mirror of
https://gitlab.freedesktop.org/cairo/cairo.git
synced 2026-05-05 08:48:00 +02:00
Merge branch 'issue-413' into 'master'
cff: Check subroutine number is valid before using as an array index Closes #413 See merge request cairo/cairo!202
This commit is contained in:
Adrian Johnson
commit
82f5570ad5
1 changed files with 6 additions and 2 deletions
|
|
@ -1598,14 +1598,16 @@ cairo_cff_parse_charstring (cairo_cff_font_t *font,
|
|||
|
||||
if (font->is_cid) {
|
||||
fd = font->fdselect[glyph_id];
|
||||
sub_num = font->type2_stack_top_value + font->fd_local_sub_bias[fd];
|
||||
sub_num = font->type2_stack_top_value + font->fd_local_sub_bias[fd];
|
||||
if (sub_num >= _cairo_array_num_elements(&font->fd_local_sub_index[fd]))
|
||||
return CAIRO_INT_STATUS_UNSUPPORTED;
|
||||
element = _cairo_array_index (&font->fd_local_sub_index[fd], sub_num);
|
||||
if (! font->fd_local_subs_used[fd][sub_num]) {
|
||||
font->fd_local_subs_used[fd][sub_num] = TRUE;
|
||||
cairo_cff_parse_charstring (font, element->data, element->length, glyph_id, need_width);
|
||||
}
|
||||
} else {
|
||||
sub_num = font->type2_stack_top_value + font->local_sub_bias;
|
||||
sub_num = font->type2_stack_top_value + font->local_sub_bias;
|
||||
if (sub_num >= _cairo_array_num_elements(&font->local_sub_index))
|
||||
return CAIRO_INT_STATUS_UNSUPPORTED;
|
||||
element = _cairo_array_index (&font->local_sub_index, sub_num);
|
||||
|
|
@ -1632,6 +1634,8 @@ cairo_cff_parse_charstring (cairo_cff_font_t *font,
|
|||
font->type2_seen_first_int = FALSE;
|
||||
|
||||
sub_num = font->type2_stack_top_value + font->global_sub_bias;
|
||||
if (sub_num >= _cairo_array_num_elements(&font->global_sub_index))
|
||||
return CAIRO_INT_STATUS_UNSUPPORTED;
|
||||
element = _cairo_array_index (&font->global_sub_index, sub_num);
|
||||
if (! font->global_subs_used[sub_num] ||
|
||||
(need_width && !font->type2_found_width))
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue