[poppler] fofi/FoFiType1.cc
Albert Astals Cid
aacid at kemper.freedesktop.org
Sun May 27 07:30:35 UTC 2018
fofi/FoFiType1.cc | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
New commits:
commit 18f376c0dff184851b3ee4c05c40b4ee2c21da8c
Author: Albert Astals Cid <aacid at kde.org>
Date: Sun May 27 09:29:49 2018 +0200
FoFiType1::parse: Fix reading past font length
fixes oss-fuzz/8545
diff --git a/fofi/FoFiType1.cc b/fofi/FoFiType1.cc
index ae9dfc4d..b38c2b4c 100644
--- a/fofi/FoFiType1.cc
+++ b/fofi/FoFiType1.cc
@@ -229,8 +229,10 @@ void FoFiType1::parse() {
if (!name &&
(line + 9 <= (char*)file + len) &&
!strncmp(line, "/FontName", 9)) {
- strncpy(buf, line, 255);
- buf[255] = '\0';
+ const auto availableFile = (char*)file + len - line;
+ const int lineLen = availableFile < 255 ? availableFile : 255;
+ strncpy(buf, line, lineLen);
+ buf[lineLen] = '\0';
if ((p = strchr(buf+9, '/')) &&
(p = strtok_r(p+1, " \t\n\r", &tokptr))) {
name = copyString(p);
More information about the poppler
mailing list