walkero
/
fontconfig
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fix buffer overflow in copying PS name 

As reported on the mailing list by Tanel Liiv.  Found using American Fuzzy Lop.
This commit is contained in:
Behdad Esfahbod 2014-12-12 21:42:35 -08:00
parent 32ac7c75e8
commit fc7e1a9497
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/fcfreetype.c
View File

@ -1556,7 +1556,8 @@ FcFreeTypeQueryFace (const FT_Face face,
} }
else else
{ {
strcpy (psname, tmp); strncpy (psname, tmp, 255);
psname[255] = 0;
} }
if (!FcPatternAddString (pat, FC_POSTSCRIPT_NAME, (const FcChar8 *)psname)) if (!FcPatternAddString (pat, FC_POSTSCRIPT_NAME, (const FcChar8 *)psname))
goto bail1; goto bail1;