summary refs log tree commit diff
path: root/pkgs/development/libraries/freetype/cve-2017-8287.patch
diff options
context:
space:
mode:
Diffstat (limited to 'pkgs/development/libraries/freetype/cve-2017-8287.patch')
-rw-r--r--pkgs/development/libraries/freetype/cve-2017-8287.patch22
1 files changed, 22 insertions, 0 deletions
diff --git a/pkgs/development/libraries/freetype/cve-2017-8287.patch b/pkgs/development/libraries/freetype/cve-2017-8287.patch
new file mode 100644
index 000000000000..7ccf4f3278b7
--- /dev/null
+++ b/pkgs/development/libraries/freetype/cve-2017-8287.patch
@@ -0,0 +1,22 @@
+http://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=3774fc08b
+
+diff --git a/src/psaux/psobjs.c b/src/psaux/psobjs.c
+index d18e821..0baf836 100644
+--- a/src/psaux/psobjs.c
++++ b/src/psaux/psobjs.c
+@@ -1718,6 +1718,14 @@
+     first = outline->n_contours <= 1
+             ? 0 : outline->contours[outline->n_contours - 2] + 1;
+ 
++    /* in malformed fonts it can happen that a contour was started */
++    /* but no points were added                                    */
++    if ( outline->n_contours && first == outline->n_points )
++    {
++      outline->n_contours--;
++      return;
++    }
++
+     /* We must not include the last point in the path if it */
+     /* is located on the first point.                       */
+     if ( outline->n_points > 1 )
+
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-07-25 12:30:10 +0000