rpms / freetype

Clone
Source Code
GIT

Blame SOURCES/freetype-2.4.11-CVE-2014-9664b.patch

c4 c5 c5-plus c6 c6-plus c7 c7-aarch64 c7-alt c7-beta c7-ppc64le c8 c8-beta c8s c9 c9-beta
  1.   15122352b96ca9a9cfe866df97ed27a932466469
  2.   SOURCES
  3.   freetype-2.4.11-CVE-2014-9664b.patch
Blob History Raw
43e195 
From dd89710f0f643eb0f99a3830e0712d26c7642acd Mon Sep 17 00:00:00 2001
43e195 
From: Werner Lemberg <wl@gnu.org>
43e195 
Date: Fri, 21 Nov 2014 21:19:28 +0000
43e195 
Subject: [type1, type42] Fix Savannah bug #43655.
43e195
43e195 
* src/type1/t1load.c (parse_charstrings), src/type42/t42parse.c
43e195 
(t42_parse_charstrings): Fix boundary testing.
43e195 
---
43e195 
diff --git a/src/type1/t1load.c b/src/type1/t1load.c
43e195 
index fd06432..caa75bd 100644
43e195 
--- a/src/type1/t1load.c
43e195 
+++ b/src/type1/t1load.c
43e195 
@@ -1602,7 +1602,7 @@
43e195 
         FT_PtrDist  len;
43e195
43e195
43e195 
-        if ( cur + 1 >= limit )
43e195 
+        if ( cur + 2 >= limit )
43e195 
         {
43e195 
           error = T1_Err_Invalid_File_Format;
43e195 
           goto Fail;
43e195 
diff --git a/src/type42/t42parse.c b/src/type42/t42parse.c
43e195 
index 9b66888..a60e216 100644
43e195 
--- a/src/type42/t42parse.c
43e195 
+++ b/src/type42/t42parse.c
43e195 
@@ -837,7 +837,7 @@
43e195 
         FT_PtrDist  len;
43e195
43e195
43e195 
-        if ( cur + 1 >= limit )
43e195 
+        if ( cur + 2 >= limit )
43e195 
         {
43e195 
           FT_ERROR(( "t42_parse_charstrings: out of bounds\n" ));
43e195 
           error = T42_Err_Invalid_File_Format;
43e195 
--
43e195 
cgit v0.9.0.2

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation