[PATCH 5/5] usp10: Validate positioning record sequence indices in GPOS_apply_ContextPos().
Aric Stewart
aric at codeweavers.com
Tue Apr 18 06:59:38 CDT 2017
Signed-off-by: Aric Stewart <aric at codeweavers.com>
On 4/17/17 1:27 PM, Henri Verbeet wrote:
> Signed-off-by: Henri Verbeet <hverbeet at codeweavers.com>
> ---
> dlls/usp10/opentype.c | 19 ++++++++++++++-----
> 1 file changed, 14 insertions(+), 5 deletions(-)
>
> diff --git a/dlls/usp10/opentype.c b/dlls/usp10/opentype.c
> index e190b92..d2e0fc5 100644
> --- a/dlls/usp10/opentype.c
> +++ b/dlls/usp10/opentype.c
> @@ -2195,12 +2195,21 @@ static unsigned int GPOS_apply_ContextPos(const ScriptCache *script_cache, const
>
> for (l = 0; l < GET_BE_WORD(pr->PosCount); l++)
> {
> - int lookupIndex = GET_BE_WORD(pr_2->PosLookupRecord[l].LookupListIndex);
> - int SequenceIndex = GET_BE_WORD(pr_2->PosLookupRecord[l].SequenceIndex) * write_dir;
> + unsigned int lookup_index = GET_BE_WORD(pr_2->PosLookupRecord[l].LookupListIndex);
> + unsigned int sequence_index = GET_BE_WORD(pr_2->PosLookupRecord[l].SequenceIndex);
>
> - TRACE("Position: %i -> %i %i\n",l, SequenceIndex, lookupIndex);
> - GPOS_apply_lookup(script_cache, otm, logfont, analysis, advance, lookup, lookupIndex,
> - glyphs, glyph_index + SequenceIndex, glyph_count, goffset);
> + g = glyph_index + write_dir * sequence_index;
> + if (g >= glyph_count)
> + {
> + WARN("Invalid sequence index %u (glyph index %u, write dir %d).\n",
> + sequence_index, glyph_index, write_dir);
> + continue;
> + }
> +
> + TRACE("Position: %u -> %u %u.\n", l, sequence_index, lookup_index);
> +
> + GPOS_apply_lookup(script_cache, otm, logfont, analysis, advance,
> + lookup, lookup_index, glyphs, g, glyph_count, goffset);
> }
> return 1;
> }
>
More information about the wine-patches
mailing list