rpms/fontforge
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import fontforge-20170731-15.el8

Browse Source
This commit is contained in:
CentOS Sources 2020-11-03 07:03:10 -05:00 committed by Andrew Lukoshko
parent 318d73cd61
commit d7328f7488
2 changed files with 35 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
SOURCES/fontforge-20170731-cve-2020-5395-followup-fix.patch Normal file
View File

@ -0,0 +1,28 @@
From b96273acc691ac8a36c6a8dd4de8e6edd7eaae59 Mon Sep 17 00:00:00 2001
From: Fredrick Brennan <copypaste@kittens.ph>
Date: Tue, 21 Jan 2020 15:16:00 +0800
Subject: [PATCH] Fix crash on exit introduced in previous commit
When the number of layers is greater than 2, as in Chomsky.sfd and most
of my other fonts, FontForge will crash on exiting.
This is just a simple mistake @skef made.
---
fontforge/sfd.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fontforge/sfd.c b/fontforge/sfd.c
index e8ca39ba83..9517d8cb12 100644
--- a/fontforge/sfd.c
+++ b/fontforge/sfd.c
@@ -7998,9 +7998,9 @@ bool SFD_GetFontMetaData( FILE *sfd,
int layer_cnt_tmp;
getint(sfd,&layer_cnt_tmp);
if ( layer_cnt_tmp>2 ) {
+ sf->layer_cnt = layer_cnt_tmp;
sf->layers = realloc(sf->layers,sf->layer_cnt*sizeof(LayerInfo));
memset(sf->layers+2,0,(sf->layer_cnt-2)*sizeof(LayerInfo));
- sf->layer_cnt = layer_cnt_tmp;
}
}
else if ( strmatch(tok,"Layer:")==0 )

8
SPECS/fontforge.spec
View File

@ -4,7 +4,7 @@
Name: fontforge Name: fontforge
Version: %{gittag0} Version: %{gittag0}
Release: 14%{?dist} Release: 15%{?dist}
Summary: Outline and bitmap font editor Summary: Outline and bitmap font editor
License: GPLv3+ License: GPLv3+
@ -18,7 +18,10 @@ Patch0: fontforge-20140813-use-system-uthash.patch
Patch1: Add-python3-support.patch Patch1: Add-python3-support.patch
Patch2: fontforge-20170731-covscan-issue-fix.patch Patch2: fontforge-20170731-covscan-issue-fix.patch
Patch3: fontforge-20170731-override-upstream-optimization-flags-splinerefigure-c.patch Patch3: fontforge-20170731-override-upstream-optimization-flags-splinerefigure-c.patch
# https://github.com/fontforge/fontforge/issues/4084
Patch4: fontforge-20170731-cve-2020-5395.patch Patch4: fontforge-20170731-cve-2020-5395.patch
# https://github.com/fontforge/fontforge/issues/4164
Patch5: fontforge-20170731-cve-2020-5395-followup-fix.patch
Requires: xdg-utils Requires: xdg-utils
Requires: autotrace Requires: autotrace
@ -158,6 +161,9 @@ chmod 644 $RPM_BUILD_ROOT%{_datadir}/fontforge/nodejs/collabwebview/js/contentEd
%doc htdocs %doc htdocs
%changelog %changelog
* Wed Apr 08 2020 Parag Nemade <pnemade AT redhat DOT com> - 20170731-15
- Resolves:rh#1821664 - CVE-2020-5395:out-of-bounds write in sfd.c
* Thu Jan 16 2020 Parag Nemade <pnemade AT redhat DOT com> - 20170731-14 * Thu Jan 16 2020 Parag Nemade <pnemade AT redhat DOT com> - 20170731-14
- Resolves:rh#1790974 - CVE-2020-5395:out-of-bounds write in sfd.c - Resolves:rh#1790974 - CVE-2020-5395:out-of-bounds write in sfd.c