Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:13.1:Update
freetype2
CVE-2014-9666.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2014-9666.patch of Package freetype2
From 257c270bd25e15890190a28a1456e7623bba4439 Mon Sep 17 00:00:00 2001 From: Werner Lemberg <wl@gnu.org> Date: Wed, 12 Nov 2014 20:42:13 +0000 Subject: [sfnt] Fix Savannah bug #43591. * src/sfnt/ttsbit.c (tt_sbit_decoder_init): Protect against addition and multiplication overflow. --- diff --git a/src/sfnt/ttsbit.c b/src/sfnt/ttsbit.c index da6b01b..b37bd7d 100644 --- a/src/sfnt/ttsbit.c +++ b/src/sfnt/ttsbit.c @@ -394,9 +394,11 @@ p += 34; decoder->bit_depth = *p; - if ( decoder->strike_index_array > face->sbit_table_size || - decoder->strike_index_array + 8 * decoder->strike_index_count > - face->sbit_table_size ) + /* decoder->strike_index_array + */ + /* 8 * decoder->strike_index_count > face->sbit_table_size ? */ + if ( decoder->strike_index_array > face->sbit_table_size || + decoder->strike_index_count > + ( face->sbit_table_size - decoder->strike_index_array ) / 8 ) error = FT_THROW( Invalid_File_Format ); } -- cgit v0.9.0.2
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
