pool/woff2
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add upstream patch

Browse Source 
OBS-URL: https://build.opensuse.org/package/show/M17N/woff2?expand=0&rev=8
This commit is contained in:
Bjørn Lie 2018-07-24 09:36:02 +00:00 committed by Git OBS Bridge
parent 2568bf86b6
commit 13db0fa82f
3 changed files with 52 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
woff2-fix-overflow-when-decoding-glyf.patch Normal file
View File

@ -0,0 +1,47 @@
From 3831354113db8803fb1f5ba196cf0bbb537578dd Mon Sep 17 00:00:00 2001
From: Garret Rieger <grieger@google.com>
Date: Thu, 31 May 2018 17:54:06 -0700
Subject: [PATCH] [subset] Check for overflow when decoding glyf.
---
src/woff2_dec.cc | 19 ++++++++++++++++---
1 file changed, 16 insertions(+), 3 deletions(-)
diff --git a/src/woff2_dec.cc b/src/woff2_dec.cc
index 8186c8e..25e18c6 100644
--- a/src/woff2_dec.cc
+++ b/src/woff2_dec.cc
@@ -111,6 +111,16 @@ int WithSign(int flag, int baseval) {
return (flag & 1) ? baseval : -baseval;
}
+bool _SafeIntAddition(int a, int b, int* result) {
+ if (PREDICT_FALSE(
+ ((a > 0) && (b > std::numeric_limits<int>::max() - a)) ||
+ ((a < 0) && (b < std::numeric_limits<int>::min() - a)))) {
+ return false;
+ }
+ *result = a + b;
+ return true;
+}
+
bool TripletDecode(const uint8_t* flags_in, const uint8_t* in, size_t in_size,
unsigned int n_points, Point* result, size_t* in_bytes_consumed) {
int x = 0;
@@ -166,9 +176,12 @@ bool TripletDecode(const uint8_t* flags_in, const uint8_t* in, size_t in_size,
(in[triplet_index + 2] << 8) + in[triplet_index + 3]);
}
triplet_index += n_data_bytes;
- // Possible overflow but coordinate values are not security sensitive
- x += dx;
- y += dy;
+ if (!_SafeIntAddition(x, dx, &x)) {
+ return false;
+ }
+ if (!_SafeIntAddition(y, dy, &y)) {
+ return false;
+ }
*result++ = {x, y, on_curve};
}
*in_bytes_consumed = triplet_index;

2
woff2.changes
View File

@ -1,6 +1,8 @@
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Jul 24 08:57:10 UTC 2018 - bjorn.lie@gmail.com Tue Jul 24 08:57:10 UTC 2018 - bjorn.lie@gmail.com
- Add woff2-fix-overflow-when-decoding-glyf.patch: Check for
overflow when decoding glyf.
- Add libwoff2dec1_0_2 and libwoff2enc1_0_2 to baselibs.conf too. - Add libwoff2dec1_0_2 and libwoff2enc1_0_2 to baselibs.conf too.
------------------------------------------------------------------- -------------------------------------------------------------------

4
woff2.spec
View File

@ -27,6 +27,8 @@ Group: Development/Libraries/C and C++
URL: https://github.com/google/woff2 URL: https://github.com/google/woff2
Source0: https://github.com/google/woff2/archive/v%{version}/%{name}-%{version}.tar.gz Source0: https://github.com/google/woff2/archive/v%{version}/%{name}-%{version}.tar.gz
Source99: baselibs.conf Source99: baselibs.conf
# PATCH-FIX-UPSTREAM woff2-fix-overflow-when-decoding-glyf.patch -- Check for overflow when decoding glyf
Patch0: woff2-fix-overflow-when-decoding-glyf.patch
BuildRequires: cmake BuildRequires: cmake
BuildRequires: gcc-c++ BuildRequires: gcc-c++
@ -97,7 +99,7 @@ efficiently package fonts linked to Web documents by means of CSS
This package contains development files for %{name}. This package contains development files for %{name}.
%prep %prep
%autosetup %autosetup -p1
%build %build
%cmake \ %cmake \