Initial import

1 files changed, 29 insertions, 0 deletions

diff --git a/freetype-2.4.11-CVE-2014-9660.patch b/freetype-2.4.11-CVE-2014-9660.patch
new file mode 100644
index 000000000000..fc310f7ccfc8
--- /dev/null
+++ b/freetype-2.4.11-CVE-2014-9660.patch
@@ -0,0 +1,29 @@
+From af8346172a7b573715134f7a51e6c5c60fa7f2ab Mon Sep 17 00:00:00 2001
+From: Werner Lemberg <wl@gnu.org>
+Date: Sat, 22 Nov 2014 12:29:10 +0000
+Subject: [bdf] Fix Savannah bug #43660.
+
+* src/bdf/bdflib.c (_bdf_parse_glyphs) <"ENDFONT">: Check
+`_BDF_GLYPH_BITS'.
+---
+diff --git a/src/bdf/bdflib.c b/src/bdf/bdflib.c
+index c128526..369c111 100644
+--- a/src/bdf/bdflib.c
++++ b/src/bdf/bdflib.c
+@@ -1549,6 +1549,14 @@
+     /* Check for the ENDFONT field. */
+     if ( _bdf_strncmp( line, "ENDFONT", 7 ) == 0 )
+     {
++      if ( p->flags & _BDF_GLYPH_BITS )
++      {
++        /* Missing ENDCHAR field. */
++        FT_ERROR(( "_bdf_parse_glyphs: " ERRMSG1, lineno, "ENDCHAR" ));
++        error = BDF_Err_Corrupted_Font_Glyphs;
++        goto Exit;
++      }
++
+       /* Sort the glyphs by encoding. */
+       ft_qsort( (char *)font->glyphs,
+                 font->glyphs_used,
+--
+cgit v0.9.0.2