fofi/FoFiType1.cc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-)
New commits: commit b8cf8b04cbd1c0c5643cc77ed7b0b60525ecf080 Author: Albert Astals Cid <[email protected]> Date: Mon May 28 23:51:32 2018 +0200 FoFiType1::parse: Don't copy to buf more than the available file fixes oss-fuzz/8576 diff --git a/fofi/FoFiType1.cc b/fofi/FoFiType1.cc index b38c2b4c..2806d92f 100644 --- a/fofi/FoFiType1.cc +++ b/fofi/FoFiType1.cc @@ -340,8 +340,10 @@ void FoFiType1::parse() { } else if (!gotMatrix && (line + 11 <= (char*)file + len) && !strncmp(line, "/FontMatrix", 11)) { - strncpy(buf, line + 11, 255); - buf[255] = '\0'; + const auto availableFile = (char*)file + len - (line + 11); + const int bufLen = availableFile < 255 ? availableFile : 255; + strncpy(buf, line + 11, bufLen); + buf[bufLen] = '\0'; if ((p = strchr(buf, '['))) { ++p; if ((p2 = strchr(p, ']'))) { _______________________________________________ poppler mailing list [email protected] https://lists.freedesktop.org/mailman/listinfo/poppler
