mirrors
/
tigervnc
mirror of https://github.com/TigerVNC/tigervnc.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 37 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2547 Commits
15 Branches
Tree: 1ff04d1b8a
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '1ff04d1b8a'
${ noResults }
tigervnc/contrib/packages/rpm/el5/SOURCES/freetype-2.3.11-CVE-2012-11...

freetype-2.3.11-CVE-2012-1144.patch 696B
Raw Blame History

12345678910111213141516171819202122 
  1. --- freetype-2.3.11/src/truetype/ttgload.c	2009-09-08 07:06:51.000000000 +0200

  2. +++ freetype-2.3.11/src/truetype/ttgload.c	2012-03-28 12:01:04.000000000 +0200

  3. @@ -267,14 +267,17 @@

  4.      if ( n_contours >= 0xFFF || p + ( n_contours + 1 ) * 2 > limit )

  5.        goto Invalid_Outline;

  6.  

  7. -    prev_cont = FT_NEXT_USHORT( p );

  8. +    prev_cont = FT_NEXT_SHORT( p );

  9.  

  10.      if ( n_contours > 0 )

  11.        cont[0] = prev_cont;

  12.  

  13. +    if ( prev_cont < 0 )

  14. +      goto Invalid_Outline;

  15. +

  16.      for ( cont++; cont < cont_limit; cont++ )

  17.      {

  18. -      cont[0] = FT_NEXT_USHORT( p );

  19. +      cont[0] = FT_NEXT_SHORT( p );

  20.        if ( cont[0] <= prev_cont )

  21.        {

  22.          /* unordered contours: this is invalid */