path: root/src
AgeCommit message (Expand)AuthorFilesLines
2021-07-14Fix out-of-bounds read in FontFileMakeDir()Alex Richardson1-4/+1
2021-03-02Fix use after free when font server connection lostPeter Harris1-21/+19
2020-03-06Fix crash when font server connection lostPeter Harris1-10/+10
2019-10-25Fix Win32 build since c4ed2e06 "Add some unit testing utilities"Jon Turney2-0/+45
2019-08-17fs_read_glyphs: check if rep is null before dereferencingAlan Coopersmith1-1/+2
2019-08-17CatalogueRescan: if opendir() fails, unref fpes, but don't free the catAlan Coopersmith1-4/+2
2019-08-17ComputeScaledProperties: check for valid pointers before making atomsAlan Coopersmith1-2/+4
2019-08-17stubs/atom.c: check for ResizeHashTable failureAlan Coopersmith1-1/+3
2019-08-17Fix whitespaceMaya Rashish1-1/+1
2019-08-04fontxlfd.c: tell gcc that switch fallthrough is intentionalAlan Coopersmith1-0/+1
2019-08-04Convert multiplying malloc calls to use mallocarray insteadAlan Coopersmith14-28/+39
2019-08-03Convert multiplying realloc calls to use reallocarray insteadAlan Coopersmith10-12/+21
2019-08-03Add reallocarray fallback if not provided by libc nor libbsdAlan Coopersmith2-0/+53
2019-08-03Use bounds checking string functions everywhereAlan Coopersmith8-102/+131
2019-08-03Add strlcat & strlcpy fallbacks if not provided by libc nor libbsdAlan Coopersmith3-0/+158
2018-03-24avoid -Wformat errors from clang when building with -DDEBUGRin Okuyama1-16/+16
2017-11-25Open files with O_NOFOLLOW. (CVE-2017-16611)Michal Srb2-4/+26
2017-10-04pcfGetProperties: Check string boundaries (CVE-2017-13722)Michal Srb1-2/+11
2017-10-04Check for end of string in PatternMatch (CVE-2017-13720)Michal Srb1-1/+3
2016-06-10freetype: Fix a logic error in computing face nameAdam Jackson1-1/+0
2016-05-30fserve: Fix a buffer read overrun in _fs_client_accessJeremy Huddleston Sequoia1-3/+1
2016-05-30fstrans: Remove unused foo() functionJeremy Huddleston Sequoia1-2/+0
2016-05-29fserve: Silence a -Wformat warningJeremy Huddleston Sequoia1-2/+2
2016-05-29bitmap: Bail out on invalid input to FontFileMakeDir instead of calling callo...Jeremy Huddleston Sequoia1-0/+4
2016-05-29FreeType: Correct an allocation sizeJeremy Huddleston Sequoia1-1/+1
2015-12-09Convert to non-recursive build.Matt Turner9-202/+0
2015-12-08Eliminate calls back to X server or font server functions by name (v4)libXfont2-2.0.0Keith Packard74-894/+672
2015-12-08Add compiler warning flags and fix warningsKeith Packard4-9/+10
2015-10-21Use NO_WEAK_SYMBOLS instead of -flat_namespaceJeremy Huddleston Sequoia1-10/+1
2015-10-21stubs: Add missing externs for declarations in the NO_WEAK_SYMBOLS && PIC stu...Jeremy Huddleston Sequoia1-23/+23
2015-10-20Fix is*() usage.Thomas Klausner4-11/+11
2015-07-28bdfReadCharacters: Allow negative DWIDTH valuesBenjamin Tissoires1-1/+1
2015-03-17bdfReadCharacters: ensure metrics fit into xCharInfo struct [CVE-2015-1804]Alan Coopersmith1-2/+24
2015-03-17bdfReadCharacters: bailout if a char's bitmap cannot be read [CVE-2015-1803]Alan Coopersmith1-1/+4
2015-03-17bdfReadProperties: property count needs range check [CVE-2015-1802]Alan Coopersmith1-1/+3
2015-02-26Set close-on-exec for font file I/O.Christos Zoulas2-6/+11
2014-11-05Use 'imdent' to realign cpp indentation levels in fslibos.hAlan Coopersmith1-109/+109
2014-11-05Remove unneeded checks for #ifndef X_NOT_POSIXAlan Coopersmith1-2/+0
2014-06-27Make shared library work on Cygwin/MinGWYaakov Selkowitz25-28/+182
2014-05-23Use default glyphs when getting 16-bit font with 8-bit textKeith Packard1-1/+5
2014-05-23Don't build unused code in bitmapfunc.c if all bitmap formats are disabledAlan Coopersmith1-0/+15
2014-05-23Don't compile bitmap source files for disabled formatsAlan Coopersmith1-7/+17
2014-05-23Drop imake/monolithic compatibility #define mappingAlan Coopersmith2-32/+0
2014-05-12CVE-2014-0210: unvalidated length fields in fs_read_list_info()Alan Coopersmith1-0/+54
2014-05-12CVE-2014-0210: unvalidated length fields in fs_read_list()Alan Coopersmith1-0/+15
2014-05-12CVE-2014-0210: unvalidated length fields in fs_read_glyphs()Alan Coopersmith1-1/+28
2014-05-12CVE-2014-0210: unvalidated length fields in fs_read_extent_info()Alan Coopersmith1-0/+10
2014-05-12CVE-2014-0211: integer overflow in fs_alloc_glyphs()Alan Coopersmith1-1/+6
2014-05-12CVE-2014-0211: integer overflow in fs_read_extent_info()Alan Coopersmith1-1/+11
2014-05-12CVE-2014-0210: unvalidated length fields in fs_read_query_info()Alan Coopersmith2-0/+46