diff options
| author | Caolán McNamara <caolanm@redhat.com> | 2018-02-07 17:39:05 +0000 |
|---|---|---|
| committer | Caolán McNamara <caolanm@redhat.com> | 2018-02-09 10:15:50 +0000 |
| commit | 683d9883ad8fd6568e6a7832e5bb347c1d043e4b (patch) | |
| tree | 516c09b93678d89e762309e840f73291bb3d35cb | |
| parent | 1828490bb22f1c8273c4a9f5b1db819b173ca70d (diff) | |
check cmap offset
Change-Id: I5aae26c38f3645020f0e1d6d7b6877c2727af1b4
| -rw-r--r-- | vcl/source/fontsubset/sft.cxx | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/vcl/source/fontsubset/sft.cxx b/vcl/source/fontsubset/sft.cxx index b4fa7fd71495..4f91edbe31aa 100644 --- a/vcl/source/fontsubset/sft.cxx +++ b/vcl/source/fontsubset/sft.cxx @@ -1320,6 +1320,13 @@ static void FindCmap(TrueTypeFont *ttf) } if (ttf->cmapType != CMAP_NOT_USABLE) { + if( (ttf->cmap - ttf->ptr + 2) > static_cast<sal_uInt32>(ttf->fsize) ) { + ttf->cmapType = CMAP_NOT_USABLE; + ttf->cmap = nullptr; + } + } + + if (ttf->cmapType != CMAP_NOT_USABLE) { switch (GetUInt16(ttf->cmap, 0)) { case 0: ttf->mapper = getGlyph0; break; case 2: ttf->mapper = getGlyph2; break; |