all messages for Guix-related lists mirrored at yhetil.org
 help / color / mirror / code / Atom feed
blob 680f357765ba5b9dca70ef49fe89a3090c039bed 860 bytes (raw)
name: gnu/packages/patches/freetype-CVE-2018-6942.patch 	 # note: path name is non-authoritative(*)
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31

 
Fix CVE-2018-6942:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6942
https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-6942.html

Copied from upstream (ChangeLog section removed):
https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=29c759284e305ec428703c9a5831d0b1fc3497ef

diff --git a/src/truetype/ttinterp.c b/src/truetype/ttinterp.c
index d855aaa..551f14a 100644
--- a/src/truetype/ttinterp.c
+++ b/src/truetype/ttinterp.c
@@ -7532,8 +7532,16 @@
       return;
     }
 
-    for ( i = 0; i < num_axes; i++ )
-      args[i] = coords[i] >> 2; /* convert 16.16 to 2.14 format */
+    if ( coords )
+    {
+      for ( i = 0; i < num_axes; i++ )
+        args[i] = coords[i] >> 2; /* convert 16.16 to 2.14 format */
+    }
+    else
+    {
+      for ( i = 0; i < num_axes; i++ )
+        args[i] = 0;
+    }
   }
 
 

debug log:

solving 680f35776 ...
found 680f35776 in https://git.savannah.gnu.org/cgit/guix.git

(*) Git path names are given by the tree(s) the blob belongs to.
    Blobs themselves have no identifier aside from the hash of its contents.^
Code repositories for project(s) associated with this external index

	https://git.savannah.gnu.org/cgit/guix.git

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.