[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[freetype2] master 4d364b6: [woff2] Fix segfault.
|
From: |
Werner LEMBERG |
|
Subject: |
[freetype2] master 4d364b6: [woff2] Fix segfault. |
|
Date: |
Thu, 18 Jun 2020 23:41:52 -0400 (EDT) |
branch: master
commit 4d364b68215f1380b66164f3f0e4bdadc154d08f
Author: Werner Lemberg <wl@gnu.org>
Commit: Werner Lemberg <wl@gnu.org>
[woff2] Fix segfault.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23402
* src/sfnt/sfwoff2.c (get_x_mins): Check whether `loca' table
exists.
---
ChangeLog | 11 +++++++++++
src/sfnt/sfwoff2.c | 6 ++++++
2 files changed, 17 insertions(+)
diff --git a/ChangeLog b/ChangeLog
index afe932d..950c19c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,14 @@
+2020-06-19 Werner Lemberg <wl@gnu.org>
+
+ [woff2] Fix segfault.
+
+ Reported as
+
+ https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=23402
+
+ * src/sfnt/sfwoff2.c (get_x_mins): Check whether `loca' table
+ exists.
+
2020-06-19 Stephen McDowell <svenevs.dev@gmail.com>
[sfnt] Support Intel compilers.
diff --git a/src/sfnt/sfwoff2.c b/src/sfnt/sfwoff2.c
index 3f59044..781b932 100644
--- a/src/sfnt/sfwoff2.c
+++ b/src/sfnt/sfwoff2.c
@@ -1286,6 +1286,12 @@
return FT_THROW( Invalid_Table );
}
+ if ( !info->loca_table )
+ {
+ FT_ERROR(( "`loca' table is missing.\n" ));
+ return FT_THROW( Invalid_Table );
+ }
+
/* Read `numGlyphs' field from `maxp' table. */
if ( FT_STREAM_SEEK( maxp_table->src_offset ) || FT_STREAM_SKIP( 8 ) )
return error;
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [freetype2] master 4d364b6: [woff2] Fix segfault.,
Werner LEMBERG <=