rpms/fontforge
6
0
Fork 0
Code Issues Pull Requests Releases Activity

Array bounds patch for reading PDFs

Browse Source
This commit is contained in:
Paul Flo Williams 2013-02-07 17:57:01 +00:00
parent b0a0299d10
commit cb37f7c0f8
2 changed files with 43 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
fontforge-20120731-pdf-bounds.patch Normal file
View File

@ -0,0 +1,37 @@
--- fontforge-20120731-b/fontforge/parsepdf.c 2012-08-02 16:09:09.000000000 +0100
+++ fontforge-20120731-b-new/fontforge/parsepdf.c 2013-02-07 17:44:05.371466086 +0000
@@ -1691,9 +1691,9 @@
/* to "Unicode" values it specifies rather than to the real order in which the glyphs are */
/* stored in the file */
pos = cmap_from_cid || sf->map == NULL ? gid : sf->map->map[gid];
- sc = sf->glyphs[pos];
- if (pos >= 0 && pos < sf->glyphcnt && (sc->unicodeenc != uvals[0] || nuni > 1)) {
+ if (pos >= 0 && pos < sf->glyphcnt && (sf->glyphs[pos]->unicodeenc != uvals[0] || nuni > 1)) {
+ sc = sf->glyphs[pos];
/* Sometimes FF instead of assigning proper Unicode values to TTF glyphs keeps */
/* them encoded to the same codepoint, but creates for each glyph an alternate */
/* encoding, corresponding to the position this glyph has in the font's encoding */
@@ -1723,6 +1723,7 @@
FILE *file;
int i, j, gid, start, end, uni, cur=0, nuni, nhex, nchars, lo, *uvals;
long *mappings;
+ size_t num_mappings;
char tok[200], *ccval, prevtok[200];
SplineFont *sf = basesf->subfontcnt > 0 ? basesf->subfonts[0] : basesf;
@@ -1733,9 +1734,14 @@
return;
rewind(file);
+ num_mappings = sf->glyphcnt;
mappings = gcalloc(sf->glyphcnt,sizeof(long));
while ( pdf_getprotectedtok(file,tok) >= 0 ) {
if ( strcmp(tok,"beginbfchar") == 0 && sscanf(prevtok,"%d",&nchars)) {
+ if (cur + nchars >= num_mappings) {
+ num_mappings = cur + nchars;
+ mappings = grealloc(mappings, num_mappings * sizeof(long));
+ }
for (i=0; i<nchars; i++) {
if (pdf_skip_brackets(file,tok) >= 0 && sscanf(tok,"%x",&gid) &&
pdf_skip_brackets(file,tok) >= 0 && sscanf(tok,"%lx",&mappings[cur])) {

7
fontforge.spec
View File

@ -5,7 +5,7 @@
Name: fontforge Name: fontforge
Version: 20120731b Version: 20120731b
Release: 3%{?dist} Release: 4%{?dist}
Summary: Outline and bitmap font editor Summary: Outline and bitmap font editor
Group: Applications/Publishing Group: Applications/Publishing
@ -14,6 +14,7 @@ URL: http://fontforge.sourceforge.net/
Source0: http://downloads.sourceforge.net/fontforge/fontforge_full-%{archive_version}.tar.bz2 Source0: http://downloads.sourceforge.net/fontforge/fontforge_full-%{archive_version}.tar.bz2
Source2: http://downloads.sourceforge.net/fontforge/fontforge_htdocs-%{archive_version}.tar.bz2 Source2: http://downloads.sourceforge.net/fontforge/fontforge_htdocs-%{archive_version}.tar.bz2
Patch1: fontforge-20090224-pythondl.patch Patch1: fontforge-20090224-pythondl.patch
Patch2: fontforge-20120731-pdf-bounds.patch
Requires: xdg-utils Requires: xdg-utils
Requires: autotrace Requires: autotrace
@ -54,6 +55,7 @@ to compile applications against fontforge.
%setup -q -n %{name}-%{archive_version} %setup -q -n %{name}-%{archive_version}
%patch1 -p1 %patch1 -p1
%patch2 -p1
mkdir htdocs mkdir htdocs
tar xjf %{SOURCE2} -C htdocs tar xjf %{SOURCE2} -C htdocs
@ -146,6 +148,9 @@ fi
%{_libdir}/pkgconfig/*.pc %{_libdir}/pkgconfig/*.pc
%changelog %changelog
* Thu Feb 07 2013 Paul Flo Williams <paul@frixxon.co.uk> - 20120731b-4
- Patch for bug #902089, out-of-bounds errors while reading PDFs
* Fri Jan 18 2013 Adam Tkac <atkac redhat com> - 20120731b-3 * Fri Jan 18 2013 Adam Tkac <atkac redhat com> - 20120731b-3
- rebuild due to "jpeg8-ABI" feature drop - rebuild due to "jpeg8-ABI" feature drop