diff options
| author | Ken Sharp <ken.sharp@artifex.com> | 2018-09-21 13:02:56 +0100 |
|---|---|---|
| committer | Ken Sharp <ken.sharp@artifex.com> | 2018-09-21 13:32:59 +0100 |
| commit | fac7eb144135f3ed8fbb0028ab1f33ce4dcc1985 (patch) | |
| tree | 1d32a77499a3be1b275b56b8d0f8364acadc2751 /psi/zfcid0.c | |
| parent | 7ee525fd0010a4f0bb507417860e9faa058c6315 (diff) | |
| download | ghostpdl-fac7eb144135f3ed8fbb0028ab1f33ce4dcc1985.tar.gz | |
Check all uses of dict_find* to ensure 0 return properly handled
dict_find and friends have the surprising quirk of returning < 0 for
an error and > 0 for no error. But they can also return 0 which means
'not found' without it being an error.
From bug 699801, if the code assumes the usual case where 0 is a success
then an attempt might be made to use the empty dictionary slot returned
by dict_find*, which can lead to seg faults, and certainly won't have
the expected result.
Diffstat (limited to 'psi/zfcid0.c')
| -rw-r--r-- | psi/zfcid0.c | 39 |
1 files changed, 29 insertions, 10 deletions
diff --git a/psi/zfcid0.c b/psi/zfcid0.c index 2aba09ae3..ba00b2195 100644 --- a/psi/zfcid0.c +++ b/psi/zfcid0.c @@ -410,13 +410,25 @@ zbuildfont9(i_ctx_t *i_ctx_p) * from a file, GlyphData will be an integer, and DataSource will be * a (reusable) stream. */ - if (code < 0 || - (code = cid_font_data_param(op, &common, &GlyphDirectory)) < 0 || - (code = dict_find_string(op, "FDArray", &prfda)) < 0 || - (code = dict_find_string(op, "CIDFontName", &pCIDFontName)) <= 0 || - (code = dict_int_param(op, "FDBytes", 0, MAX_FDBytes, -1, &FDBytes)) < 0 - ) + if (code < 0) + return code; + code = cid_font_data_param(op, &common, &GlyphDirectory); + if (code < 0) + return code; + code = dict_find_string(op, "FDArray", &prfda); + if (code < 0) + return code; + if (code == 0) + return_error(gs_error_undefined); + code = dict_find_string(op, "CIDFontName", &pCIDFontName); + if (code < 0) + return code; + if (code == 0) + return_error(gs_error_undefined); + code = dict_int_param(op, "FDBytes", 0, MAX_FDBytes, -1, &FDBytes); + if (code < 0) return code; + /* * Since build_gs_simple_font may resize the dictionary and cause * pointers to become invalid, save CIDFontName @@ -426,17 +438,24 @@ zbuildfont9(i_ctx_t *i_ctx_p) /* Standard CIDFont, require GlyphData and CIDMapOffset. */ ref *pGlyphData; - if ((code = dict_find_string(op, "GlyphData", &pGlyphData)) < 0 || - (code = dict_uint_param(op, "CIDMapOffset", 0, max_uint - 1, - max_uint, &CIDMapOffset)) < 0) + code = dict_find_string(op, "GlyphData", &pGlyphData); + if (code < 0) + return code; + if (code == 0) + return_error(gs_error_undefined); + code = dict_uint_param(op, "CIDMapOffset", 0, max_uint - 1, max_uint, &CIDMapOffset); + if (code < 0) return code; GlyphData = *pGlyphData; if (r_has_type(&GlyphData, t_integer)) { ref *pds; stream *ignore_s; - if ((code = dict_find_string(op, "DataSource", &pds)) < 0) + code = dict_find_string(op, "DataSource", &pds); + if (code < 0) return code; + if (code == 0) + return_error(gs_error_undefined); check_read_file(i_ctx_p, ignore_s, pds); DataSource = *pds; } else { |