From c80a08d6bf08a27ede95035f3f02cd5abfa2cafd Mon Sep 17 00:00:00 2001 From: Keith Packard Date: Mon, 12 Mar 2007 10:32:23 -0700 Subject: [PATCH] Work around FreeType bug when glyph name buffer is too small. Recent versions of FreeType do not correctly deal with glyph name buffers that are too small; work around this by declaring a buffer that can hold any PS name (127 bytes). --- src/fcfreetype.c | 21 +++++++++++++++++---- 1 file changed, 17 insertions(+), 4 deletions(-) diff --git a/src/fcfreetype.c b/src/fcfreetype.c index e2bcb15..c79ab3b 100644 --- a/src/fcfreetype.c +++ b/src/fcfreetype.c @@ -2412,6 +2412,19 @@ FcGlyphNameToUcs4 (FcChar8 *name) return 0xffff; } +/* + * Work around a bug in some FreeType versions which fail + * to correctly bounds check glyph name buffers and overwrite + * the stack. As Postscript names have a limit of 127 characters, + * this should be sufficient. + */ + +#if FC_GLYPHNAME_MAXLEN < 127 +# define FC_GLYPHNAME_BUFLEN 127 +#else +# define FC_GLYPHNAME_BUFLEN FC_GLYPHNAME_MAXLEN +#endif + /* * Search through a font for a glyph by name. This is * currently a linear search as there doesn't appear to be @@ -2421,11 +2434,11 @@ static FT_UInt FcFreeTypeGlyphNameIndex (FT_Face face, const FcChar8 *name) { FT_UInt gindex; - FcChar8 name_buf[FC_GLYPHNAME_MAXLEN + 2]; + FcChar8 name_buf[FC_GLYPHNAME_BUFLEN + 2]; for (gindex = 0; gindex < (FT_UInt) face->num_glyphs; gindex++) { - if (FT_Get_Glyph_Name (face, gindex, name_buf, FC_GLYPHNAME_MAXLEN+1) == 0) + if (FT_Get_Glyph_Name (face, gindex, name_buf, FC_GLYPHNAME_BUFLEN+1) == 0) if (!strcmp ((char *) name, (char *) name_buf)) return gindex; } @@ -2715,11 +2728,11 @@ FcFreeTypeCharSetAndSpacing (FT_Face face, FcBlanks *blanks, int *spacing) */ if (FcFreeTypeUseNames (face)) { - FcChar8 name_buf[FC_GLYPHNAME_MAXLEN + 2]; + FcChar8 name_buf[FC_GLYPHNAME_BUFLEN + 2]; for (glyph = 0; glyph < (FT_UInt) face->num_glyphs; glyph++) { - if (FT_Get_Glyph_Name (face, glyph, name_buf, FC_GLYPHNAME_MAXLEN+1) == 0) + if (FT_Get_Glyph_Name (face, glyph, name_buf, FC_GLYPHNAME_BUFLEN+1) == 0) { ucs4 = FcGlyphNameToUcs4 (name_buf); if (ucs4 != 0xffff && -- 2.39.5