fdo-mirrors/cairo
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/cairo/cairo.git synced 2026-05-06 11:38:16 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge branch 'master' into 'master'

Browse source 
[cff-subset] check subrs offset is within font data

See merge request cairo/cairo!657
This commit is contained in:
Uli Schlachter 2026-04-18 13:17:19 +00:00
commit 4ca0d581cb
1 changed files with 2 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
src/cairo-cff-subset.c
View file

@ -930,6 +930,8 @@ cairo_cff_font_read_private_dict (cairo_cff_font_t *font,
if (operand) {
decode_integer (operand, &offset);
p = ptr + offset;
if (unlikely (p < font->data || p > font->data_end))
return CAIRO_INT_STATUS_UNSUPPORTED;
status = cff_index_read (local_sub_index, &p, font->data_end);
if (unlikely (status))
return status;