diff --git a/ChangeLog b/ChangeLog index a85224ece..811bafe35 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,9 @@ +2008-08-28 Werner Lemberg + + * src/type1/t1load.c (parse_encoding): Protect against infinite + loop. This fixes Savannah bug #24150 (where a patch has been posted + too). + 2008-08-23 Werner Lemberg * src/type/t1afm.c (compare_kern_pairs), src/pxaux/afmparse.c diff --git a/src/type1/t1load.c b/src/type1/t1load.c index 9d7c748b3..624df4d94 100644 --- a/src/type1/t1load.c +++ b/src/type1/t1load.c @@ -1274,6 +1274,19 @@ n++; } + else if ( only_immediates ) + { + /* Since the current position is not updated for */ + /* immediates-only mode we would get an infinite loop if */ + /* we don't do anything here. */ + /* */ + /* This encoding array is not valid according to the type1 */ + /* specification (it might be an encoding for a CID type1 */ + /* font, however), so we conclude that this font is NOT a */ + /* type1 font. */ + parser->root.error = FT_Err_Unknown_File_Format; + return; + } } else {