* src/truetype/ttinterp.c (TT_RunIns): Adjust loop counter again.
Problem reported by Marek Kašík <mkasik@redhat.com>. The problematic font that exceeds the old limit is Padauk-Bold, version 3.002, containing bytecode generated by a buggy version of ttfautohint.
This commit is contained in:
parent
e66d7300fe
commit
8d435c463d
10
ChangeLog
10
ChangeLog
|
@ -1,3 +1,13 @@
|
||||||
|
2017-06-01 Werner Lemberg <wl@gnu.org>
|
||||||
|
|
||||||
|
* src/truetype/ttinterp.c (TT_RunIns): Adjust loop counter again.
|
||||||
|
|
||||||
|
Problem reported by Marek Kašík <mkasik@redhat.com>.
|
||||||
|
|
||||||
|
The problematic font that exceeds the old limit is Padauk-Bold,
|
||||||
|
version 3.002, containing bytecode generated by a buggy version of
|
||||||
|
ttfautohint.
|
||||||
|
|
||||||
2017-05-31 Werner Lemberg <wl@gnu.org>
|
2017-05-31 Werner Lemberg <wl@gnu.org>
|
||||||
|
|
||||||
[cff] 32bit integer overflow run-time errors 2/2 (#46149).
|
[cff] 32bit integer overflow run-time errors 2/2 (#46149).
|
||||||
|
|
|
@ -7649,8 +7649,7 @@
|
||||||
FT_MAX( 50,
|
FT_MAX( 50,
|
||||||
exc->cvtSize / 10 );
|
exc->cvtSize / 10 );
|
||||||
else
|
else
|
||||||
exc->loopcall_counter_max = FT_MAX( 100,
|
exc->loopcall_counter_max = 300 + 8 * exc->cvtSize;
|
||||||
10 * exc->cvtSize );
|
|
||||||
|
|
||||||
/* as a protection against an unreasonable number of CVT entries */
|
/* as a protection against an unreasonable number of CVT entries */
|
||||||
/* we assume at most 100 control values per glyph for the counter */
|
/* we assume at most 100 control values per glyph for the counter */
|
||||||
|
|
Loading…
Reference in New Issue