kc3-lang/freetype

Browse

Commit 86c3c69c15dfc46238e2e0822876982b21aa53f9

Tomas Hoger 2011-09-11T09:08:40

Protect against loops in the prefix table. LZW decompressor did not sufficiently check codes read from the input LZW stream. A specially-crafted or corrupted input could create a loop in the prefix table, which leads to memory usage spikes, as there's no decompression stack size limit. * src/lzw/ftzopen.c (ft_lzwstate_io) <FT_LZW_PHASE_START>: First code in valid LZW stream must be 0..255. <FT_LZW_PHASE_CODE>: In the special KwKwK case, code == free_ent, code > free_ent is invalid. 


          

          

        

        


    

  





 kmx.io    
 mail    
 discord

kmxgit v0.4.0