AddUTF8FromBytes modifies its argument utf8bytes resulting in a panic if you generate two PDFs wih the "same" font bytes. #316
Comments
Thanks for the well-written, concise report and demonstration code, @vdobler. There is no reason why a cached copy of the font should be modified. I will look into this and hope others can provide some insights too. |
I fixed it and create pull reguest. |
@vdobler -- can you confirm that the problem has been corrected? |
I do not thing that the PR #318 is a proper fix for the underlying problem. Making a copy before modifying the byte slice hides the actual problem: somehow reading the font is not a read-only action. This type of stopgap solution can be used without this "fix" (actually that's what I'm doing now: make a copy). But I think the actual modification should be fixed instead of hidden behind a copy. |
@vdobler -- all points well-taken. |
The font gets modified in two places within The second place the data gets modified is at line 1025. https://github.com/jacobalberty/gofpdf/tree/badfix https://github.com/jacobalberty/gofpdf/tree/worsefix I am not sure either of these fixes are truly the correct answer as such I have not opened a PR, though |
Excellent insights and report, @jacobalberty. I will study your branches. How did you go about figuring how the backing array was modified? |
@jung-kurt I modified a report generator I had to hash the font bytes before and after then backed out #318 to confirm that hashing the bytes would show the issue. Then went back to with #318 included and started by looking at the Just FYI this very situation seems to be why they added 3 index slicing into go 1.2 from the design doc for 3 index slicing |
Ok after thinking about it for a when today. It occurs to me that my
`worsefix` may actually be the ideal fix. Both of those functions have side
effects right now in that they (may) modify the you pass into them. The
worsefix branch removes, at least some of, those side effects
I'm typing on my phone by email right now so I don't have my original
analysis in front of me but worsefix should completely remove all side
effects from `splice` while the other function there was at least one other
loop that needs to be fixed to remove side effects (at this time it doesn't
introduce harmful side effects but it could later if usage changes). I will
probably check in a fix for the rest of that function later this evening.
It is less efficient since it will duplicate more data than `badfix` but it
will remove a potential source of bugs later on.
…On Wed, Nov 6, 2019, 5:16 AM Kurt Jung ***@***.***> wrote:
Excellent insights and report, @jacobalberty
<https://github.com/jacobalberty>. I will study your branches. How did
you go about figuring how the backing array was modified?
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
<#316?email_source=notifications&email_token=AAPDNAR3QPIUEMRDVSQNKJ3QSKRQLA5CNFSM4I4I4C62YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEDGGC6I#issuecomment-550265209>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAPDNAQPE27SJNUWIGOXTHLQSKRQLANCNFSM4I4I4C6Q>
.
|
Very impressive analysis, @jacobalberty. Thanks for delving into this and figuring out all of the implications. |
Many thanks, @jacobalberty for putting this issue to rest ( 47a2c24). |
I've encountered a strange problem: I can generate a PDF with embedded UTF-8 font without any problems, but just once. Generating the same PDF once more results in a panic because the input utf8bytes to AddUTF8FontFromBytes is modified.
Here is (stripped) the code to reproduce above error:
The problem does not happen if the font is loaded from disk, e.g. with
pdf.AddUTF8Font("HNC", "", "..../github.com/jung-kurt/gofpdf/font/DejaVuSansCondensed.ttf")
The panic does not happen on the first rendering but on all subsequent renderings (not show in demo code above).
The reason is that somehow AddUTF8FontFromBytes modifies its input utf8bytes. Makeing a copy beforehand avoids the problem and renders all PDFs without problems.
(Maybe this modification if the utf8bytes argument is intended but then it should be documented.)
The delta is not big, here the output of github.com/google/go-cmp/cmp.Diff'ing utf8bytes before and after:
The text was updated successfully, but these errors were encountered: