You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@pdfbox.apache.org by ti...@apache.org on 2020/12/04 18:40:22 UTC
svn commit: r1884107 -
/pdfbox/trunk/fontbox/src/main/java/org/apache/fontbox/cff/CFFDataInput.java
Author: tilman
Date: Fri Dec 4 18:40:22 2020
New Revision: 1884107
URL: http://svn.apache.org/viewvc?rev=1884107&view=rev
Log:
PDFBOX-5033: throw exception on illegal offSize value
Modified:
pdfbox/trunk/fontbox/src/main/java/org/apache/fontbox/cff/CFFDataInput.java
Modified: pdfbox/trunk/fontbox/src/main/java/org/apache/fontbox/cff/CFFDataInput.java
URL: http://svn.apache.org/viewvc/pdfbox/trunk/fontbox/src/main/java/org/apache/fontbox/cff/CFFDataInput.java?rev=1884107&r1=1884106&r2=1884107&view=diff
==============================================================================
--- pdfbox/trunk/fontbox/src/main/java/org/apache/fontbox/cff/CFFDataInput.java (original)
+++ pdfbox/trunk/fontbox/src/main/java/org/apache/fontbox/cff/CFFDataInput.java Fri Dec 4 18:40:22 2020
@@ -72,13 +72,19 @@ public class CFFDataInput extends DataIn
}
/**
- * Read the offsize from the buffer.
- * @return the offsize
- * @throws IOException if an error occurs during reading
+ * Read offSize from the buffer. This is a 1 byte value between 1 and 4.
+ *
+ * @return the offSize.
+ * @throws IOException if an error occurs during reading or if the value is illegal.
*/
public int readOffSize() throws IOException
{
- return readUnsignedByte();
+ int offSize = readUnsignedByte();
+ if (offSize < 1 || offSize > 4)
+ {
+ throw new IOException("Illegal (< 1 or > 4) offSize value " + offSize + " in CFF font at position " + (getPosition() - 1));
+ }
+ return offSize;
}
/**