ref: 577414030a14219723d0536fb1a349174508062b
parent: 7eeaf986b5ebb43cbbc8368c6e528ac311d87805
author: Werner Lemberg <[email protected]>
date: Sat Oct 22 14:34:48 EDT 2016
[sfnt] Improve handling of invalid post 2.5 tables [#49393]. * src/sfnt/ttpost.c (load_format_25): We need at least a single table entry.
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+2016-10-22 Werner Lemberg <[email protected]>
+
+ [sfnt] Improve handling of invalid post 2.5 tables [#49393].
+
+ * src/sfnt/ttpost.c (load_format_25): We need at least a single
+ table entry.
+
2016-10-14 Werner Lemberg <[email protected]>
[truetype] Fix handling of `cvar' table data.
--- a/src/sfnt/ttpost.c
+++ b/src/sfnt/ttpost.c
@@ -326,7 +326,9 @@
goto Exit;
/* check the number of glyphs */
- if ( num_glyphs > face->max_profile.numGlyphs || num_glyphs > 258 )
+ if ( num_glyphs > face->max_profile.numGlyphs ||
+ num_glyphs > 258 ||
+ num_glyphs < 1 )
{error = FT_THROW( Invalid_File_Format );
goto Exit;