Segfault scanning non-font files. Disallow scan edit of user vars. (#8767)

Missing NULL font check before attempting to edit scanned pattern. Also, <match target="scan"> rules are now checked to ensure all edited variables are in the predefined set; otherwise, the resulting cache files will not be stable.
2006-12-02 13:57:45 -08:00 · 2006-12-02 13:57:45 -08:00 · 0f963b0d3e
parent c9c6875014
commit 0f963b0d3e
3 changed files with 8 additions and 1 deletions
--- a/src/fcdir.c
+++ b/src/fcdir.c
@ -65,7 +65,7 @@ FcFileScanFontConfig (FcFontSet		*set,
 	/*
 	 * Edit pattern with user-defined rules
 	 */
-	if (config && !FcConfigSubstituteWithPat (config, font, NULL, FcMatchScan))
+	if (font && config && !FcConfigSubstituteWithPat (config, font, NULL, FcMatchScan))
 	{
 	    FcPatternDestroy (font);
 	    font = NULL;
--- a/src/fcint.h
+++ b/src/fcint.h
@ -865,6 +865,7 @@ FcListPatternMatchAny (const FcPattern *p,
 #define FC_EMBOLDEN_OBJECT	38
 #define FC_EMBEDDED_BITMAP_OBJECT	39
 #define FC_DECORATIVE_OBJECT	40
+#define FC_MAX_BASE_OBJECT	FC_DECORATIVE_OBJECT

 FcPrivate FcBool
 FcNameBool (const FcChar8 *v, FcBool *result);
--- a/src/fcxml.c
+++ b/src/fcxml.c
@ -1845,6 +1845,12 @@ FcParseMatch (FcConfigParse *parse)
 	    vstack->u.edit->next = edit;
 	    edit = vstack->u.edit;
 	    vstack->tag = FcVStackNone;
+	    if (kind == FcMatchScan && edit->object > FC_MAX_BASE_OBJECT)
+	    {
+		FcConfigMessage (parse, FcSevereError, 
+				 "<match target=\"scan\"> cannot edit user-defined object \"%s\"",
+				 FcObjectName(edit->object));
+	    }
 	    break;
 	default:
 	    FcConfigMessage (parse, FcSevereWarning, "invalid match element");