current/SOURCES/0006-parsettf.c-Fix-out-of-bounds-read-condition-on-buffe.patch

From 7bfec47910293bf149b8debe44c6f3f788506092 Mon Sep 17 00:00:00 2001
From: Jeremy Tan <jtanx@outlook.com>
Date: Sun, 30 Jul 2017 11:56:43 +0800
Subject: [PATCH 6/6] parsettf.c: Fix out of bounds read condition on buffer

Closes #3093
---
 fontforge/parsettf.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

--- a/fontforge/parsettf.c
+++ b/fontforge/parsettf.c
@@ -1744,7 +1744,7 @@
     if ( info->version==NULL ) info->version = copy("1.0");
     else if ( strnmatch(info->version,"Version ",8)==0 ) {
        char *temp = copy(info->version+8);
-       if ( temp[strlen(temp)-1]==' ' )
+       if ( temp[0] != '\0' && temp[strlen(temp)-1]==' ' )
            temp[strlen(temp)-1] = '\0';
        free(info->version);
        info->version = temp;
1	luigiwalser	1186904	From 7bfec47910293bf149b8debe44c6f3f788506092 Mon Sep 17 00:00:00 2001
2			From: Jeremy Tan <jtanx@outlook.com>
3			Date: Sun, 30 Jul 2017 11:56:43 +0800
4			Subject: [PATCH 6/6] parsettf.c: Fix out of bounds read condition on buffer
5
6			Closes #3093
7			---
8			fontforge/parsettf.c \| 2 +-
9			1 file changed, 1 insertion(+), 1 deletion(-)
10
11			--- a/fontforge/parsettf.c
12			+++ b/fontforge/parsettf.c
13			@@ -1744,7 +1744,7 @@
14			if ( info->version==NULL ) info->version = copy("1.0");
15			else if ( strnmatch(info->version,"Version ",8)==0 ) {
16			char *temp = copy(info->version+8);
17			- if ( temp[strlen(temp)-1]==' ' )
18			+ if ( temp[0] != '\0' && temp[strlen(temp)-1]==' ' )
19			temp[strlen(temp)-1] = '\0';
20			free(info->version);
21			info->version = temp;