/[packages]/updates/5/fontforge/current/SOURCES/0002-readcfftopdict-Prevent-stack-underflow-condition.patch
ViewVC logotype

Contents of /updates/5/fontforge/current/SOURCES/0002-readcfftopdict-Prevent-stack-underflow-condition.patch

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1186904 - (show annotations) (download)
Fri Dec 29 01:10:44 2017 UTC (19 months, 2 weeks ago) by luigiwalser
File size: 741 byte(s)
add patches from debian to fix CVE-2017-1156[89] and CVE-2017-1157[124567]
1 From df349365630344ef3004a3c7934c7e7496692fb1 Mon Sep 17 00:00:00 2001
2 From: Jeremy Tan <jtanx@outlook.com>
3 Date: Sun, 30 Jul 2017 09:38:56 +0800
4 Subject: [PATCH 2/6] readcfftopdict: Prevent stack underflow condition
5
6 Closes #3091
7 ---
8 fontforge/parsettf.c | 4 ++++
9 1 file changed, 4 insertions(+)
10
11 --- a/fontforge/parsettf.c
12 +++ b/fontforge/parsettf.c
13 @@ -3093,6 +3093,10 @@
14 case (12<<8)+24:
15 LogError( _("FontForge does not support type2 multiple master fonts\n") );
16 info->bad_cff = true;
17 + if (sp < 4) {
18 + LogError(_("CFF dict stack underflow detected: %d < 4\n"), sp);
19 + break;
20 + }
21 td->nMasters = stack[0];
22 td->nAxes = sp-4;
23 memcpy(td->weightvector,stack+1,(sp-4)*sizeof(real));

  ViewVC Help
Powered by ViewVC 1.1.26