shithub: freetype+ttf2subf

Download patch

ref: 8f633a08f1b7e5f64d2afd3805f6fb491f8c7086
parent: 4cd6817951d928a857ee4618012de68e04340f20
author: Werner Lemberg <[email protected]>
date: Sun Dec 18 01:42:31 EST 2016 

[cff] Better handling of non-CFF font formats.

* src/cff/cffload.c (cff_font_load): Pure CFFs don't have a
signature, so return `FT_Err_Unknown_File_Format' more often.

git/fs: mount .git/fs: mount/attach disallowed 
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+2016-12-18  Werner Lemberg  <[email protected]>
+
+	[cff] Better handling of non-CFF font formats.
+
+	* src/cff/cffload.c (cff_font_load): Pure CFFs don't have a
+	signature, so return `FT_Err_Unknown_File_Format' more often.
+
 2016-12-17  Werner Lemberg  <[email protected]>
 
 	* src/cff/cffload.c (cff_build_blend_vector): Remove redundant code.
--- a/src/cff/cffload.c
+++ b/src/cff/cffload.c
@@ -2111,8 +2111,15 @@
     }
     else
     {
+      FT_Byte  absolute_offset;
+
+
+      if ( FT_READ_BYTE( absolute_offset ) )
+        goto Exit;
+
       if ( font->version_major != 1 ||
-           font->header_size < 4    )
+           font->header_size < 4    ||
+           absolute_offset > 4      )
       {
         FT_TRACE2(( "  not a CFF font header\n" ));
         error = FT_THROW( Unknown_File_Format );
@@ -2122,7 +2129,17 @@
 
     /* skip the rest of the header */
     if ( FT_STREAM_SEEK( base_offset + font->header_size ) )
+    {
+      /* For pure CFFs we have read only four bytes so far.  Contrary to */
+      /* other formats like SFNT those bytes doesn't define a signature; */
+      /* it is thus possible that the font isn't a CFF at all.           */
+      if ( pure_cff )
+      {
+        FT_TRACE2(( "  not a CFF file\n" ));
+        error = FT_THROW( Unknown_File_Format );
+      }
       goto Exit;
+    }
 
     if ( cff2 )
     {
@@ -2150,8 +2167,17 @@
     {
       /* for CFF, read the name, top dict, string and global subrs index */
       if ( FT_SET_ERROR( cff_index_init( &font->name_index,
-                                         stream, 0, cff2 ) )                 ||
-           FT_SET_ERROR( cff_index_init( &font->font_dict_index,
+                                         stream, 0, cff2 ) ) )
+      {
+        if ( pure_cff )
+        {
+          FT_TRACE2(( "  not a CFF file\n" ));
+          error = FT_THROW( Unknown_File_Format );
+        }
+        goto Exit;
+      }
+
+      if ( FT_SET_ERROR( cff_index_init( &font->font_dict_index,
                                          stream, 0, cff2 ) )                 ||
            FT_SET_ERROR( cff_index_init( &string_index,
                                          stream, 1, cff2 ) )                 ||