Add some memory checks (mainly for debugging).

* src/base/ftstream.c (FT_Stream_EnterFrame): Exit with error if the frame size is larger than the stream size. * src/base/ftsystem.c (ft_ansi_stream_io): Exit with error if seeking a position larger than the stream size.
author: Werner Lemberg <wl@gnu.org> 2010-06-26 09:24:08 +0200
committer: Werner Lemberg <wl@gnu.org> 2010-06-26 09:24:08 +0200
commit: 75787c19eab20874c5d588842c52e59cfbd9302a (patch)
tree: f2607e394d578cf3c9046ceff815090467891292 /src/base
parent: ea5babaa67eeed68041a73933e0a7271960c0505 (diff)
2 files changed, 20 insertions, 3 deletions
diff --git a/src/base/ftstream.c b/src/base/ftstream.c
index b638599d..9b087ac4 100644
--- a/src/base/ftstream.c
+++ b/src/base/ftstream.c
@@ -4,7 +4,7 @@
 /*                                                                         */
 /*    I/O stream support (body).                                           */
 /*                                                                         */
-/*  Copyright 2000-2001, 2002, 2004, 2005, 2006, 2008, 2009 by             */
+/*  Copyright 2000-2001, 2002, 2004, 2005, 2006, 2008, 2009, 2010 by       */
 /*  David Turner, Robert Wilhelm, and Werner Lemberg.                      */
 /*                                                                         */
 /*  This file is part of the FreeType project, and may only be used,       */
@@ -246,6 +246,18 @@
       /* allocate the frame in memory */
       FT_Memory  memory = stream->memory;
 
+
+      /* simple sanity check */
+      if ( count > stream->size )
+      {
+        FT_ERROR(( "FT_Stream_EnterFrame:"
+                   " frame size (%lu) larger than stream size (%lu)\n",
+                   count, stream->size ));
+
+        error = FT_Err_Invalid_Stream_Operation;
+        goto Exit;
+      }
+
 #ifdef FT_DEBUG_MEMORY
       /* assume _ft_debug_file and _ft_debug_lineno are already set */
       stream->base = (unsigned char*)ft_mem_qalloc( memory, count, &error );
diff --git a/src/base/ftsystem.c b/src/base/ftsystem.c
index 4d06d6db..ba86005c 100644
--- a/src/base/ftsystem.c
+++ b/src/base/ftsystem.c
@@ -4,7 +4,7 @@
 /*                                                                         */
 /*    ANSI-specific FreeType low-level system interface (body).            */
 /*                                                                         */
-/*  Copyright 1996-2001, 2002, 2006, 2008, 2009 by                         */
+/*  Copyright 1996-2001, 2002, 2006, 2008, 2009, 2010 by                   */
 /*  David Turner, Robert Wilhelm, and Werner Lemberg.                      */
 /*                                                                         */
 /*  This file is part of the FreeType project, and may only be used,       */
@@ -192,7 +192,9 @@
   /*    count  :: The number of bytes to read from the stream.             */
   /*                                                                       */
   /* <Return>                                                              */
-  /*    The number of bytes actually read.                                 */
+  /*    The number of bytes actually read.  If `count' is zero (this is,   */
+  /*    the function is used for seeking), a non-zero return value         */
+  /*    indicates an error.                                                */
   /*                                                                       */
   FT_CALLBACK_DEF( unsigned long )
   ft_ansi_stream_io( FT_Stream       stream,
@@ -203,6 +205,9 @@
     FT_FILE*  file;
 
 
+    if ( !count && offset > stream->size )
+      return 1;
+
     file = STREAM_FILE( stream );
 
     if ( stream->pos != offset )
author	Werner Lemberg <wl@gnu.org>	2010-06-26 09:24:08 +0200
committer	Werner Lemberg <wl@gnu.org>	2010-06-26 09:24:08 +0200
commit	75787c19eab20874c5d588842c52e59cfbd9302a (patch)
tree	f2607e394d578cf3c9046ceff815090467891292 /src/base
parent	ea5babaa67eeed68041a73933e0a7271960c0505 (diff)