[tex4ht] [bug #611] Random SIGSEGV of tex4ht due to invalid memory accesses

Karl Berry puszcza-hackers at gnu.org.ua
Thu Oct 12 18:17:24 CEST 2023

Follow-up Comment #2, bug #611 (project tex4ht):

Hi Oliver - thanks again for all the debugging. Due to all your work, I think
the fix for the invalid read is pretty simple:

 && cur_fnt >= 0

before the condition indexing font_tbl, to avoid the negative indexing. That
is, change that line to be:

&& cur_fnt >= 0 && (default_font != font_tbl[cur_fnt].num) ){

Committed to the tex4ht repo in r1387. I'll update the TeX Live repo in a

(The diff is obscured by thousands of unimportant #line changes, so not
bothering to send that.)

cur_fnt is initialized to -1. So this happens when that test is made before
any font (DVI fntdef command) has been seen, which is the case with your test
dvi. It's not clear to me which of the many DVI specials (xxx opcodes) is
being executed at the time of the test, but I think it doesn't matter. We can
just protect against it.

After doing that, valgrind no longer complains about the invalid read (for

As long as I'm here, I'll look into the uninitialized values too, but thought
I'd send this first.

Thanks again.


Reply to this item at:


  Message sent via/by Puszcza

More information about the tex4ht mailing list.