From ef1eba75187adfac750f326b563fe543dd5ff4e6 Mon Sep 17 00:00:00 2001
From: Werner Lemberg <wl@gnu.org>
Date: Thu, 06 Nov 2014 22:25:05 +0000
Subject: Fix Savannah bug #43548.

* src/pcf/pcfread (pcf_get_encodings): Add sanity checks for row and
column values.
---
diff --git a/src/pcf/pcfread.c b/src/pcf/pcfread.c
index 8db31bd..668c962 100644
--- a/src/pcf/pcfread.c
+++ b/src/pcf/pcfread.c
@@ -812,6 +812,15 @@ THE SOFTWARE.
     if ( !PCF_FORMAT_MATCH( format, PCF_DEFAULT_FORMAT ) )
       return PCF_Err_Invalid_File_Format;
 
+    /* sanity checks */
+    if ( firstCol < 0       ||
+         firstCol > lastCol ||
+         lastCol  > 0xFF    ||
+         firstRow < 0       ||
+         firstRow > lastRow ||
+         lastRow  > 0xFF    )
+      return PCF_Err_Invalid_Table;
+
     FT_TRACE4(( "pdf_get_encodings:\n" ));
 
     FT_TRACE4(( "  firstCol %d, lastCol %d, firstRow %d, lastRow %d\n",
--
cgit v0.9.0.2