Skip to content
Permalink
Browse files Browse the repository at this point in the history
writet1 protection against buffer overflow
git-svn-id: svn://tug.org/texlive/trunk/Build/source@48697 c570f23f-e606-0410-a88d-b1316a301751
  • Loading branch information
norbusan committed Sep 19, 2018
1 parent 05b9546 commit 6ed0077
Show file tree
Hide file tree
Showing 6 changed files with 20 additions and 0 deletions.
5 changes: 5 additions & 0 deletions texk/dvipsk/ChangeLog
@@ -1,3 +1,8 @@
2018-09-18 Nick Roessler <nicholas.e.roessler@gmail.com>

* writet1.c (t1_check_unusual_charstring): protect against buffer
overflow.

2018-04-14 Karl Berry <karl@tug.org>

* Version 5.998 for TeX Live 2018 release.
Expand Down
2 changes: 2 additions & 0 deletions texk/dvipsk/writet1.c
Expand Up @@ -1449,7 +1449,9 @@ static void t1_check_unusual_charstring(void)
*(strend(t1_buf_array) - 1) = ' ';

t1_getline();
alloc_array(t1_buf, strlen(t1_line_array) + strlen(t1_buf_array) + 1, T1_BUF_SIZE);
strcat(t1_buf_array, t1_line_array);
alloc_array(t1_line, strlen(t1_buf_array) + 1, T1_BUF_SIZE);
strcpy(t1_line_array, t1_buf_array);
t1_line_ptr = eol(t1_line_array);
}
Expand Down
4 changes: 4 additions & 0 deletions texk/web2c/luatexdir/ChangeLog
@@ -1,3 +1,7 @@
2018-09-18 Nick Roessler <nicholas.e.roessler@gmail.com>
* fonts/writet1.w (t1_check_unusual_charstring): protect against
buffer overflow.

2018-08-27 Luigi Scarso <luigi.scarso@gmail.com>
* dropped dependency from gmp and mpfr

Expand Down
2 changes: 2 additions & 0 deletions texk/web2c/luatexdir/font/writet1.c
Expand Up @@ -1581,7 +1581,9 @@ static void t1_check_unusual_charstring(void)
if (sscanf(p, "%i", &i) != 1) {
strcpy(t1_buf_array, t1_line_array);
t1_getline();
alloc_array(t1_buf, strlen(t1_line_array) + strlen(t1_buf_array) + 1, T1_BUF_SIZE);
strcat(t1_buf_array, t1_line_array);
alloc_array(t1_line, strlen(t1_buf_array) + 1, T1_BUF_SIZE);
strcpy(t1_line_array, t1_buf_array);
t1_line_ptr = eol(t1_line_array);
}
Expand Down
5 changes: 5 additions & 0 deletions texk/web2c/pdftexdir/ChangeLog
@@ -1,3 +1,8 @@
2018-09-18 Nick Roessler <nicholas.e.roessler@gmail.com>

* writet1.c (t1_check_unusual_charstring): protect against buffer
overflow.

2018-09-09 Karl Berry <karl@tug.org>

* expanded.test,
Expand Down
2 changes: 2 additions & 0 deletions texk/web2c/pdftexdir/writet1.c
Expand Up @@ -1598,7 +1598,9 @@ static void t1_check_unusual_charstring(void)
*(strend(t1_buf_array) - 1) = ' ';

t1_getline();
alloc_array(t1_buf, strlen(t1_line_array) + strlen(t1_buf_array) + 1, T1_BUF_SIZE);
strcat(t1_buf_array, t1_line_array);
alloc_array(t1_line, strlen(t1_buf_array) + 1, T1_BUF_SIZE);
strcpy(t1_line_array, t1_buf_array);
t1_line_ptr = eol(t1_line_array);
}
Expand Down

0 comments on commit 6ed0077

Please sign in to comment.