diff options
| author | Alexei Podtelezhnikov <apodtele@gmail.com> | 2016-06-26 08:27:29 +0200 |
|---|---|---|
| committer | Werner Lemberg <wl@gnu.org> | 2016-06-26 08:27:29 +0200 |
| commit | 999bcee2d7a3c65700f3e898f9a60585a973c376 (patch) | |
| tree | f5d368ea845210dda803fea30f15a11d59aa97b0 | |
| parent | 8ba407a7fe911322e8f674456a74bbd7d5ead200 (diff) | |
| download | freetype2-999bcee2d7a3c65700f3e898f9a60585a973c376.tar.gz | |
[pcf] Fix handling of very large fonts (#47708).
* src/pcf/pcfread.c (pcf_get_encodings): Make `encodingOffset' an
unsigned short.
Only reject `0xFFFF' as an invalid encoding offset.
| -rw-r--r-- | ChangeLog | 10 | ||||
| -rw-r--r-- | src/pcf/pcfread.c | 14 |
2 files changed, 18 insertions, 6 deletions
@@ -1,4 +1,12 @@ -2016-04-24 Werner Lemberg <wl@gnu.org> +2016-06-26 Alexei Podtelezhnikov <apodtele@gmail.com> + + [pcf] Fix handling of very large fonts (#47708). + + * src/pcf/pcfread.c (pcf_get_encodings): Make `encodingOffset' an + unsigned short. + Only reject `0xFFFF' as an invalid encoding offset. + +2016-06-25 Werner Lemberg <wl@gnu.org> [truetype] Really fix deallocation in case of error (#47726). diff --git a/src/pcf/pcfread.c b/src/pcf/pcfread.c index dec05db17..a86b45d6b 100644 --- a/src/pcf/pcfread.c +++ b/src/pcf/pcfread.c @@ -849,7 +849,7 @@ THE SOFTWARE. int firstCol, lastCol; int firstRow, lastRow; FT_ULong nencoding; - int encodingOffset; + FT_UShort encodingOffset; int i, j; FT_ULong k; PCF_Encoding encoding = NULL; @@ -921,15 +921,19 @@ THE SOFTWARE. { for ( j = firstCol; j <= lastCol; j++ ) { + /* X11's reference implementation uses the equivalent to */ + /* `FT_GET_SHORT', however PCF fonts with more than 32768 */ + /* characters (e.g. `unifont.pcf') clearly show that an */ + /* unsigned value is needed. */ if ( PCF_BYTE_ORDER( format ) == MSBFirst ) - encodingOffset = FT_GET_SHORT(); + encodingOffset = FT_GET_USHORT(); else - encodingOffset = FT_GET_SHORT_LE(); + encodingOffset = FT_GET_USHORT_LE(); - if ( encodingOffset > -1 ) + if ( encodingOffset != 0xFFFFU ) { encoding[k].enc = i * 256 + j; - encoding[k].glyph = (FT_UShort)encodingOffset; + encoding[k].glyph = encodingOffset; FT_TRACE5(( " code %d (0x%04X): idx %d\n", encoding[k].enc, encoding[k].enc, encoding[k].glyph )); |