1 |
luigiwalser |
1186904 |
From 7bfec47910293bf149b8debe44c6f3f788506092 Mon Sep 17 00:00:00 2001 |
2 |
|
|
From: Jeremy Tan <jtanx@outlook.com> |
3 |
|
|
Date: Sun, 30 Jul 2017 11:56:43 +0800 |
4 |
|
|
Subject: [PATCH 6/6] parsettf.c: Fix out of bounds read condition on buffer |
5 |
|
|
|
6 |
|
|
Closes #3093 |
7 |
|
|
--- |
8 |
|
|
fontforge/parsettf.c | 2 +- |
9 |
|
|
1 file changed, 1 insertion(+), 1 deletion(-) |
10 |
|
|
|
11 |
|
|
--- a/fontforge/parsettf.c |
12 |
|
|
+++ b/fontforge/parsettf.c |
13 |
|
|
@@ -1744,7 +1744,7 @@ |
14 |
|
|
if ( info->version==NULL ) info->version = copy("1.0"); |
15 |
|
|
else if ( strnmatch(info->version,"Version ",8)==0 ) { |
16 |
|
|
char *temp = copy(info->version+8); |
17 |
|
|
- if ( temp[strlen(temp)-1]==' ' ) |
18 |
|
|
+ if ( temp[0] != '\0' && temp[strlen(temp)-1]==' ' ) |
19 |
|
|
temp[strlen(temp)-1] = '\0'; |
20 |
|
|
free(info->version); |
21 |
|
|
info->version = temp; |