Avoid invalid face index

Resolves: #2079271
This commit is contained in:
Marek Kasik 2022-05-26 12:53:16 +02:00
parent dd4582b7b6
commit 3f727d614f
2 changed files with 52 additions and 1 deletions

View File

@ -0,0 +1,43 @@
From 53dfdcd8198d2b3201a23c4bad9190519ba918db Mon Sep 17 00:00:00 2001
From: Werner Lemberg <wl@gnu.org>
Date: Thu, 17 Mar 2022 19:24:16 +0100
Subject: [PATCH] [sfnt] Avoid invalid face index.
Fixes #1138.
* src/sfnt/sfobjs.c (sfnt_init_face), src/sfnt/sfwoff2.c (woff2_open_font):
Check `face_index` before decrementing.
---
src/sfnt/sfobjs.c | 2 +-
src/sfnt/sfwoff2.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/sfnt/sfobjs.c b/src/sfnt/sfobjs.c
index f9d4d3858..9771c35df 100644
--- a/src/sfnt/sfobjs.c
+++ b/src/sfnt/sfobjs.c
@@ -566,7 +566,7 @@
face_index = FT_ABS( face_instance_index ) & 0xFFFF;
/* value -(N+1) requests information on index N */
- if ( face_instance_index < 0 )
+ if ( face_instance_index < 0 && face_index > 0 )
face_index--;
if ( face_index >= face->ttc_header.count )
diff --git a/src/sfnt/sfwoff2.c b/src/sfnt/sfwoff2.c
index cb1e0664a..165b875e5 100644
--- a/src/sfnt/sfwoff2.c
+++ b/src/sfnt/sfwoff2.c
@@ -2085,7 +2085,7 @@
/* Validate requested face index. */
*num_faces = woff2.num_fonts;
/* value -(N+1) requests information on index N */
- if ( *face_instance_index < 0 )
+ if ( *face_instance_index < 0 && face_index > 0 )
face_index--;
if ( face_index >= woff2.num_fonts )
--
2.35.1

View File

@ -4,7 +4,7 @@
Summary: A free and portable font rendering engine
Name: freetype
Version: 2.10.4
Release: 6%{?dist}
Release: 7%{?dist}
License: (FTL or GPLv2+) and BSD and MIT and Public Domain and zlib with acknowledgement
URL: http://www.freetype.org
Source: http://download.savannah.gnu.org/releases/freetype/freetype-%{version}.tar.xz
@ -32,6 +32,9 @@ Patch7: freetype-2.10.4-png-memory-leak.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=1964066
Patch8: freetype-2.10.4-covscan.patch
# https://bugzilla.redhat.com/show_bug.cgi?id=2077989
Patch9: freetype-2.10.4-avoid-invalid-face-index.patch
BuildRequires: gcc
BuildRequires: libX11-devel
BuildRequires: libpng-devel
@ -96,6 +99,7 @@ popd
%patch6 -p1 -b .debughook
%patch7 -p1 -b .png-memory-leak
%patch8 -p1 -b .covscan
%patch9 -p1 -b .avoid-invalid-face-index
%build
@ -237,6 +241,10 @@ rm -f $RPM_BUILD_ROOT%{_libdir}/*.{a,la}
%{_mandir}/man1/*
%changelog
* Thu May 26 2022 Marek Kasik <mkasik@redhat.com> - 2.10.4-7
- Avoid invalid face index
- Resolves: #2079271
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 2.10.4-6
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688