freetype/src/cff
Armin Hasitzka 6986ddac1e [cff] Fix boundary checks.
642bc7590c701c8cd35a9f60fa899cfa518b17ff introduced dynamically
allocated memory when parsing CFF files with the "old" engine.  Bounds
checks have never been updated, however, leading to pointless
comparisons of pointers in some cases.  This commit presents a
solution for bounds checks in the CFF module with an extended logic
for the "old" engine while staying as concise as possible for the
"new" one.

* src/cff/cffparse.h: Introduce the struct `CFF_T2_StringRec' and
the additional field `t2_strings' within `CFF_ParserRec'.

* src/cff/cffparse.c (cff_parser_within_limits): Move all boundary
checks into this new function and update the rest of `cffparse.c' to
use it.

Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12137
2019-03-31 11:08:49 +01:00
..
cff.c Update all copyright notices. 2019-02-23 10:07:09 +01:00
cffcmap.c Update all copyright notices. 2019-02-23 10:07:09 +01:00
cffcmap.h Update all copyright notices. 2019-02-23 10:07:09 +01:00
cffdrivr.c Update all copyright notices. 2019-02-23 10:07:09 +01:00
cffdrivr.h Update all copyright notices. 2019-02-23 10:07:09 +01:00
cfferrs.h Update all copyright notices. 2019-02-23 10:07:09 +01:00
cffgload.c Update all copyright notices. 2019-02-23 10:07:09 +01:00
cffgload.h Update all copyright notices. 2019-02-23 10:07:09 +01:00
cffload.c Update all copyright notices. 2019-02-23 10:07:09 +01:00
cffload.h Update all copyright notices. 2019-02-23 10:07:09 +01:00
cffobjs.c Update all copyright notices. 2019-02-23 10:07:09 +01:00
cffobjs.h Update all copyright notices. 2019-02-23 10:07:09 +01:00
cffparse.c [cff] Fix boundary checks. 2019-03-31 11:08:49 +01:00
cffparse.h [cff] Fix boundary checks. 2019-03-31 11:08:49 +01:00
cfftoken.h Update all copyright notices. 2019-02-23 10:07:09 +01:00
Jamfile Update all copyright notices. 2019-02-23 10:07:09 +01:00
module.mk Update all copyright notices. 2019-02-23 10:07:09 +01:00
rules.mk Update all copyright notices. 2019-02-23 10:07:09 +01:00