kc3-lang/freetype

Browse

Commit d47d372c96d445a30b7d7a26be00d60ffa878e6d

Werner Lemberg 2015-10-20T12:24:36

[cid] Avoid segfault with malformed input (#46250). * src/cid/cidload.c (cid_read_subrs): Return a proper error code for unsorted offsets. 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31

diff --git a/ChangeLog b/ChangeLog
index 97e8b08..85dcfb0 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+2015-10-20  Werner Lemberg  <wl@gnu.org>
+
+	[cid] Avoid segfault with malformed input (#46250).
+
+	* src/cid/cidload.c (cid_read_subrs): Return a proper error code for
+	unsorted offsets.
+
 2015-10-20  StudioEtrange  <nomorgan@gmail.com>
 
 	* CMakeLists.txt: Enable shared library builds on MinGW (#46233).
diff --git a/src/cid/cidload.c b/src/cid/cidload.c
index c579c14..0bf73d4 100644
--- a/src/cid/cidload.c
+++ b/src/cid/cidload.c
@@ -484,7 +484,11 @@
       /* offsets must be ordered */
       for ( count = 1; count <= num_subrs; count++ )
         if ( offsets[count - 1] > offsets[count] )
+        {
+          FT_TRACE1(( "cid_read_subrs: offsets are not ordered\n" ));
+          error = FT_THROW( Syntax_Error );
           goto Fail;
+        }
 
       /* now, compute the size of subrs charstrings, */
       /* allocate, and read them                     */
kmx.io     mail     discord kmxgit v0.4.0