[Fontconfig] Re: [PATCH] fix crashes on malformed fonts.cache
Dirk Mueller
dmueller at suse.de
Mon Feb 6 05:00:56 PST 2006
On Saturday 04 February 2006 00:05, Patrick Lam wrote:
> Other places probably ought to be fixed similarly, although this is
> unlikely to happen by chance.
I'll submit patches once I get around to do it.
> > - if (nfont > 0)
> > + if (nfont > 0 && s->nfont < s->nfont + nfont)
> I'm about to commit the correct version of this patch, which doesn't
> include the inadvertently wholly redundant check...
I'm sorry, but the check is not redundant. nfont is signed integer, and above
protects against an integer overflow.
A whole better check would be to sanitize it to be < bytes_left_in_the_cache,
since one can assume that each font eats at least one byte, but I found that
much harder to check for..
Dirk
More information about the Fontconfig
mailing list