Commit 8b1c34da4ca2f21713b4a47db2a025c23e5b9eb4
2010-06-24T08:48:10
Fix Savannah bug #30236. * src/sfnt/ttcmap.c (tt_face_build_cmaps): Improve check for pointer to `cmap_table'.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46
diff --git a/ChangeLog b/ChangeLog
index 3132d39..8d320b4 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,12 @@
2010-06-24 Werner Lemberg <wl@gnu.org>
+ Fix Savannah bug #30236.
+
+ * src/sfnt/ttcmap.c (tt_face_build_cmaps): Improve check for pointer
+ to `cmap_table'.
+
+2010-06-24 Werner Lemberg <wl@gnu.org>
+
Fix Savannah bug #30235.
* src/pfr/pfrgload.c (pfr_glyph_load_simple): Protect against
diff --git a/src/sfnt/ttcmap.c b/src/sfnt/ttcmap.c
index 7fa2793..99e7dec 100644
--- a/src/sfnt/ttcmap.c
+++ b/src/sfnt/ttcmap.c
@@ -4,7 +4,7 @@
/* */
/* TrueType character mapping table (cmap) support (body). */
/* */
-/* Copyright 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 by */
+/* Copyright 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 by */
/* David Turner, Robert Wilhelm, and Werner Lemberg. */
/* */
/* This file is part of the FreeType project, and may only be used, */
@@ -3392,11 +3392,12 @@
FT_Byte* limit = table + face->cmap_size;
FT_UInt volatile num_cmaps;
FT_Byte* volatile p = table;
- FT_Library library = FT_FACE_LIBRARY(face);
- FT_UNUSED(library);
+ FT_Library library = FT_FACE_LIBRARY( face );
+ FT_UNUSED( library );
- if ( p + 4 > limit )
+
+ if ( !p || p + 4 > limit )
return SFNT_Err_Invalid_Table;
/* only recognize format 0 */