[Git][freetype/freetype][master] [pfr] Fortify the kerning code.

freetype-commit

[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Git][freetype/freetype][master] [pfr] Fortify the kerning code.

From:	Alexei Podtelezhnikov (@apodtele)
Subject:	[Git][freetype/freetype][master] [pfr] Fortify the kerning code.
Date:	Tue, 26 Jul 2022 16:34:28 +0000

 Alexei Podtelezhnikov pushed to branch master
at FreeType / FreeType


Commits:



284956b5

by Alexei Podtelezhnikov
at 2022-07-26T12:23:15-04:00

[pfr] Fortify the kerning code.

Any array index must be strictly less then the array size. Therefore,
we must reject indexes that are equal to the array size.  Alternatively,
we should move the bounds check before the index decrement but that
would be confusing.

In addition, it is ok to decrement zero (.notdef) and get UINT_MAX,
which is then automatically rejected in the bounds check.

* src/pfr/pfrobjs.c (pfr_face_get_kerning): Fix the bounds checking.



1 changed file:



src/pfr/pfrobjs.c



Changes:

src/pfr/pfrobjs.c



...
...
@@ -486,17 +486,16 @@



486


486

     kerning->x = 0;




487


487

     kerning->y = 0;




488


488

 




489


 

-    if ( glyph1 > 0 )




490


 

-      glyph1--;




 


489

+    /* PFR indexing skips .notdef, which becomes UINT_MAX */




 


490

+    glyph1--;




 


491

+    glyph2--;




491


492

 




492


 

-    if ( glyph2 > 0 )




493


 

-      glyph2--;




494


 

-




495


 

-    /* convert glyph indices to character codes */




496


 

-    if ( glyph1 > phy_font->num_chars ||




497


 

-         glyph2 > phy_font->num_chars )




 


493

+    /* check the array bounds, .notdef is automacally out */




 


494

+    if ( glyph1 >= phy_font->num_chars ||




 


495

+         glyph2 >= phy_font->num_chars )




498


496

       goto Exit;




499


497

 




 


498

+    /* convert glyph indices to character codes */




500


499

     code1 = phy_font->chars[glyph1].char_code;




501


500

     code2 = phy_font->chars[glyph2].char_code;




502


501

     pair  = PFR_KERN_INDEX( code1, code2 );











—


View it on GitLab.


You're receiving this email because of your account on gitlab.freedesktop.org.
If you'd like to receive fewer emails, you can
adjust your notification settings.
@@ -486,17 +486,16 @@
      kerning->x = 0;
      kerning->y = 0;
 -    if ( glyph1 > 0 )
 -      glyph1--;
 +    /* PFR indexing skips .notdef, which becomes UINT_MAX */
 +    glyph1--;
 +    glyph2--;
 -    if ( glyph2 > 0 )
 -      glyph2--;
+-
 -    /* convert glyph indices to character codes */
 -    if ( glyph1 > phy_font->num_chars ||
 -         glyph2 > phy_font->num_chars )
 +    /* check the array bounds, .notdef is automacally out */
 +    if ( glyph1 >= phy_font->num_chars ||
 +         glyph2 >= phy_font->num_chars )
        goto Exit;
 +    /* convert glyph indices to character codes */
      code1 = phy_font->chars[glyph1].char_code;
      code2 = phy_font->chars[glyph2].char_code;
      pair  = PFR_KERN_INDEX( code1, code2 );

[Prev in Thread]

Current Thread

[Next in Thread]

[Git][freetype/freetype][master] [pfr] Fortify the kerning code., Alexei Podtelezhnikov (@apodtele) <=

Prev by Date: [Git][freetype/freetype][master] 2 commits: * src/pfr/*.c: Trivial improvements and formatting.
Next by Date: [freetype2] master 284956b5b: [pfr] Fortify the kerning code.
Previous by thread: [Git][freetype/freetype][master] 2 commits: * src/pfr/*.c: Trivial improvements and formatting.
Next by thread: [freetype2] master 284956b5b: [pfr] Fortify the kerning code.
Index(es):
- Date
- Thread