diff options
author | snj <snj> | 2006-06-06 07:51:29 +0000 |
---|---|---|
committer | snj <snj> | 2006-06-06 07:51:29 +0000 |
commit | d364d6c27bac764a5f51cb21266fd6ad3be73af7 (patch) | |
tree | b2c4e242b98b5223d598d84a8cc4137976b80fe0 /graphics/freetype2/patches/patch-ah | |
parent | 4f22d4aa10caf3b3d4d6f1c4be2e7749ba118841 (diff) | |
download | pkgsrc-d364d6c27bac764a5f51cb21266fd6ad3be73af7.tar.gz |
Pullup ticket 1686 - requested by salo
security fix for freetype2
Apply patch from salo, mirroring the recent xsrc fixes for CVE-2006-0747,
CVE-2006-1861, and CVE-2006-2661.
Diffstat (limited to 'graphics/freetype2/patches/patch-ah')
-rw-r--r-- | graphics/freetype2/patches/patch-ah | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/graphics/freetype2/patches/patch-ah b/graphics/freetype2/patches/patch-ah new file mode 100644 index 00000000000..3422ce8e90a --- /dev/null +++ b/graphics/freetype2/patches/patch-ah @@ -0,0 +1,32 @@ +$NetBSD: patch-ah,v 1.1.2.1 2006/06/06 07:51:29 snj Exp $ + +--- src/cff/cffload.c.orig 2005-05-06 07:49:46.000000000 +0200 ++++ src/cff/cffload.c 2006-06-05 23:34:29.000000000 +0200 +@@ -1235,7 +1235,7 @@ + } + + /* access element */ +- if ( off1 ) ++ if ( off1 && off2 > off1 ) + { + *pbyte_len = off2 - off1; + +@@ -1688,6 +1688,8 @@ + + for ( i = 0; i < num_glyphs; i++ ) + charset->cids[charset->sids[i]] = (FT_UShort)i; ++ ++ charset->max_cid = max_cid; + } + + Exit: +@@ -2042,6 +2044,9 @@ + goto Exit; + } + ++ /* ensure that 'num_blue_values' is even */ ++ priv->num_blue_values &= ~1; ++ + /* read the local subrs, if any */ + if ( priv->local_subrs_offset ) + { |