diff --git a/pdf/pdf_font.c b/pdf/pdf_font.c index 5f82b7f..6819cb7 100644 --- a/pdf/pdf_font.c +++ b/pdf/pdf_font.c @@ -297,22 +297,55 @@ pdfi_open_CIDFont_substitute_file(pdf_context *ctx, pdf_dict *font_dict, pdf_dic memcpy(fontfname, fsprefix, fsprefixlen); } else { - memcpy(fontfname, ctx->args.cidfsubstpath.data, ctx->args.cidfsubstpath.size); - fsprefixlen = ctx->args.cidfsubstpath.size; + if (ctx->args.cidfsubstpath.size + 1 > gp_file_name_sizeof) { + code = gs_note_error(gs_error_rangecheck); + pdfi_set_warning(ctx, code, NULL, W_PDF_BAD_CONFIG, "pdfi_open_CIDFont_substitute_file", "CIDFSubstPath parameter too long"); + if (ctx->args.pdfstoponwarning != 0) { + goto exit; + } + code = 0; + memcpy(fontfname, fsprefix, fsprefixlen); + } + else { + memcpy(fontfname, ctx->args.cidfsubstpath.data, ctx->args.cidfsubstpath.size); + fsprefixlen = ctx->args.cidfsubstpath.size; + } } if (ctx->args.cidfsubstfont.data == NULL) { int len = 0; - if (gp_getenv("CIDFSUBSTFONT", (char *)0, &len) < 0 && len + fsprefixlen + 1 < gp_file_name_sizeof) { - (void)gp_getenv("CIDFSUBSTFONT", (char *)(fontfname + fsprefixlen), &defcidfallacklen); + if (gp_getenv("CIDFSUBSTFONT", (char *)0, &len) < 0) { + if (len + fsprefixlen + 1 > gp_file_name_sizeof) { + code = gs_note_error(gs_error_rangecheck); + pdfi_set_warning(ctx, code, NULL, W_PDF_BAD_CONFIG, "pdfi_open_CIDFont_substitute_file", "CIDFSUBSTFONT environment variable too long"); + if (ctx->args.pdfstoponwarning != 0) { + goto exit; + } + code = 0; + memcpy(fontfname + fsprefixlen, defcidfallack, defcidfallacklen); + } + else { + (void)gp_getenv("CIDFSUBSTFONT", (char *)(fontfname + fsprefixlen), &defcidfallacklen); + } } else { memcpy(fontfname + fsprefixlen, defcidfallack, defcidfallacklen); } } else { - memcpy(fontfname, ctx->args.cidfsubstfont.data, ctx->args.cidfsubstfont.size); - defcidfallacklen = ctx->args.cidfsubstfont.size; + if (ctx->args.cidfsubstfont.size > gp_file_name_sizeof - 1) { + code = gs_note_error(gs_error_rangecheck); + pdfi_set_warning(ctx, code, NULL, W_PDF_BAD_CONFIG, "pdfi_open_CIDFont_substitute_file", "CIDFSubstFont parameter too long"); + if (ctx->args.pdfstoponwarning != 0) { + goto exit; + } + code = 0; + memcpy(fontfname + fsprefixlen, defcidfallack, defcidfallacklen); + } + else { + memcpy(fontfname, ctx->args.cidfsubstfont.data, ctx->args.cidfsubstfont.size); + defcidfallacklen = ctx->args.cidfsubstfont.size; + } } fontfname[fsprefixlen + defcidfallacklen] = '\0'; diff --git a/pdf/pdf_warnings.h b/pdf/pdf_warnings.h index 6402d8f..d1e0019 100644 --- a/pdf/pdf_warnings.h +++ b/pdf/pdf_warnings.h @@ -97,4 +97,5 @@ PARAM(W_PDF_MISMATCH_GENERATION, "The generation number of an indirectly refe PARAM(W_PDF_BAD_RENDERINGINTENT, "A ri or /RI used an unknown named rendering intent"), PARAM(W_PDF_BAD_VIEW, "Couldn't read the initial document view"), PARAM(W_PDF_BAD_WMODE, "A Font or CMap has a WMode which is neither 0 (horizontal) nor 1 (vertical)"), +PARAM(W_PDF_BAD_CONFIG, "A configuration or command line parameter was invalid or incorrect."), #undef PARAM