rpms / fontconfig

Clone
Source Code
GIT

Blame SOURCES/fontconfig-offset-in-elts.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   70072393a1174e2378fed23d8328bb4fd2554ee0
  2.   SOURCES
  3.   fontconfig-offset-in-elts.patch
Blob History Raw
982ad7 
diff --git a/src/fccache.c b/src/fccache.c
982ad7 
index 02ec301..6f3c68a 100644
982ad7 
--- a/src/fccache.c
982ad7 
+++ b/src/fccache.c
982ad7 
@@ -640,6 +640,7 @@ FcCacheOffsetsValid (FcCache *cache)
982ad7 
             FcPattern		*font = FcFontSetFont (fs, i);
982ad7 
             FcPatternElt	*e;
982ad7 
             FcValueListPtr	 l;
982ad7 
+	    char                *last_offset;
982ad7
982ad7 
             if ((char *) font < base ||
982ad7 
                 (char *) font > end - sizeof (FcFontSet) ||
982ad7 
@@ -653,11 +654,17 @@ FcCacheOffsetsValid (FcCache *cache)
982ad7 
             if (e->values != 0 && !FcIsEncodedOffset(e->values))
982ad7 
                 return FcFalse;
982ad7
982ad7 
-            for (j = font->num, l = FcPatternEltValues(e); j >= 0 && l; j--, l = FcValueListNext(l))
982ad7 
-                if (l->next != NULL && !FcIsEncodedOffset(l->next))
982ad7 
-                    break;
982ad7 
-            if (j < 0)
982ad7 
-                return FcFalse;
982ad7 
+	    for (j = 0; j < font->num; j++)
982ad7 
+	    {
982ad7 
+		last_offset = (char *) font + font->elts_offset;
982ad7 
+		for (l = FcPatternEltValues(&e[j]); l; l = FcValueListNext(l))
982ad7 
+		{
982ad7 
+		    if ((char *) l < last_offset || (char *) l > end - sizeof (*l) ||
982ad7 
+			(l->next != NULL && !FcIsEncodedOffset(l->next)))
982ad7 
+			return FcFalse;
982ad7 
+		    last_offset = (char *) l + 1;
982ad7 
+		}
982ad7 
+	    }
982ad7 
         }
982ad7 
     }
982ad7

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation