diff options
| author | Albert Astals Cid <aacid@kde.org> | 2014-03-28 11:08:18 +0100 |
|---|---|---|
| committer | Albert Astals Cid <aacid@kde.org> | 2014-03-28 11:08:31 +0100 |
| commit | 49b4eb68ee646aefe49b70f9e2831ebf93576053 (patch) | |
| tree | 167061578614b521c542bb5ad2cc989fec705e1d | |
| parent | 89a64b508e5f8445798c95fcec6c87180f6c9b73 (diff) | |
Fix error reported by ASAN in 590.asan.0.7288.pdf
==31898== ERROR: AddressSanitizer: heap-use-after-free on address 0x60ae0007432c at pc 0x7f03483026aa bp 0x7fff6ec0c820 sp 0x7fff6ec0c818
READ of size 4 at 0x60ae0007432c thread T0
#0 0x7f03483026a9 in SplashFTFont::getGlyphPath(int) /home/tsdgeos/devel/poppler/splash/SplashFTFont.cc:414
#1 0x7f034829f681 in SplashOutputDev::drawChar(GfxState*, double, double, double, double, double, double, unsigned int, int, unsigned int*, int) /home/tsdgeos/devel/poppler/poppler/SplashOutputDev.cc:2239
#2 0x7f0348100599 in Gfx::doShowText(GooString*) /home/tsdgeos/devel/poppler/poppler/Gfx.cc:4054
#3 0x7f03480fddb0 in Gfx::opShowSpaceText(Object*, int) /home/tsdgeos/devel/poppler/poppler/Gfx.cc:3886
#4 0x7f03480dc33a in Gfx::execOp(Object*, Object*, int) /home/tsdgeos/devel/poppler/poppler/Gfx.cc:903
#5 0x7f03480db50f in Gfx::go(bool) /home/tsdgeos/devel/poppler/poppler/Gfx.cc:762
#6 0x7f03480db163 in Gfx::display(Object*, bool) /home/tsdgeos/devel/poppler/poppler/Gfx.cc:728
#7 0x7f03481bddd1 in Page::displaySlice(OutputDev*, double, double, int, bool, bool, int, int, int, int, bool, bool (*)(void*), void*, bool (*)(Annot*, void*), void*, bool) /home/tsdgeos/devel/poppler/poppler/Page.cc:585
#8 0x7f03481c52fd in PDFDoc::displayPageSlice(OutputDev*, int, double, double, int, bool, bool, bool, int, int, int, int, bool (*)(void*), void*, bool (*)(Annot*, void*), void*, bool) /home/tsdgeos/devel/poppler/poppler/PDFDoc.cc:503
#9 0x40311e in savePageSlice(PDFDoc*, SplashOutputDev*, int, int, int, int, int, double, double, char*) /home/tsdgeos/devel/poppler/utils/pdftoppm.cc:222
#10 0x404416 in main /home/tsdgeos/devel/poppler/utils/pdftoppm.cc:521
#11 0x7f03477e5ec4 (/lib/x86_64-linux-gnu/libc.so.6+0x21ec4)
#12 0x401d58 in _start (/home/tsdgeos/devel/poppler/build-debug/utils/pdftoppm+0x401d58)
| -rw-r--r-- | splash/SplashFTFont.cc | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/splash/SplashFTFont.cc b/splash/SplashFTFont.cc index aca88671..b785826d 100644 --- a/splash/SplashFTFont.cc +++ b/splash/SplashFTFont.cc @@ -410,7 +410,7 @@ SplashPath *SplashFTFont::getGlyphPath(int c) { ff->face->size = sizeObj; FT_Set_Transform(ff->face, &textMatrix, NULL); slot = ff->face->glyph; - if (ff->codeToGID && c < ff->codeToGIDLen) { + if (ff->codeToGID && c < ff->codeToGIDLen && c >= 0) { gid = ff->codeToGID[c]; } else { gid = (FT_UInt)c; |