diff options
| author | Ken Sharp <ken.sharp@artifex.com> | 2018-11-17 11:20:08 +0000 |
|---|---|---|
| committer | Chris Liddell <chris.liddell@artifex.com> | 2018-11-19 09:50:24 +0000 |
| commit | c796ccb512ac581f5ac492fda8807d41769c47e8 (patch) | |
| tree | ed881060718c78921ff2e0691b9be68ff13d6a72 | |
| parent | cb9bb72643e95383bcacd88ab718565f3df9a510 (diff) | |
| download | ghostpdl-c796ccb512ac581f5ac492fda8807d41769c47e8.tar.gz | |
Check structure types when using the r_ptr macro
Two more places where we were using the r_ptr macro to cast a PostScript
ref object into a structure without thoroughly checking that the object
was in fact a structure of the correct type.
One case did a partial check, but this is more robust.
| -rw-r--r-- | base/gsfcid2.c | 2 | ||||
| -rw-r--r-- | base/gsfcmap.c | 4 | ||||
| -rw-r--r-- | psi/zdscpars.c | 1 | ||||
| -rw-r--r-- | psi/zfcmap.c | 14 |
4 files changed, 11 insertions, 10 deletions
diff --git a/base/gsfcid2.c b/base/gsfcid2.c index 2b6953c67..157d9996c 100644 --- a/base/gsfcid2.c +++ b/base/gsfcid2.c @@ -84,7 +84,7 @@ typedef struct gs_cmap_tt_16bit_format4_s { uint segCount2; ulong endCount, startCount, idDelta, idRangeOffset, glyphIdArray; } gs_cmap_tt_16bit_format4_t; -gs_private_st_suffix_add1(st_cmap_tt_16bit_format4, gs_cmap_tt_16bit_format4_t, +gs_public_st_suffix_add1(st_cmap_tt_16bit_format4, gs_cmap_tt_16bit_format4_t, "gs_cmap_tt_16bit_format4_t", cmap_tt_16bit_format4_enum_ptrs, cmap_tt_16bit_format4_reloc_ptrs, st_cmap, font); diff --git a/base/gsfcmap.c b/base/gsfcmap.c index ac57d7f2f..150b4d954 100644 --- a/base/gsfcmap.c +++ b/base/gsfcmap.c @@ -32,7 +32,7 @@ typedef struct gs_cmap_identity_s { /* GC descriptors */ public_st_cmap(); -gs_private_st_suffix_add0_local(st_cmap_identity, gs_cmap_identity_t, +gs_public_st_suffix_add0_local(st_cmap_identity, gs_cmap_identity_t, "gs_cmap_identity_t", cmap_ptrs, cmap_data, st_cmap); @@ -425,7 +425,7 @@ gs_cmap_compute_identity(const gs_cmap_t *pcmap, int font_index_only) static const int gs_cmap_ToUnicode_code_bytes = 2; -gs_private_st_suffix_add0(st_cmap_ToUnicode, gs_cmap_ToUnicode_t, +gs_public_st_suffix_add0(st_cmap_ToUnicode, gs_cmap_ToUnicode_t, "gs_cmap_ToUnicode_t", cmap_ToUnicode_enum_ptrs, cmap_ToUnicode_reloc_ptrs, st_cmap); diff --git a/psi/zdscpars.c b/psi/zdscpars.c index a8cb75da3..ba8c2464d 100644 --- a/psi/zdscpars.c +++ b/psi/zdscpars.c @@ -460,6 +460,7 @@ zparse_dsc_comments(i_ctx_t *i_ctx_p) if (code == 0) return_error(gs_error_undefined); + check_stype(*pvalue, st_dsc_data_t); dsc_state = r_ptr(pvalue, dsc_data_t); /* * Pick up the comment string to be parsed. diff --git a/psi/zfcmap.c b/psi/zfcmap.c index 958221eea..4415ffc1c 100644 --- a/psi/zfcmap.c +++ b/psi/zfcmap.c @@ -310,6 +310,10 @@ cid_system_info_compatible(const gs_cid_system_info_t * psi1, /* ---------------- (Semi-)public procedures ---------------- */ +extern_st(st_cmap_tt_16bit_format4); +extern_st(st_cmap_identity); +extern_st(st_cmap_ToUnicode); + /* Get the CodeMap from a Type 0 font, and check the CIDSystemInfo of */ /* its subsidiary fonts. */ int @@ -323,16 +327,12 @@ ztype0_get_cmap(const gs_cmap_t **ppcmap, const ref *pfdepvector, uint num_fonts; uint i; - /* - * We have no way of checking whether the CodeMap is a concrete - * subclass of gs_cmap_t, so we just check that it is in fact a - * t_struct and is large enough. - */ if (dict_find_string(op, "CMap", &prcmap) <= 0 || !r_has_type(prcmap, t_dictionary) || dict_find_string(prcmap, "CodeMap", &pcodemap) <= 0 || - !r_is_struct(pcodemap) || - gs_object_size(imem, r_ptr(pcodemap, gs_cmap_t)) < sizeof(gs_cmap_t) + !r_is_struct(pcodemap) || (!r_has_stype(pcodemap, imem, st_cmap_tt_16bit_format4) && + !r_has_stype(pcodemap, imem, st_cmap_identity) && !r_has_stype(pcodemap, imem, st_cmap_ToUnicode) && + !r_has_stype(pcodemap, imem, st_cmap_adobe1)) ) return_error(gs_error_invalidfont); pcmap = r_ptr(pcodemap, gs_cmap_t); |