Bug 340229 – pango_font_description_from_string does not do bound

2006-05-01 Behdad Esfahbod <behdad@gnome.org> Bug 340229 – pango_font_description_from_string does not do bound checking * pango/fonts.c (pango_font_description_set_size), (pango_font_description_set_absolute_size), (parse_size): * pango/pango-markup.c (span_parse_func): Don't accept negative font sizes, and make sure sizes don't overflow.
author: Behdad Esfahbod <behdad@gnome.org> 2006-05-01 14:45:56 +0000
committer: Behdad Esfahbod <behdad@src.gnome.org> 2006-05-01 14:45:56 +0000
commit: 0a7f8d6fb481d2bd502b5f376a0dcef6f82ee0ff (patch)
tree: b61502955b33de7ed450953e98926c50611bded4 /pango/pango-markup.c
parent: 29b48d2171562fb43b3c9ffc86e1904aff462d86 (diff)
download: pango-0a7f8d6fb481d2bd502b5f376a0dcef6f82ee0ff.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/pango/pango-markup.c b/pango/pango-markup.c
index 5a5b67e0..afe8a933 100644
--- a/pango/pango-markup.c
+++ b/pango/pango-markup.c
@@ -997,7 +997,7 @@ span_parse_func     (MarkupData            *md,
 
           n = strtoul (size, &end, 10);
 
-          if (*end != '\0')
+          if (*end != '\0' || n < 0 || n > 1000000)
             {
               g_set_error (error,
                            G_MARKUP_ERROR,
author	Behdad Esfahbod <behdad@gnome.org>	2006-05-01 14:45:56 +0000
committer	Behdad Esfahbod <behdad@src.gnome.org>	2006-05-01 14:45:56 +0000
commit	0a7f8d6fb481d2bd502b5f376a0dcef6f82ee0ff (patch)
tree	b61502955b33de7ed450953e98926c50611bded4 /pango/pango-markup.c
parent	29b48d2171562fb43b3c9ffc86e1904aff462d86 (diff)
download	pango-0a7f8d6fb481d2bd502b5f376a0dcef6f82ee0ff.tar.gz