Overview

File fig2dev-3.2.6a-input-sanitizing.patch of Package transfig.8598

Description: Some input sanitizing when reading FIG files.
Bug-Debian: https://bugs.debian.org/881143
Bug-Debian: https://bugs.debian.org/881144
Author: Thomas Loimer <thomas.loimer@tuwien.ac.at>

---
 fig2dev/read.c    |    8 +++++++-
 fig2dev/read1_3.c |    9 +++++++++
 2 files changed, 16 insertions(+), 1 deletion(-)

--- a/fig2dev/read.c
+++ b/fig2dev/read.c	2017-11-22 14:03:05.317567191 +0000
@@ -1204,8 +1204,14 @@ FILE	*fp;
 				| PSFONT_TEXT;
 
 	/* keep the font number reasonable */
-	if (t->font > MAXFONT(t))
+	if (t->font > MAXFONT(t)) {
 		t->font = MAXFONT(t);
+	} else if (t->font < 0 ) {
+		if (psfont_text(t) && t->font < -1)
+			t->font = -1;
+		else
+			t->font = 0;
+	}
 	fix_color(&t->color);
 	t->comments = attach_comments();	/* attach any comments */
 	return t;
--- a/fig2dev/read1_3.c
+++ b/fig2dev/read1_3.c	2017-11-22 14:00:44.320187347 +0000
@@ -465,6 +465,15 @@ FILE	*fp;
 	    free((char*) t);
 	    return(NULL);
 	    }
+       /* keep the font number within valid range */
+       if (t->font > MAXFONT(t)) {
+               t->font = MAXFONT(t);
+       } else if (t->font < 0 ) {
+               if (psfont_text(t) && t->font < -1)
+                       t->font = -1;
+               else
+                       t->font = 0;
+       }
 	(void)strcpy(t->cstring, buf);
 	if (t->size == 0) t->size = 18;
 	return(t);
openSUSE Build Service is sponsored by
Places