From c55aa147c33eb733ab552d404a88749cb6ff6d73 Mon Sep 17 00:00:00 2001 From: Ebrahim Byagowi Date: Wed, 18 Apr 2018 00:01:20 +0430 Subject: [PATCH] Do sanitization before the use on 'main' mini-program (#994) --- src/main.cc | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/src/main.cc b/src/main.cc index d221e9da2..9423a728a 100644 --- a/src/main.cc +++ b/src/main.cc @@ -51,11 +51,15 @@ main (int argc, char **argv) const char *font_data = nullptr; int len = 0; + hb_destroy_func_t destroy; + hb_memory_mode_t mm; #ifdef HAVE_GLIB GMappedFile *mf = g_mapped_file_new (argv[1], false, nullptr); font_data = g_mapped_file_get_contents (mf); len = g_mapped_file_get_length (mf); + destroy = (hb_destroy_func_t) g_mapped_file_unref; + mm = HB_MEMORY_MODE_READONLY_MAY_MAKE_WRITABLE; #else FILE *f = fopen (argv[1], "rb"); fseek (f, 0, SEEK_END); @@ -63,11 +67,23 @@ main (int argc, char **argv) fseek (f, 0, SEEK_SET); font_data = (const char *) malloc (len); len = fread ((char *) font_data, 1, len, f); + destroy = free; + mm = HB_MEMORY_MODE_WRITABLE; #endif printf ("Opened font file %s: %d bytes long\n", argv[1], len); - const OpenTypeFontFile &ot = *CastP (font_data); + Sanitizer sanitizer; + hb_blob_t *blob = hb_blob_create (font_data, len, mm, (void *) font_data, destroy); + hb_blob_t *font_blob = sanitizer.sanitize (blob); + const OpenTypeFontFile* sanitized = Sanitizer::lock_instance (font_blob); + if (sanitized == &Null (OpenTypeFontFile)) + { + printf ("Sanitization of the file wasn't successful. Exit"); + return 1; + } + const OpenTypeFontFile& ot = *sanitized; + switch (ot.get_tag ()) { case OpenTypeFontFile::TrueTypeTag: @@ -101,7 +117,7 @@ main (int argc, char **argv) for (int n_table = 0; n_table < num_tables; n_table++) { const OpenTypeTable &table = font.get_table (n_table); printf (" Table %2d of %2d: %.4s (0x%08x+0x%08x)\n", n_table, num_tables, - (const char *)table.tag, + (const char *) table.tag, (unsigned int) table.offset, (unsigned int) table.length); @@ -197,5 +213,3 @@ main (int argc, char **argv) return 0; } - -