From 0f963b0d3ec417a39f6aa2ba22ba56c2a79d05aa Mon Sep 17 00:00:00 2001 From: Keith Packard Date: Sat, 2 Dec 2006 13:57:45 -0800 Subject: [PATCH] Segfault scanning non-font files. Disallow scan edit of user vars. (#8767) Missing NULL font check before attempting to edit scanned pattern. Also, rules are now checked to ensure all edited variables are in the predefined set; otherwise, the resulting cache files will not be stable. --- src/fcdir.c | 2 +- src/fcint.h | 1 + src/fcxml.c | 6 ++++++ 3 files changed, 8 insertions(+), 1 deletion(-) diff --git a/src/fcdir.c b/src/fcdir.c index d082992..e9e9d19 100644 --- a/src/fcdir.c +++ b/src/fcdir.c @@ -65,7 +65,7 @@ FcFileScanFontConfig (FcFontSet *set, /* * Edit pattern with user-defined rules */ - if (config && !FcConfigSubstituteWithPat (config, font, NULL, FcMatchScan)) + if (font && config && !FcConfigSubstituteWithPat (config, font, NULL, FcMatchScan)) { FcPatternDestroy (font); font = NULL; diff --git a/src/fcint.h b/src/fcint.h index 60563cb..4ab4a74 100644 --- a/src/fcint.h +++ b/src/fcint.h @@ -865,6 +865,7 @@ FcListPatternMatchAny (const FcPattern *p, #define FC_EMBOLDEN_OBJECT 38 #define FC_EMBEDDED_BITMAP_OBJECT 39 #define FC_DECORATIVE_OBJECT 40 +#define FC_MAX_BASE_OBJECT FC_DECORATIVE_OBJECT FcPrivate FcBool FcNameBool (const FcChar8 *v, FcBool *result); diff --git a/src/fcxml.c b/src/fcxml.c index a9453eb..156599c 100644 --- a/src/fcxml.c +++ b/src/fcxml.c @@ -1845,6 +1845,12 @@ FcParseMatch (FcConfigParse *parse) vstack->u.edit->next = edit; edit = vstack->u.edit; vstack->tag = FcVStackNone; + if (kind == FcMatchScan && edit->object > FC_MAX_BASE_OBJECT) + { + FcConfigMessage (parse, FcSevereError, + " cannot edit user-defined object \"%s\"", + FcObjectName(edit->object)); + } break; default: FcConfigMessage (parse, FcSevereWarning, "invalid match element"); -- 2.39.2