Segfault scanning non-font files. Disallow scan edit of user vars. (#8767)

[fontconfig.git] / src / fcxml.c

diff --git a/src/fcxml.c b/src/fcxml.c
index 441e6dedf67e55a66915b926c839591c3a3bf79b..156599ca2fd5d8b5a94763664febc32920d7a826 100644 (file)
--- a/src/fcxml.c
+++ b/src/fcxml.c
@@ -1845,6 +1845,12 @@ FcParseMatch (FcConfigParse *parse)
            vstack->u.edit->next = edit;
            edit = vstack->u.edit;
            vstack->tag = FcVStackNone;
+           if (kind == FcMatchScan && edit->object > FC_MAX_BASE_OBJECT)
+           {
+               FcConfigMessage (parse, FcSevereError, 
+                                "<match target=\"scan\"> cannot edit user-defined object \"%s\"",
+                                FcObjectName(edit->object));
+           }
            break;
        default:
            FcConfigMessage (parse, FcSevereWarning, "invalid match element");
@@ -2281,6 +2287,14 @@ FcEndDoctypeDecl (void *userData)
 
 #endif /* ENABLE_LIBXML2 */
 
+static int
+FcSortCmpStr (const void *a, const void *b)
+{
+    const FcChar8    *as = *((FcChar8 **) a);
+    const FcChar8    *bs = *((FcChar8 **) b);
+    return FcStrCmp (as, bs);
+}
+
 static FcBool
 FcConfigParseAndLoadDir (FcConfig      *config,
                         const FcChar8  *name,
@@ -2350,7 +2364,7 @@ FcConfigParseAndLoadDir (FcConfig *config,
     {
        int i;
        qsort (files->strs, files->num, sizeof (FcChar8 *), 
-              (int (*)(const void *, const void *)) FcStrCmp);
+              (int (*)(const void *, const void *)) FcSortCmpStr);
        for (i = 0; ret && i < files->num; i++)
            ret = FcConfigParseAndLoad (config, files->strs[i], complain);
     }
@@ -2493,3 +2507,6 @@ bail0:
     }
     return FcTrue;
 }
+#define __fcxml__
+#include "fcaliastail.h"
+#undef __fcxml__