[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[freetype2] master 4270e9f: Avoid more nullptr offset UBSan warnings (#5
|
From: |
Werner LEMBERG |
|
Subject: |
[freetype2] master 4270e9f: Avoid more nullptr offset UBSan warnings (#57316). |
|
Date: |
Fri, 29 Nov 2019 00:27:31 -0500 (EST) |
branch: master
commit 4270e9f3243079bb90b6af618ed4d4fd31266412
Author: Dominik Röttsches <address@hidden>
Commit: Werner Lemberg <address@hidden>
Avoid more nullptr offset UBSan warnings (#57316).
* src/base/ftoutln.c (FT_Outline_Transform): Bail on empty points.
* src/cff/cffload.c (cff_subfont_load): Use `FT_OFFSET'.
* src/psaux/psft.c (cf2_decoder_parse_substrings): Early out if
`charstring_base' or `charstring_len' are null.
* src/sfnt/ttload.c (tt_face_load_name): Use `FT_OFFSET'.
---
ChangeLog | 10 ++++++++++
src/base/ftoutln.c | 2 +-
src/cff/cffload.c | 2 +-
src/psaux/psft.c | 5 ++++-
src/sfnt/ttload.c | 2 +-
5 files changed, 17 insertions(+), 4 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index e5cb51c..454b8ae 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,13 @@
+2019-11-29 Dominik Röttsches <address@hidden>
+
+ Avoid more nullptr offset UBSan warnings (#57316).
+
+ * src/base/ftoutln.c (FT_Outline_Transform): Bail on empty points.
+ * src/cff/cffload.c (cff_subfont_load): Use `FT_OFFSET'.
+ * src/psaux/psft.c (cf2_decoder_parse_substrings): Early out if
+ `charstring_base' or `charstring_len' are null.
+ * src/sfnt/ttload.c (tt_face_load_name): Use `FT_OFFSET'.
+
2019-11-23 John Stracke <address@hidden>
[base] Really fix #57194.
diff --git a/src/base/ftoutln.c b/src/base/ftoutln.c
index 0e2ba34..cf99bbc 100644
--- a/src/base/ftoutln.c
+++ b/src/base/ftoutln.c
@@ -711,7 +711,7 @@
FT_Vector* limit;
- if ( !outline || !matrix )
+ if ( !outline || !matrix || !outline->points )
return;
vec = outline->points;
diff --git a/src/cff/cffload.c b/src/cff/cffload.c
index 12efd18..ce02d6d 100644
--- a/src/cff/cffload.c
+++ b/src/cff/cffload.c
@@ -2057,7 +2057,7 @@
if ( !error )
{
FT_TRACE4(( " top dictionary:\n" ));
- error = cff_parser_run( &parser, dict, dict + dict_len );
+ error = cff_parser_run( &parser, dict, FT_OFFSET( dict, dict_len ) );
}
/* clean up regardless of error */
diff --git a/src/psaux/psft.c b/src/psaux/psft.c
index 54be468..a823ac8 100644
--- a/src/psaux/psft.c
+++ b/src/psaux/psft.c
@@ -313,9 +313,12 @@
FT_Error error = FT_Err_Ok;
CF2_Font font;
- FT_Bool is_t1 = decoder->builder.is_t1;
+ FT_Bool is_t1 = decoder->builder.is_t1;
+ if ( !charstring_base || !charstring_len )
+ return FT_ERR( Invalid_File_Format );
+
FT_ASSERT( decoder &&
( is_t1 || decoder->cff ) );
diff --git a/src/sfnt/ttload.c b/src/sfnt/ttload.c
index 15b01a8..cf53924 100644
--- a/src/sfnt/ttload.c
+++ b/src/sfnt/ttload.c
@@ -924,7 +924,7 @@
/* load language tags */
{
TT_LangTag entry = table->langTags;
- TT_LangTag limit = entry + table->numLangTagRecords;
+ TT_LangTag limit = FT_OFFSET( entry, table->numLangTagRecords );
for ( ; entry < limit; entry++ )
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [freetype2] master 4270e9f: Avoid more nullptr offset UBSan warnings (#57316).,
Werner LEMBERG <=