kc3-lang/freetype

Browse

Commit 548f68d805159d01342b16ccb5ac25704bf0d126

Werner Lemberg 2016-08-16T09:46:40

[lzw] Avoid invalid left shift. * src/lzw/ftzopen.c (ft_lzwstate_get_code): Limit `num_bits'. 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30

diff --git a/ChangeLog b/ChangeLog
index da002ab..b01e3c2 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,11 @@
 2016-08-16  Werner Lemberg  <wl@gnu.org>
 
+	[lzw] Avoid invalid left shift.
+
+	* src/lzw/ftzopen.c (ft_lzwstate_get_code): Limit `num_bits'.
+
+2016-08-16  Werner Lemberg  <wl@gnu.org>
+
 	[lzw] Avoid buffer overrun.
 
 	Reported as
diff --git a/src/lzw/ftzopen.c b/src/lzw/ftzopen.c
index 32839cc..ae79fdd 100644
--- a/src/lzw/ftzopen.c
+++ b/src/lzw/ftzopen.c
@@ -65,6 +65,9 @@
     FT_Int    result;
 
 
+    if ( num_bits > LZW_MAX_BITS )
+      return -1;
+
     if ( state->buf_clear                    ||
          offset >= state->buf_size           ||
          state->free_ent >= state->free_bits )
kmx.io     mail     discord kmxgit v0.4.0