kc3-lang/freetype

Browse

Commit f9fa1c8b7789b43225fd03c7e5e642e7c36ff23f

Werner Lemberg 2007-06-18T17:00:05

* src/psaux/psobjs.c (ps_parser_skip_PS_token): Remove incorrect assertion. (ps_parser_to_bytes): Fix error message. * src/type42/t42objs.c (T42_Open_Face): Handle one more error return. * src/type42/t42parse.c (t42_parse_sfnts): s/alloc/allocated/. Don't allow mixed binary and hex strings. Handle zero string_size == 0 and string_buf == 0. 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145

diff --git a/ChangeLog b/ChangeLog
index 8ce3568..ddfe517 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,17 @@
 2006-06-18  Werner Lemberg  <wl@gnu.org>
 
+	* src/psaux/psobjs.c (ps_parser_skip_PS_token): Remove incorrect
+	assertion.
+	(ps_parser_to_bytes): Fix error message.
+
+	* src/type42/t42objs.c (T42_Open_Face): Handle one more error
+	return.
+	* src/type42/t42parse.c (t42_parse_sfnts): s/alloc/allocated/.
+	Don't allow mixed binary and hex strings.
+	Handle zero string_size == 0 and string_buf == 0.
+
+2006-06-18  Werner Lemberg  <wl@gnu.org>
+
 	* src/psaux/psobjs.c (ps_tofixedarray, ps_tocoordarray): Fix exit
 	logic.
 	(ps_parser_load_field) <T1_FIELD_TYPE_BBOX>: Skip delimiters
diff --git a/src/psaux/psobjs.c b/src/psaux/psobjs.c
index 0ea81cd..9570856 100644
--- a/src/psaux/psobjs.c
+++ b/src/psaux/psobjs.c
@@ -592,7 +592,6 @@
       error = PSaux_Err_Invalid_File_Format;
     }
 
-    FT_ASSERT( parser->error == PSaux_Err_Ok );
     parser->error  = error;
     parser->cursor = cur;
   }
@@ -1338,7 +1337,7 @@
     {
       if ( cur < parser->limit && *cur != '>' )
       {
-        FT_ERROR(( "ps_tobytes: Missing closing delimiter `>'\n" ));
+        FT_ERROR(( "ps_parser_to_bytes: Missing closing delimiter `>'\n" ));
         error = PSaux_Err_Invalid_File_Format;
         goto Exit;
       }
diff --git a/src/type42/t42objs.c b/src/type42/t42objs.c
index ecd0473..db04fde 100644
--- a/src/type42/t42objs.c
+++ b/src/type42/t42objs.c
@@ -4,7 +4,7 @@
 /*                                                                         */
 /*    Type 42 objects manager (body).                                      */
 /*                                                                         */
-/*  Copyright 2002, 2003, 2004, 2005, 2006 by Roberto Alameda.             */
+/*  Copyright 2002, 2003, 2004, 2005, 2006, 2007 by Roberto Alameda.       */
 /*                                                                         */
 /*  This file is part of the FreeType project, and may only be used,       */
 /*  modified, and distributed under the terms of the FreeType project      */
@@ -55,6 +55,8 @@
 
     error = t42_parse_dict( face, &loader,
                             parser->base_dict, parser->base_len );
+    if ( error )
+      goto Exit;
 
     if ( type1->font_type != 42 )
     {
diff --git a/src/type42/t42parse.c b/src/type42/t42parse.c
index 9233985..c60b3af 100644
--- a/src/type42/t42parse.c
+++ b/src/type42/t42parse.c
@@ -4,7 +4,7 @@
 /*                                                                         */
 /*    Type 42 font parser (body).                                          */
 /*                                                                         */
-/*  Copyright 2002, 2003, 2004, 2005, 2006 by Roberto Alameda.             */
+/*  Copyright 2002, 2003, 2004, 2005, 2006, 2007 by Roberto Alameda.       */
 /*                                                                         */
 /*  This file is part of the FreeType project, and may only be used,       */
 /*  modified, and distributed under the terms of the FreeType project      */
@@ -490,7 +490,7 @@
 
     FT_Long     n, string_size, old_string_size, real_size;
     FT_Byte*    string_buf = NULL;
-    FT_Bool     alloc      = 0;
+    FT_Bool     allocated  = 0;
 
     T42_Load_Status  status;
 
@@ -545,7 +545,7 @@
         if ( FT_REALLOC( string_buf, old_string_size, string_size ) )
           goto Fail;
 
-        alloc = 1;
+        allocated = 1;
 
         parser->root.cursor = cur;
         (void)T1_ToBytes( parser, string_buf, string_size, &real_size, 1 );
@@ -555,6 +555,14 @@
 
       else if ( ft_isdigit( *cur ) )
       {
+        if ( allocated )
+        {
+          FT_ERROR(( "t42_parse_sfnts: "
+                     "can't handle mixed binary and hex strings!\n" ));
+          error = T42_Err_Invalid_File_Format;
+          goto Fail;
+        }
+
         string_size = T1_ToInt( parser );
 
         T1_Skip_PS_Token( parser );             /* `RD' */
@@ -572,10 +580,24 @@
         }
       }
 
+      if ( !string_buf )
+      {
+        FT_ERROR(( "t42_parse_sfnts: invalid data in sfnts array!\n" ));
+        error = T42_Err_Invalid_File_Format;
+        goto Fail;
+      }
+
       /* A string can have a trailing zero byte for padding.  Ignore it. */
       if ( string_buf[string_size - 1] == 0 && ( string_size % 2 == 1 ) )
         string_size--;
 
+      if ( !string_size )
+      {
+        FT_ERROR(( "t42_parse_sfnts: invalid string!\n" ));
+        error = T42_Err_Invalid_File_Format;
+        goto Fail;
+      }
+
       for ( n = 0; n < string_size; n++ )
       {
         switch ( status )
@@ -654,7 +676,7 @@
     parser->root.error = error;
 
   Exit:
-    if ( alloc )
+    if ( allocated )
       FT_FREE( string_buf );
   }
kmx.io     mail     discord kmxgit v0.4.0