[base] Refuse to render enormous outlines (#47114).
The goal is to avoid integer overflows in the rendering algorithms. The limit is chosen arbitrarily at some 2^18 pixels, which should be enough for modern devices including printers. * src/base/ftoutln.c (FT_Outline_Render): Check CBox and reject enormous outlines.
This commit is contained in:
parent
d0b0e31ed7
commit
495de6cc72
11
ChangeLog
11
ChangeLog
|
@ -1,3 +1,14 @@
|
|||
2016-03-06 Alexei Podtelezhnikov <apodtele@gmail.com>
|
||||
|
||||
[base] Refuse to render enormous outlines (#47114).
|
||||
|
||||
The goal is to avoid integer overflows in the rendering algorithms.
|
||||
The limit is chosen arbitrarily at some 2^18 pixels, which should be
|
||||
enough for modern devices including printers.
|
||||
|
||||
* src/base/ftoutln.c (FT_Outline_Render): Check CBox and reject
|
||||
enormous outlines.
|
||||
|
||||
2016-03-06 Alexei Podtelezhnikov <apodtele@gmail.com>
|
||||
|
||||
[smooth] Replace left shifts with multiplications (#47114).
|
||||
|
|
|
@ -618,6 +618,7 @@
|
|||
FT_Error error;
|
||||
FT_Renderer renderer;
|
||||
FT_ListNode node;
|
||||
FT_BBox cbox;
|
||||
|
||||
|
||||
if ( !library )
|
||||
|
@ -629,6 +630,11 @@
|
|||
if ( !params )
|
||||
return FT_THROW( Invalid_Argument );
|
||||
|
||||
FT_Outline_Get_CBox( outline, &cbox );
|
||||
if ( cbox.xMin < -0x1000000L || cbox.yMin < -0x1000000L ||
|
||||
cbox.xMax > 0x1000000L || cbox.yMax > 0x1000000L )
|
||||
return FT_THROW( Invalid_Outline );
|
||||
|
||||
renderer = library->cur_renderer;
|
||||
node = library->renderers.head;
|
||||
|
||||
|
|
Loading…
Reference in New Issue