diff options
Diffstat (limited to 'freetype-2.5.0-CVE-2014-2241.patch')
-rw-r--r-- | freetype-2.5.0-CVE-2014-2241.patch | 52 |
1 files changed, 52 insertions, 0 deletions
diff --git a/freetype-2.5.0-CVE-2014-2241.patch b/freetype-2.5.0-CVE-2014-2241.patch new file mode 100644 index 000000000000..3e6cd60c9bbc --- /dev/null +++ b/freetype-2.5.0-CVE-2014-2241.patch @@ -0,0 +1,52 @@ +From 135c3faebb96f8f550bd4f318716f2e1e095a969 Mon Sep 17 00:00:00 2001 +From: Dave Arnold <darnold@adobe.com> +Date: Fri, 28 Feb 2014 06:42:42 +0000 +Subject: Fix Savannah bug #41697, part 2. + +* src/cff/cf2ft.c (cf2_initLocalRegionBuffer, +cf2_initGlobalRegionBuffer): It is possible for a charstring to call +a subroutine if no subroutines exist. This is an error but should +not trigger an assert. Split the assert to account for this. +--- +diff --git a/src/cff/cf2ft.c b/src/cff/cf2ft.c +index df5f8fb..82bac75 100644 +--- a/src/cff/cf2ft.c ++++ b/src/cff/cf2ft.c +@@ -521,7 +521,7 @@ + CF2_UInt idx, + CF2_Buffer buf ) + { +- FT_ASSERT( decoder && decoder->globals ); ++ FT_ASSERT( decoder ); + + FT_ZERO( buf ); + +@@ -529,6 +529,8 @@ + if ( idx >= decoder->num_globals ) + return TRUE; /* error */ + ++ FT_ASSERT( decoder->globals ); ++ + buf->start = + buf->ptr = decoder->globals[idx]; + buf->end = decoder->globals[idx + 1]; +@@ -594,7 +596,7 @@ + CF2_UInt idx, + CF2_Buffer buf ) + { +- FT_ASSERT( decoder && decoder->locals ); ++ FT_ASSERT( decoder ); + + FT_ZERO( buf ); + +@@ -602,6 +604,8 @@ + if ( idx >= decoder->num_locals ) + return TRUE; /* error */ + ++ FT_ASSERT( decoder->locals ); ++ + buf->start = + buf->ptr = decoder->locals[idx]; + buf->end = decoder->locals[idx + 1]; +-- +cgit v0.9.0.2 |