Commit 495de6cc72c602a5c2c14a14b5c1da59f18e26f7
2016-03-06T23:54:34
[base] Refuse to render enormous outlines (#47114). The goal is to avoid integer overflows in the rendering algorithms. The limit is chosen arbitrarily at some 2^18 pixels, which should be enough for modern devices including printers. * src/base/ftoutln.c (FT_Outline_Render): Check CBox and reject enormous outlines.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45
diff --git a/ChangeLog b/ChangeLog
index a1db4ad..8761d54 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,16 @@
2016-03-06 Alexei Podtelezhnikov <apodtele@gmail.com>
+ [base] Refuse to render enormous outlines (#47114).
+
+ The goal is to avoid integer overflows in the rendering algorithms.
+ The limit is chosen arbitrarily at some 2^18 pixels, which should be
+ enough for modern devices including printers.
+
+ * src/base/ftoutln.c (FT_Outline_Render): Check CBox and reject
+ enormous outlines.
+
+2016-03-06 Alexei Podtelezhnikov <apodtele@gmail.com>
+
[smooth] Replace left shifts with multiplications (#47114).
* src/smooth/ftgrays.c (SUBPIXELS, UPSCALE, DOWNSCALE): Do it.
diff --git a/src/base/ftoutln.c b/src/base/ftoutln.c
index fa2d2cf..1cf8644 100644
--- a/src/base/ftoutln.c
+++ b/src/base/ftoutln.c
@@ -618,6 +618,7 @@
FT_Error error;
FT_Renderer renderer;
FT_ListNode node;
+ FT_BBox cbox;
if ( !library )
@@ -629,6 +630,11 @@
if ( !params )
return FT_THROW( Invalid_Argument );
+ FT_Outline_Get_CBox( outline, &cbox );
+ if ( cbox.xMin < -0x1000000L || cbox.yMin < -0x1000000L ||
+ cbox.xMax > 0x1000000L || cbox.yMax > 0x1000000L )
+ return FT_THROW( Invalid_Outline );
+
renderer = library->cur_renderer;
node = library->renderers.head;