Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP5:Update
ft2demos
CVE-2016-10244.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2016-10244.patch of Package ft2demos
From a660e3de422731b94d4a134d27555430cbb6fb39 Mon Sep 17 00:00:00 2001 From: Werner Lemberg <wl@gnu.org> Date: Fri, 26 Aug 2016 00:23:27 +0200 Subject: [type1] Fix heap buffer overflow. Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36 * src/type1/t1load.c (parse_charstrings): Reject fonts that don't contain glyph names. --- diff --git a/src/type1/t1load.c b/src/type1/t1load.c index c981adc..f8bf313 100644 --- a/src/type1/t1load.c +++ b/src/type1/t1load.c @@ -1776,6 +1776,12 @@ } } + if ( !n ) + { + error = FT_THROW( Invalid_File_Format ); + goto Fail; + } + loader->num_glyphs = n; /* if /.notdef is found but does not occupy index 0, do our magic. */ -- cgit v1.0-41-gc330
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
