From 53ee809ad9fde2d70d71ed892b47a16bcb1ea494 Mon Sep 17 00:00:00 2001 From: Uli Schlachter Date: Fri, 16 Sep 2022 07:47:18 +0200 Subject: [PATCH] cairo_pdf_version_to_string: Check for negative values Before this commit, cairo_pdf_version_to_string() would return the result of an out-of-bounds array access when called with a negative value. This commit adds a check against this. No unit test added since there are no tests for cairo_pdf_version_to_string() that I could easily add such a test to. Fixes: https://gitlab.freedesktop.org/cairo/cairo/-/issues/590 Signed-off-by: Uli Schlachter --- src/cairo-pdf-surface.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/cairo-pdf-surface.c b/src/cairo-pdf-surface.c index 9b2b93252..dcecfb23a 100644 --- a/src/cairo-pdf-surface.c +++ b/src/cairo-pdf-surface.c @@ -779,7 +779,7 @@ cairo_pdf_get_versions (cairo_pdf_version_t const **versions, const char * cairo_pdf_version_to_string (cairo_pdf_version_t version) { - if (version >= CAIRO_PDF_VERSION_LAST) + if (version < 0 || version >= CAIRO_PDF_VERSION_LAST) return NULL; return _cairo_pdf_version_strings[version];