Temporal fix for 32bit unsigned long overflow on LP64 platform

2007-03-22 05:23:53 +00:00 · 2007-03-22 05:23:53 +00:00 · dabf0535a8
parent 4bcf957406
commit dabf0535a8
2 changed files with 22 additions and 1 deletions
--- a/7
+++ b/7
@ -1,3 +1,10 @@
+2007-03-22  suzuki toshiya  <mpsuzuki@hiroshima-u.ac.jp>
+
+	* builds/unix/ftsystem.c (FT_Stream_Open): Temporal fix to prevent
+	32bit unsigned long overflow by 64bit filesize on LP64 platform,
+	proposed by Sean McBride:
+	http://lists.gnu.org/archive/html/freetype-devel/2007-03/msg00032.html
+
 2007-03-22  suzuki toshiya  <mpsuzuki@hiroshima-u.ac.jp>

 	* builds/unix/ftconfig.in: Suppress SGI compiler's warning against
--- a/builds/unix/ftsystem.c
+++ b/builds/unix/ftsystem.c
@ -266,7 +266,21 @@
      goto Fail_Map;
    }

-    stream->size = stat_buf.st_size;
+    /* XXX: TODO -- real 64bit platform support                        */
+    /* stream->size is typed to unsigned long (freetype/ftsystem.h)    */
+    /* stat_buf.st_size is usually typed to off_t (sys/stat.h)         */
+    /* On some platforms, the former is 32bit and the latter is 64bit. */
+    /* To avoid overflow caused by font in huge file larger than 2G,   */
+    /* do a test. Temporal fix proposed by Sean McBride                */
+    /*                                                                 */
+    if ( stat_buf.st_size > ULONG_MAX )
+    {
+      FT_ERROR(( "FT_Stream_Open: file is too big" ));
+      goto Fail_Map;
+    }
+
+    /* This cast potentially truncates a 64bit to 32bit! */
+    stream->size = (unsigned long)stat_buf.st_size;
    stream->pos  = 0;
    stream->base = (unsigned char *)mmap( NULL,
                                          stream->size,