Overview

File CVE-2012-1131.patch of Package freetype2

--- freetype-2.3.9/src/smooth/ftsmooth.c.orig	2012-04-12 14:39:52.981867628 +0200
+++ freetype-2.3.9/src/smooth/ftsmooth.c	2012-04-12 14:42:28.833878020 +0200
@@ -103,7 +103,7 @@
     FT_Error     error;
     FT_Outline*  outline = NULL;
     FT_BBox      cbox;
-    FT_UInt      width, height, height_org, width_org, pitch;
+    FT_Pos       width, height, height_org, width_org, pitch;
     FT_Bitmap*   bitmap;
     FT_Memory    memory;
     FT_Int       hmul = mode == FT_RENDER_MODE_LCD;
@@ -138,8 +138,8 @@
     cbox.xMax = FT_PIX_CEIL( cbox.xMax );
     cbox.yMax = FT_PIX_CEIL( cbox.yMax );
 
-    width  = (FT_UInt)( ( cbox.xMax - cbox.xMin ) >> 6 );
-    height = (FT_UInt)( ( cbox.yMax - cbox.yMin ) >> 6 );
+    width  = ( cbox.xMax - cbox.xMin ) >> 6;
+    height = ( cbox.yMax - cbox.yMin ) >> 6;
     bitmap = &slot->bitmap;
     memory = render->root.memory;
 
@@ -194,7 +194,7 @@
 
 #endif
 
-    if ( pitch > 0x7FFFU || height > 0x7FFFU )
+    if ( pitch > 0x7FFF || height > 0x7FFF )
     {
       FT_ERROR(( "ft_smooth_render_generic: glyph too large: %d x %d\n",
                  width, height ));
openSUSE Build Service is sponsored by
Places