summarylogtreecommitdiffstats
path: root/freetype-2.5.0-CVE-2014-2241.patch
diff options
context:
space:
mode:
Diffstat (limited to 'freetype-2.5.0-CVE-2014-2241.patch')
-rw-r--r--freetype-2.5.0-CVE-2014-2241.patch52
1 files changed, 52 insertions, 0 deletions
diff --git a/freetype-2.5.0-CVE-2014-2241.patch b/freetype-2.5.0-CVE-2014-2241.patch
new file mode 100644
index 00000000000..3e6cd60c9bb
--- /dev/null
+++ b/freetype-2.5.0-CVE-2014-2241.patch
@@ -0,0 +1,52 @@
+From 135c3faebb96f8f550bd4f318716f2e1e095a969 Mon Sep 17 00:00:00 2001
+From: Dave Arnold <darnold@adobe.com>
+Date: Fri, 28 Feb 2014 06:42:42 +0000
+Subject: Fix Savannah bug #41697, part 2.
+
+* src/cff/cf2ft.c (cf2_initLocalRegionBuffer,
+cf2_initGlobalRegionBuffer): It is possible for a charstring to call
+a subroutine if no subroutines exist. This is an error but should
+not trigger an assert. Split the assert to account for this.
+---
+diff --git a/src/cff/cf2ft.c b/src/cff/cf2ft.c
+index df5f8fb..82bac75 100644
+--- a/src/cff/cf2ft.c
++++ b/src/cff/cf2ft.c
+@@ -521,7 +521,7 @@
+ CF2_UInt idx,
+ CF2_Buffer buf )
+ {
+- FT_ASSERT( decoder && decoder->globals );
++ FT_ASSERT( decoder );
+
+ FT_ZERO( buf );
+
+@@ -529,6 +529,8 @@
+ if ( idx >= decoder->num_globals )
+ return TRUE; /* error */
+
++ FT_ASSERT( decoder->globals );
++
+ buf->start =
+ buf->ptr = decoder->globals[idx];
+ buf->end = decoder->globals[idx + 1];
+@@ -594,7 +596,7 @@
+ CF2_UInt idx,
+ CF2_Buffer buf )
+ {
+- FT_ASSERT( decoder && decoder->locals );
++ FT_ASSERT( decoder );
+
+ FT_ZERO( buf );
+
+@@ -602,6 +604,8 @@
+ if ( idx >= decoder->num_locals )
+ return TRUE; /* error */
+
++ FT_ASSERT( decoder->locals );
++
+ buf->start =
+ buf->ptr = decoder->locals[idx];
+ buf->end = decoder->locals[idx + 1];
+--
+cgit v0.9.0.2