minhngoc25a
/
freetype2
mirror of git://git.savannah.gnu.org/freetype/freetype2.git
2
1
Fork 2
Code Issues 4 Releases Wiki Activity

Protect against malformed compressed data. 

Problem reported by Tavis Ormandy <taviso@google.com>.

* src/lsw/ftzopen.c (ft_lzwstate_io): Test whether `state->prefix' is
zero.
This commit is contained in:
Werner Lemberg 2009-03-20 07:19:45 +01:00
parent 0545ec1ca3
commit 0a05ba257b
2 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
ChangeLog
View File

@ -1,3 +1,12 @@
2009-03-20 Werner Lemberg <wl@gnu.org>
Protect against malformed compressed data.
Problem reported by Tavis Ormandy <taviso@google.com>.
* src/lsw/ftzopen.c (ft_lzwstate_io): Test whether `state->prefix' is
zero.
2009-03-20 Werner Lemberg <wl@gnu.org>
Protect against invalid SID values in CFFs.

3
src/lzw/ftzopen.c
View File

@ -332,6 +332,9 @@
while ( code >= 256U )
{
if ( !state->prefix )
goto Eof;
FTLZW_STACK_PUSH( state->suffix[code - 256] );
code = state->prefix[code - 256];
}