ReFuel/freetype
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
3,814 Commits 2 Branches 117 Tags 37 MiB
86c3c69c15
Commit Graph

12 Commits

Author SHA1 Message Date
Tomas Hoger
86c3c69c15 Protect against loops in the prefix table. 
LZW decompressor did not sufficiently check codes read from the
input LZW stream.  A specially-crafted or corrupted input could
create a loop in the prefix table, which leads to memory usage
spikes, as there's no decompression stack size limit.

* src/lzw/ftzopen.c (ft_lzwstate_io) <FT_LZW_PHASE_START>: First
code in valid LZW stream must be 0..255.
<FT_LZW_PHASE_CODE>: In the special KwKwK case, code == free_ent,
code > free_ent is invalid.
 2011-09-11 09:08:40 +02:00
suzuki toshiya
f420757c73 lzw: Count the size of the memory object by ptrdiff_t. 2009-08-01 00:30:14 +09:00
Werner Lemberg
a49db4f866 Copyright. 2009-03-20 07:30:43 +01:00
Werner Lemberg
0a05ba257b Protect against malformed compressed data. 
Problem reported by Tavis Ormandy <taviso@google.com>.

* src/lsw/ftzopen.c (ft_lzwstate_io): Test whether `state->prefix' is
zero.
 2009-03-20 07:19:45 +01:00
Werner Lemberg
1c8980ef4a * docs/CHANGES: Updated. 
Formatting.
 2007-05-25 07:11:12 +00:00
David Turner
3e2f953a10 real fix for bug #19910. the .Z format is really badly designed :-( 2007-05-22 13:10:59 +00:00
David Turner
0d0365ec59 avoid heap explosion in the case of malformed .Z font files 
related to bug #19910, but not a bugfix yet
 2007-05-22 09:53:44 +00:00
Werner Lemberg
c6afa1221a * include/freetype/internal/ftmemory.h: s/new/newsz/ (for C++). 
(FT_ALLOC): Remove redundant redefinition.

* builds/compiler/gcc-dev.mk (CFLAGS) [g++]: Don't use
`-Wstrict-prototypes'.

* src/base/ftstream.c (FT_Stream_EnterFrame): Add cast.

Formatting, copyright years.
 2006-05-02 22:22:16 +00:00
David Turner
9ca782569c * include/freetype/internal/ftmemory.h, src/base/ftbitmap.c, 
src/base/ftmac.c, src/base/ftrfork.c, src/lzw/ftzopen.c,
    src/raster/ftrend1.c, src/sfnt/ttpost.c, src/truetype/ttgxvar.c,
    src/type42/t42parse.c, src/winfonts/winfnt.c: hardening the code
    against out-of-bounds conditions when allocating arrays. This is
    for the cases where FT_NEW_ARRAY and FT_RENEW_ARRAY are not used
    already. Introducing the new FT_ALLOC_MULT and FT_REALLOC_MULT
    macros.
 2006-05-02 09:00:29 +00:00
Werner Lemberg
84cacd2391 formatting, comment clean-up 2005-10-23 19:25:41 +00:00
Werner Lemberg
560d5fed38 Minor cleanups. 
Copyright issues.
 2005-10-21 09:08:28 +00:00
David Turner
c1b6d08291 * src/base/ftdbgmem.c: fixes to better account for memory reallocations 
* src/lzw/ftlzw2.c, src/lzw/ftzopen.h, src/lzw/ftzopen.c, src/lzw/rules.mk:
    first version of LZW loader re-implementation. Apparently, saves about
    260 KB of heap memory when loading tir24.pcf.Z
 2005-10-20 15:33:34 +00:00