From d353f6e0123a0acffe5068b2e5d0cd2b5c93d196 Mon Sep 17 00:00:00 2001 From: Werner Lemberg Date: Sat, 10 Oct 2015 06:54:46 +0200 Subject: [PATCH] * src/pcf/pcfread.c (pcf_read_TOC): Check stream size (#46162). --- ChangeLog | 4 ++++ src/pcf/pcfread.c | 3 +++ 2 files changed, 7 insertions(+) diff --git a/ChangeLog b/ChangeLog index afd34e9c9..4cc2e536f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +2015-10-10 Werner Lemberg + + * src/pcf/pcfread.c (pcf_read_TOC): Check stream size (#46162). + 2015-10-09 Werner Lemberg * src/gzip/ftgzip.c (FT_Stream_OpenGzip): Use real stream size. diff --git a/src/pcf/pcfread.c b/src/pcf/pcfread.c index afad27803..6a248cfcc 100644 --- a/src/pcf/pcfread.c +++ b/src/pcf/pcfread.c @@ -106,6 +106,9 @@ THE SOFTWARE. toc->count == 0 ) return FT_THROW( Invalid_File_Format ); + if ( stream->size < 16 ) + return FT_THROW( Invalid_File_Format ); + /* we need 16 bytes per TOC entry */ if ( toc->count > stream->size >> 4 ) {