blob: e4a991e984172498f810bf5bbff25ffd723c7f90 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
From 07bdb6e289c7954e2a533039dc93c1c136099d2d Mon Sep 17 00:00:00 2001
From: Werner Lemberg <wl@gnu.org>
Date: Sat, 15 Dec 2012 01:02:23 +0000
Subject: [bdf] Fix Savannah bug #37906.
* src/bdf/bdflib.c (_bdf_parse_glyphs): Use correct array size for
checking `glyph_enc'.
Upstream-Status: Pending
Signed-off-by: Eren Turkay <eren@hambedded.org>
Signed-off-by: Scott Garman <scott.a.garman@intel.com>
---
diff --git a/src/bdf/bdflib.c b/src/bdf/bdflib.c
index 8d7f9a0..f9c06ca 100644
--- a/src/bdf/bdflib.c
+++ b/src/bdf/bdflib.c
@@ -1628,8 +1628,9 @@
/* Check that the encoding is in the Unicode range because */
/* otherwise p->have (a bitmap with static size) overflows. */
- if ( p->glyph_enc > 0 &&
- (size_t)p->glyph_enc >= sizeof ( p->have ) * 8 )
+ if ( p->glyph_enc > 0 &&
+ (size_t)p->glyph_enc >= sizeof ( p->have ) /
+ sizeof ( unsigned long ) * 32 )
{
FT_ERROR(( "_bdf_parse_glyphs: " ERRMSG5, lineno, "ENCODING" ));
error = BDF_Err_Invalid_File_Format;
--
cgit v0.9.0.2
|
