ref: c4cad30ed1b1f554aa41a98b0b0fdca6e579e22f
parent: 26dfeb6d63940f1068cd482b7f506289eea5bafa
author: Werner Lemberg <[email protected]>
date: Thu Mar 8 15:11:37 EST 2012
[bdf] Add missing overflow check. * src/bdf/bdflib.c (_bdf_parse_glyphs) <BITMAP>: Add threshold for `glyph->bpr'.
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+2012-03-08 Werner Lemberg <[email protected]>
+
+ [bdf] Add missing overflow check.
+
+ * src/bdf/bdflib.c (_bdf_parse_glyphs) <BITMAP>: Add threshold for
+ `glyph->bpr'.
+
2012-03-07 Vinnie Falco <[email protected]>
Prepare source code for amalgamation.
--- a/src/bdf/bdflib.c
+++ b/src/bdf/bdflib.c
@@ -1912,7 +1912,7 @@
glyph->bpr = ( glyph->bbx.width * p->font->bpp + 7 ) >> 3;
bitmap_size = glyph->bpr * glyph->bbx.height;
- if ( bitmap_size > 0xFFFFU )
+ if ( glyph->bpr > 0xFFFFU || bitmap_size > 0xFFFFU )
{FT_ERROR(( "_bdf_parse_glyphs: " ERRMSG4, lineno ));
error = BDF_Err_Bbx_Too_Big;