summaryrefslogtreecommitdiff
path: root/t1lib/CVE-2010-2642.patch
blob: cd5488958568ec4b23fb201229037b370e273ab1 (plain) 
    1 diff --git a/lib/t1lib/parseAFM.c b/lib/t1lib/parseAFM.c
    2 index 6a31d7f..ba64541 100644
    3 --- a/lib/t1lib/parseAFM.c
    4 +++ b/lib/t1lib/parseAFM.c
    5 @@ -199,7 +199,9 @@ static char *token(stream)
    6      idx = 0;
    7      
    8      while (ch != EOF && ch != ' ' && ch != CR  && ch != LF &&
    9 -	   ch != CTRL_Z && ch != '\t' && ch != ':' && ch != ';'){
   10 +	   ch != CTRL_Z && ch != '\t' && ch != ':' && ch != ';'
   11 +     && idx < (MAX_NAME -1))
   12 +    {
   13        ident[idx++] = ch;
   14        ch = fgetc(stream);
   15      } /* while */
   16 @@ -235,7 +237,7 @@ static char *linetoken(stream)
   17      while ((ch = fgetc(stream)) == ' ' || ch == '\t' ); 
   18      
   19      idx = 0;
   20 -    while (ch != EOF && ch != CR  && ch != LF && ch != CTRL_Z) 
   21 +    while (ch != EOF && ch != CR  && ch != LF && ch != CTRL_Z && idx < (MAX_NAME - 1)) 
   22      {
   23          ident[idx++] = ch;
   24          ch = fgetc(stream);

Generated by cgit