
   System.out.println("Done...");
 }
}
---------- END SOURCE ----------

CUSTOMER WORKAROUND :
Uninstall corrupt font files
(Review ID: 165494) 
======================================================================
Attached font files   
###@###.### 2002-10-16

                                    

Comments
EVALUATION

Font files needed.  Marking as incomplete.

###@###.### 2002-10-28

Name: inR10103			Date: 02/19/2003


  Fonts causing crash have same problem with CMAP table - 
length of last subtable seems to be random and may exceed table size.  
In fact subtable itself seems to be ok and its end coincidence with table   
end but length in the table header is not valid. 
  BTW, all known fonts with such problem are from same source 
(@ 1991 Digital Typeface Corp). 
  Proposed solution is check for this problem and ignore problematic fonts.


======================================================================
                                     
2004-08-24
CONVERTED DATA

BugTraq+ Release Management Values

COMMIT TO FIX:
mantis-beta
tiger

FIXED IN:
mantis-beta
tiger

INTEGRATED IN:
mantis-b17
mantis-beta
tiger
tiger-b03


                                     
2004-08-24



Hardware and Software, Engineered to Work Together