[cff] Don't use any values in decoder after parsing error.

* src/cff/cffgload.c (cff_slot_load): Skip the evaluations
of the values in decoder, if cff_decoder_parse_charstrings()
returns any error.
This commit is contained in:
suzuki toshiya 2010-08-05 17:10:32 +09:00
parent 45a3c76b54
commit d9b3e39484
2 changed files with 45 additions and 32 deletions

View File

@ -1,3 +1,11 @@
2010-08-05 suzuki toshiya <mpsuzuki@hiroshima-u.ac.jp>
[cff] Don't use any values in decoder after parsing error.
* src/cff/cffgload.c (cff_slot_load): Skip the evaluations
of the values in decoder, if cff_decoder_parse_charstrings()
returns any error.
2010-08-04 Werner Lemberg <wl@gnu.org> 2010-08-04 Werner Lemberg <wl@gnu.org>
Fix Savannah bug #30644. Fix Savannah bug #30644.
@ -11,7 +19,7 @@
* devel/ftoption.h: Synchronize with * devel/ftoption.h: Synchronize with
include/freetype/config/ftoption.h. include/freetype/config/ftoption.h.
2010-08-04 Suzuki, Toshiya (鈴木俊哉) <mpsuzuki@hiroshima-u.ac.jp> 2010-08-04 suzuki toshiya <mpsuzuki@hiroshima-u.ac.jp>
[cff] Improve stack overflow test. [cff] Improve stack overflow test.

View File

@ -2731,48 +2731,53 @@
/* now load the unscaled outline */ /* now load the unscaled outline */
error = cff_get_glyph_data( face, glyph_index, error = cff_get_glyph_data( face, glyph_index,
&charstring, &charstring_len ); &charstring, &charstring_len );
if ( !error ) if ( error )
{ goto Glyph_Build_Finished;
error = cff_decoder_prepare( &decoder, size, glyph_index );
if ( !error )
{
error = cff_decoder_parse_charstrings( &decoder,
charstring,
charstring_len );
cff_free_glyph_data( face, &charstring, charstring_len ); error = cff_decoder_prepare( &decoder, size, glyph_index );
if ( error )
goto Glyph_Build_Finished;
error = cff_decoder_parse_charstrings( &decoder,
charstring,
charstring_len );
cff_free_glyph_data( face, &charstring, charstring_len );
if ( error )
goto Glyph_Build_Finished;
#ifdef FT_CONFIG_OPTION_INCREMENTAL #ifdef FT_CONFIG_OPTION_INCREMENTAL
/* Control data and length may not be available for incremental */ /* Control data and length may not be available for incremental */
/* fonts. */ /* fonts. */
if ( face->root.internal->incremental_interface ) if ( face->root.internal->incremental_interface )
{ {
glyph->root.control_data = 0; glyph->root.control_data = 0;
glyph->root.control_len = 0; glyph->root.control_len = 0;
} }
else else
#endif /* FT_CONFIG_OPTION_INCREMENTAL */ #endif /* FT_CONFIG_OPTION_INCREMENTAL */
/* We set control_data and control_len if charstrings is loaded. */ /* We set control_data and control_len if charstrings is loaded. */
/* See how charstring loads at cff_index_access_element() in */ /* See how charstring loads at cff_index_access_element() in */
/* cffload.c. */ /* cffload.c. */
{ {
CFF_Index csindex = &cff->charstrings_index; CFF_Index csindex = &cff->charstrings_index;
if ( csindex->offsets ) if ( csindex->offsets )
{ {
glyph->root.control_data = csindex->bytes + glyph->root.control_data = csindex->bytes +
csindex->offsets[glyph_index] - 1; csindex->offsets[glyph_index] - 1;
glyph->root.control_len = charstring_len; glyph->root.control_len = charstring_len;
}
}
} }
} }
/* save new glyph tables */ Glyph_Build_Finished:
cff_builder_done( &decoder.builder ); /* save new glyph tables, if no error */
if ( !error )
cff_builder_done( &decoder.builder );
/* XXX: anything to do for broken glyph entry? */
} }
#ifdef FT_CONFIG_OPTION_INCREMENTAL #ifdef FT_CONFIG_OPTION_INCREMENTAL