src/fcfreetype.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
New commits:
commit fc7e1a9497919c88d790d9395eb01cd7d5121507
Author: Behdad Esfahbod <behdad@xxxxxxxxxx>
Date: Fri Dec 12 21:42:35 2014 -0800
Fix buffer overflow in copying PS name
As reported on the mailing list by Tanel Liiv. Found using American Fuzzy Lop.
diff --git a/src/fcfreetype.c b/src/fcfreetype.c
index aca2f70..da66741 100644
--- a/src/fcfreetype.c
+++ b/src/fcfreetype.c
@@ -1556,7 +1556,8 @@ FcFreeTypeQueryFace (const FT_Face face,
}
else
{
- strcpy (psname, tmp);
+ strncpy (psname, tmp, 255);
+ psname[255] = 0;
}
if (!FcPatternAddString (pat, FC_POSTSCRIPT_NAME, (const FcChar8 *)psname))
goto bail1;
_______________________________________________
Fontconfig mailing list
Fontconfig@xxxxxxxxxxxxxxxxxxxxx
http://lists.freedesktop.org/mailman/listinfo/fontconfig
