ReFuel/freetype
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
6,310 Commits 2 Branches 117 Tags 37 MiB
4e3b2473d8
Commit Graph

4 Commits

Author SHA1 Message Date
Werner Lemberg
a6b77ba2b3 [sfnt] Fix CPAL heap buffer overflow. 
Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8968

* src/sfnt/ttcpal.c (tt_face_load_cpal): Guard CPAL version 1
offsets.
 2018-06-19 20:09:31 +02:00
Werner Lemberg
7915fd51f1 Doh. Don't use CPAL or COLR data if tables are missing. 
Reported by Alexei.

* src/sfnt/ttcolr.c (tt_face_get_colr_layer): Return immediately if
`colr' is NULL.

* src/sfnt/ttcpal.c (tt_face_palette_set): Return immediately, if
`cpal' is NULL.
 2018-06-19 07:15:21 +02:00
Werner Lemberg
1079063701 [sfnt] Fix color palette loading. 
Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8933

* src/sfnt/ttcpal.c (Cpal): Add `table_size' field.
(tt_face_load_cpal): Set it.
(tt_face_palette_set): Check pointer limit for color entries.
 2018-06-16 21:45:13 +02:00
Werner Lemberg
a44e20879c [sfnt] Move `CPAL' stuff into separate files. 
* src/sfnt/sfdriver.c: Include `ttcpal.h'.
* src/sfnt/sfnt.c: Include `ttcpal.c'.

* src/sfnt/ttcolr.c, src/sfnt/ttcolr.h: Move CPAL stuff to ...
* src/sfnt/ttcpal.c, src/sfnt/ttcpal.c: ... these new files.

* src/sfnt/Jamfile (_sources), src/sfnt/rules.mk (SFNT_DRV_SRC):
Updated.

* include/freetype/internal/fttrace.h: Add support for `colr' and
`cpal'.
Sort entries.
 2018-06-14 11:32:47 +02:00