Commit b2ea64bcc6c385a8e8318f9c759450a07df58b6d
2010-07-02T18:16:02
Additional fix for Savannah bug #30306. * src/base/ftobjs.c (Mac_Read_POST_Resource): If the type of the POST fragment is 0, the segment is completely ignored. The declared length of the segment is not cared at all. According to Adobe Technical Note 5040, type 0 segment is comment only and should not be loaded for the interpreter. Reported by Robert Swiecki.
diff --git a/ChangeLog b/ChangeLog
index 4073342..a046796 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,14 @@
+2010-07-02 suzuki toshiya <mpsuzuki@hiroshima-u.ac.jp>
+
+ Additional fix for Savannah bug #30306.
+
+ * src/base/ftobjs.c (Mac_Read_POST_Resource): If the type
+ of the POST fragment is 0, the segment is completely ignored.
+ The declared length of the segment is not cared at all.
+ According to Adobe Technical Note 5040, type 0 segment is
+ comment only and should not be loaded for the interpreter.
+ Reported by Robert Swiecki.
+
2010-07-01 Werner Lemberg <wl@gnu.org>
[truetype] Protect against code range underflow.
diff --git a/src/base/ftobjs.c b/src/base/ftobjs.c
index 7c2662f..11efc75 100644
--- a/src/base/ftobjs.c
+++ b/src/base/ftobjs.c
@@ -1550,6 +1550,9 @@
FT_TRACE3(( "POST fragment[%d]: offsets=0x%08x, rlen=0x%08x, flags=0x%04x\n",
i, offsets[i], rlen, flags ));
+ if ( ( flags >> 8 ) == 0 ) /* Comment, should not be loaded */
+ continue;
+
/* the flags are part of the resource, so rlen >= 2. */
/* but some fonts declare rlen = 0 for empty fragment */
if ( rlen > 2 )