[base] Improve sanity check for Mac resources (#49888).

* src/base/ftobjs.c (Mac_Read_sfnt_Resource): Abort if `rlen' is not positive.
2016-12-21 06:52:23 +01:00 · 2016-12-21 06:52:23 +01:00 · 57a6733dcf
parent ded4bdb5d0
commit 57a6733dcf
2 changed files with 8 additions and 1 deletions
--- a/7
+++ b/7
@ -1,3 +1,10 @@
+2016-12-21  Werner Lemberg  <wl@gnu.org>
+
+	[base] Improve sanity check for Mac resources (#49888).
+
+	* src/base/ftobjs.c (Mac_Read_sfnt_Resource): Abort if `rlen' is not
+	positive.
+
 2016-12-20  Werner Lemberg  <wl@gnu.org>

 	[base] More sanity checks for Mac resources.
--- a/src/base/ftobjs.c
+++ b/src/base/ftobjs.c
@ -1842,7 +1842,7 @@

    if ( FT_READ_LONG( rlen ) )
      goto Exit;
-    if ( rlen == -1 )
+    if ( rlen < 1 )
      return FT_THROW( Cannot_Open_Resource );
    if ( (FT_ULong)rlen > FT_MAC_RFORK_MAX_LEN )
      return FT_THROW( Invalid_Offset );