3
From dd89710f0f643eb0f99a3830e0712d26c7642acd Mon Sep 17 00:00:00 2001
4
From: Werner Lemberg <wl@gnu.org>
5
Date: Fri, 21 Nov 2014 21:19:28 +0000
6
Subject: [type1, type42] Fix Savannah bug #43655.
8
* src/type1/t1load.c (parse_charstrings), src/type42/t42parse.c
9
(t42_parse_charstrings): Fix boundary testing.
11
Index: freetype-2.4.8/src/type1/t1load.c
12
===================================================================
13
--- freetype-2.4.8.orig/src/type1/t1load.c 2015-02-24 10:04:02.782532741 -0500
14
+++ freetype-2.4.8/src/type1/t1load.c 2015-02-24 10:04:02.778532710 -0500
19
- if ( cur + 1 >= limit )
20
+ if ( cur + 2 >= limit )
22
error = T1_Err_Invalid_File_Format;
24
Index: freetype-2.4.8/src/type42/t42parse.c
25
===================================================================
26
--- freetype-2.4.8.orig/src/type42/t42parse.c 2015-02-24 10:04:02.782532741 -0500
27
+++ freetype-2.4.8/src/type42/t42parse.c 2015-02-24 10:04:02.778532710 -0500
32
- if ( cur + 1 >= limit )
33
+ if ( cur + 2 >= limit )
35
FT_ERROR(( "t42_parse_charstrings: out of bounds\n" ));
36
error = T42_Err_Invalid_File_Format;