From: Patrick Lam <plam@MIT.EDU>
Date: Sat, 18 Feb 2006 17:56:25 +0000 (+0000)
Subject: Fix segfault (reported by fcrozat) caused by incorrect input on cache
X-Git-Tag: fc-2_3_94~14
X-Git-Url: https://git.wh0rd.org/?a=commitdiff_plain;h=a68ce9525dedc06fd4da102492e8d1c6137b3664;p=fontconfig.git

Fix segfault (reported by fcrozat) caused by incorrect input on cache
    files.
---

diff --git a/ChangeLog b/ChangeLog
index bb5303f..840a372 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2006-02-18  Patrick Lam  <plam@mit.edu>
+	* src/fccache.c (FcDirCacheHasCurrentArch):
+
+	Fix segfault (reported by fcrozat) caused by incorrect
+	input on cache files.
+
 2006-02-17  Patrick Lam  <plam@mit.edu>
 	* src/fcint.h  (FC_CACHE_MAGIC):
 
diff --git a/src/fccache.c b/src/fccache.c
index 6385d3f..da4abc7 100644
--- a/src/fccache.c
+++ b/src/fccache.c
@@ -760,6 +760,7 @@ FcDirCacheHasCurrentArch (const FcChar8 *dir)
     off_t	current_arch_start;
     char 	*current_arch_machine_name;
     FcCache	metadata;
+    char 	subdirName[FC_MAX_FILE_LEN + 1 + 12 + 1];
 
     fd = FcDirCacheOpen (dir);
     if (fd < 0)
@@ -770,17 +771,19 @@ FcDirCacheHasCurrentArch (const FcChar8 *dir)
 
     if (current_arch_start >= 0)
     {
+	if (lseek (fd, current_arch_start, SEEK_SET) != current_arch_start)
+	    goto bail1;
+
+	FcCacheSkipString (fd);
+
+	while (FcCacheReadString (fd, subdirName, sizeof (subdirName)) && strlen (subdirName) > 0)
+	    ;
+
         if (read(fd, &metadata, sizeof(FcCache)) != sizeof(FcCache))
-        {
-            close (fd);
-            return FcFalse;
-        }
+	    goto bail1;
 
         if (metadata.magic != FC_CACHE_MAGIC)
-        {
-            close (fd);
-            return FcFalse;
-        }
+	    goto bail1;
     }
 
     close (fd);
@@ -790,6 +793,8 @@ FcDirCacheHasCurrentArch (const FcChar8 *dir)
     
     return FcTrue;
 
+ bail1:
+    close (fd);
  bail:
     return FcFalse;
 }