Insert check for integer overflow in # of fonts.

reviewed by: plam
2006-02-06 14:14:21 +00:00 · 2006-02-06 14:14:21 +00:00 · f076169d19
parent 788c4af232
commit f076169d19
2 changed files with 8 additions and 1 deletions
--- a/7
+++ b/7
@ -1,3 +1,10 @@
+2006-02-06  Dirk Mueller  <dmueller@suse.de>
+	reviewed by: plam
+
+	* src/fcfs.c (FcFontSetUnserialize):
+
+	Insert check for integer overflow in # of fonts.
+
 2006-02-04  Behdad Esfahbod  <behdad@cs.toronto.edu>
 	reviewed by: plam

--- a/src/fcfs.c
+++ b/src/fcfs.c
@ -159,7 +159,7 @@ FcFontSetUnserialize(FcCache * metadata, FcFontSet * s, void * block_ptr)
    nfont = *(int *)block_ptr;
    block_ptr = (int *)block_ptr + 1;

-    if (nfont > 0)
+    if (nfont > 0 && nfont < metadata.count)
    {
 	FcPattern * p = (FcPattern *)block_ptr;