/[packages]/updates/5/fontforge/current/SOURCES/0004-parsettf.c-Fix-buffer-overrun-condition.patch
ViewVC logotype

Annotation of /updates/5/fontforge/current/SOURCES/0004-parsettf.c-Fix-buffer-overrun-condition.patch

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1186904 - (hide annotations) (download)
Fri Dec 29 01:10:44 2017 UTC (18 months, 2 weeks ago) by luigiwalser
File size: 613 byte(s)
add patches from debian to fix CVE-2017-1156[89] and CVE-2017-1157[124567]
1 luigiwalser 1186904 From 62b6433a81ee7ed6e0ac2d6b09ac85b885046ac3 Mon Sep 17 00:00:00 2001
2     From: Jeremy Tan <jtanx@outlook.com>
3     Date: Sun, 30 Jul 2017 10:27:17 +0800
4     Subject: [PATCH 4/6] parsettf.c: Fix buffer overrun condition
5    
6     Closes #3090
7     ---
8     fontforge/parsettf.c | 2 +-
9     1 file changed, 1 insertion(+), 1 deletion(-)
10    
11     --- a/fontforge/parsettf.c
12     +++ b/fontforge/parsettf.c
13     @@ -3504,7 +3504,7 @@
14     for ( i = 1; i<len; ) {
15     first = dict->charset[i++] = getushort(ttf);
16     cnt = getc(ttf);
17     - for ( j=0; j<cnt; ++j )
18     + for ( j=0; j<cnt && i<len; ++j )
19     dict->charset[i++] = ++first;
20     }
21     } else if ( format==2 ) {

  ViewVC Help
Powered by ViewVC 1.1.26