4f3e02f198
* gnu/packages/fontutils.scm (t1lib)[source]: Add patches. * gnu/packages/patches/t1lib-CVE-2010-2642.patch, gnu/packages/patches/t1lib-CVE-2011-0764.patch, gnu/packages/patches/t1lib-CVE-2011-1552+CVE-2011-1553+CVE-2011-1554.patch: New variables. * gnu/local.mk (dist_patch_DATA): Add them.
24 lines
845 B
Diff
24 lines
845 B
Diff
diff --git a/lib/t1lib/parseAFM.c b/lib/t1lib/parseAFM.c
|
|
index 6a31d7f..ba64541 100644
|
|
--- a/lib/t1lib/parseAFM.c
|
|
+++ b/lib/t1lib/parseAFM.c
|
|
@@ -199,7 +199,9 @@ static char *token(stream)
|
|
idx = 0;
|
|
|
|
while (ch != EOF && ch != ' ' && ch != CR && ch != LF &&
|
|
- ch != CTRL_Z && ch != '\t' && ch != ':' && ch != ';'){
|
|
+ ch != CTRL_Z && ch != '\t' && ch != ':' && ch != ';'
|
|
+ && idx < (MAX_NAME -1))
|
|
+ {
|
|
ident[idx++] = ch;
|
|
ch = fgetc(stream);
|
|
} /* while */
|
|
@@ -235,7 +237,7 @@ static char *linetoken(stream)
|
|
while ((ch = fgetc(stream)) == ' ' || ch == '\t' );
|
|
|
|
idx = 0;
|
|
- while (ch != EOF && ch != CR && ch != LF && ch != CTRL_Z)
|
|
+ while (ch != EOF && ch != CR && ch != LF && ch != CTRL_Z && idx < (MAX_NAME - 1))
|
|
{
|
|
ident[idx++] = ch;
|
|
ch = fgetc(stream);
|