You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pdfbox.apache.org by le...@apache.org on 2021/11/26 15:13:06 UTC
svn commit: r1895356 - in /pdfbox/branches/2.0/fontbox/src: main/java/org/apache/fontbox/ttf/TrueTypeCollection.java test/java/org/apache/fontbox/ttf/TrueTypeFontCollectionTest.java
Author: lehmi
Date: Fri Nov 26 15:13:06 2021
New Revision: 1895356
URL: http://svn.apache.org/viewvc?rev=1895356&view=rev
Log:
PDFBOX-5333: check number of fonts for invalid values
Added:
pdfbox/branches/2.0/fontbox/src/test/java/org/apache/fontbox/ttf/TrueTypeFontCollectionTest.java (with props)
Modified:
pdfbox/branches/2.0/fontbox/src/main/java/org/apache/fontbox/ttf/TrueTypeCollection.java
Modified: pdfbox/branches/2.0/fontbox/src/main/java/org/apache/fontbox/ttf/TrueTypeCollection.java
URL: http://svn.apache.org/viewvc/pdfbox/branches/2.0/fontbox/src/main/java/org/apache/fontbox/ttf/TrueTypeCollection.java?rev=1895356&r1=1895355&r2=1895356&view=diff
==============================================================================
--- pdfbox/branches/2.0/fontbox/src/main/java/org/apache/fontbox/ttf/TrueTypeCollection.java (original)
+++ pdfbox/branches/2.0/fontbox/src/main/java/org/apache/fontbox/ttf/TrueTypeCollection.java Fri Nov 26 15:13:06 2021
@@ -74,6 +74,10 @@ public class TrueTypeCollection implemen
}
float version = stream.read32Fixed();
numFonts = (int)stream.readUnsignedInt();
+ if (numFonts <= 0 || numFonts > 1024)
+ {
+ throw new IOException("Invalid number of fonts " + numFonts);
+ }
fontOffsets = new long[numFonts];
for (int i = 0; i < numFonts; i++)
{
Added: pdfbox/branches/2.0/fontbox/src/test/java/org/apache/fontbox/ttf/TrueTypeFontCollectionTest.java
URL: http://svn.apache.org/viewvc/pdfbox/branches/2.0/fontbox/src/test/java/org/apache/fontbox/ttf/TrueTypeFontCollectionTest.java?rev=1895356&view=auto
==============================================================================
--- pdfbox/branches/2.0/fontbox/src/test/java/org/apache/fontbox/ttf/TrueTypeFontCollectionTest.java (added)
+++ pdfbox/branches/2.0/fontbox/src/test/java/org/apache/fontbox/ttf/TrueTypeFontCollectionTest.java Fri Nov 26 15:13:06 2021
@@ -0,0 +1,46 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.fontbox.ttf;
+
+import static org.junit.Assert.fail;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+
+import org.junit.Test;
+
+public class TrueTypeFontCollectionTest
+{
+ @Test
+ public void testNumberOfFonts()
+ {
+ byte[] payload = { 0x74, 0x74, 0x63, 0x66, 0x00, 0x00, 0x00, 0x00, 0x7F, (byte) 0xFF,
+ (byte) 0xFF, (byte) 0xFF };
+ try
+ {
+ new TrueTypeCollection(new ByteArrayInputStream(payload));
+ }
+ catch (IOException exception)
+ {
+ // this is the expected behaviour
+ }
+ catch (Throwable throwable)
+ {
+ fail("Invalid number of fonts not detected!");
+ }
+ }
+}
Propchange: pdfbox/branches/2.0/fontbox/src/test/java/org/apache/fontbox/ttf/TrueTypeFontCollectionTest.java
------------------------------------------------------------------------------
svn:eol-style = native