From: Keith Packard Date: Mon, 12 Mar 2007 17:32:23 +0000 (-0700) Subject: Work around FreeType bug when glyph name buffer is too small. X-Git-Tag: 2.4.91~38 X-Git-Url: https://git.wh0rd.org/?a=commitdiff_plain;h=c80a08d6bf08a27ede95035f3f02cd5abfa2cafd;p=fontconfig.git Work around FreeType bug when glyph name buffer is too small. Recent versions of FreeType do not correctly deal with glyph name buffers that are too small; work around this by declaring a buffer that can hold any PS name (127 bytes). --- diff --git a/src/fcfreetype.c b/src/fcfreetype.c index e2bcb15..c79ab3b 100644 --- a/src/fcfreetype.c +++ b/src/fcfreetype.c @@ -2412,6 +2412,19 @@ FcGlyphNameToUcs4 (FcChar8 *name) return 0xffff; } +/* + * Work around a bug in some FreeType versions which fail + * to correctly bounds check glyph name buffers and overwrite + * the stack. As Postscript names have a limit of 127 characters, + * this should be sufficient. + */ + +#if FC_GLYPHNAME_MAXLEN < 127 +# define FC_GLYPHNAME_BUFLEN 127 +#else +# define FC_GLYPHNAME_BUFLEN FC_GLYPHNAME_MAXLEN +#endif + /* * Search through a font for a glyph by name. This is * currently a linear search as there doesn't appear to be @@ -2421,11 +2434,11 @@ static FT_UInt FcFreeTypeGlyphNameIndex (FT_Face face, const FcChar8 *name) { FT_UInt gindex; - FcChar8 name_buf[FC_GLYPHNAME_MAXLEN + 2]; + FcChar8 name_buf[FC_GLYPHNAME_BUFLEN + 2]; for (gindex = 0; gindex < (FT_UInt) face->num_glyphs; gindex++) { - if (FT_Get_Glyph_Name (face, gindex, name_buf, FC_GLYPHNAME_MAXLEN+1) == 0) + if (FT_Get_Glyph_Name (face, gindex, name_buf, FC_GLYPHNAME_BUFLEN+1) == 0) if (!strcmp ((char *) name, (char *) name_buf)) return gindex; } @@ -2715,11 +2728,11 @@ FcFreeTypeCharSetAndSpacing (FT_Face face, FcBlanks *blanks, int *spacing) */ if (FcFreeTypeUseNames (face)) { - FcChar8 name_buf[FC_GLYPHNAME_MAXLEN + 2]; + FcChar8 name_buf[FC_GLYPHNAME_BUFLEN + 2]; for (glyph = 0; glyph < (FT_UInt) face->num_glyphs; glyph++) { - if (FT_Get_Glyph_Name (face, glyph, name_buf, FC_GLYPHNAME_MAXLEN+1) == 0) + if (FT_Get_Glyph_Name (face, glyph, name_buf, FC_GLYPHNAME_BUFLEN+1) == 0) { ucs4 = FcGlyphNameToUcs4 (name_buf); if (ucs4 != 0xffff &&