From a68ce9525dedc06fd4da102492e8d1c6137b3664 Mon Sep 17 00:00:00 2001
From: Patrick Lam <plam@MIT.EDU>
Date: Sat, 18 Feb 2006 17:56:25 +0000
Subject: [PATCH] Fix segfault (reported by fcrozat) caused by incorrect input
 on cache     files.

---
 ChangeLog     |  6 ++++++
 src/fccache.c | 21 +++++++++++++--------
 2 files changed, 19 insertions(+), 8 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index bb5303f..840a372 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2006-02-18  Patrick Lam  <plam@mit.edu>
+	* src/fccache.c (FcDirCacheHasCurrentArch):
+
+	Fix segfault (reported by fcrozat) caused by incorrect
+	input on cache files.
+
 2006-02-17  Patrick Lam  <plam@mit.edu>
 	* src/fcint.h  (FC_CACHE_MAGIC):
 
diff --git a/src/fccache.c b/src/fccache.c
index 6385d3f..da4abc7 100644
--- a/src/fccache.c
+++ b/src/fccache.c
@@ -760,6 +760,7 @@ FcDirCacheHasCurrentArch (const FcChar8 *dir)
     off_t	current_arch_start;
     char 	*current_arch_machine_name;
     FcCache	metadata;
+    char 	subdirName[FC_MAX_FILE_LEN + 1 + 12 + 1];
 
     fd = FcDirCacheOpen (dir);
     if (fd < 0)
@@ -770,17 +771,19 @@ FcDirCacheHasCurrentArch (const FcChar8 *dir)
 
     if (current_arch_start >= 0)
     {
+	if (lseek (fd, current_arch_start, SEEK_SET) != current_arch_start)
+	    goto bail1;
+
+	FcCacheSkipString (fd);
+
+	while (FcCacheReadString (fd, subdirName, sizeof (subdirName)) && strlen (subdirName) > 0)
+	    ;
+
         if (read(fd, &metadata, sizeof(FcCache)) != sizeof(FcCache))
-        {
-            close (fd);
-            return FcFalse;
-        }
+	    goto bail1;
 
         if (metadata.magic != FC_CACHE_MAGIC)
-        {
-            close (fd);
-            return FcFalse;
-        }
+	    goto bail1;
     }
 
     close (fd);
@@ -790,6 +793,8 @@ FcDirCacheHasCurrentArch (const FcChar8 *dir)
     
     return FcTrue;
 
+ bail1:
+    close (fd);
  bail:
     return FcFalse;
 }