Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
ft2demos.449
CVE-2014-9671.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2014-9671.patch of Package ft2demos.449
From 0e2f5d518c60e2978f26400d110eff178fa7e3c3 Mon Sep 17 00:00:00 2001 From: Werner Lemberg <wl@gnu.org> Date: Thu, 06 Nov 2014 21:32:46 +0000 Subject: Fix Savannah bug #43547. * src/pcf/pcfread.c (pcf_read_TOC): Check `size' and `offset' values. --- diff --git a/src/pcf/pcfread.c b/src/pcf/pcfread.c index f63377b..8db31bd 100644 --- a/src/pcf/pcfread.c +++ b/src/pcf/pcfread.c @@ -154,6 +154,21 @@ THE SOFTWARE. break; } + /* we now check whether the `size' and `offset' values are reasonable: */ + /* `offset' + `size' must not exceed the stream size */ + tables = face->toc.tables; + for ( n = 0; n < toc->count; n++ ) + { + /* we need two checks to avoid overflow */ + if ( ( tables->size > stream->size ) || + ( tables->offset > stream->size - tables->size ) ) + { + error = FT_THROW( Invalid_Table ); + goto Exit; + } + tables++; + } + #ifdef FT_DEBUG_LEVEL_TRACE { -- cgit v0.9.0.2
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
