Open Bug 550918 Opened 10 years ago Updated 2 years ago

cairo_type1_font_subset_look_for_seac scares coverity

Categories

(Core :: Graphics, defect)

x86
Linux
defect
Not set

Tracking

()

UNCONFIRMED

People

(Reporter: timeless, Unassigned)

References

(Blocks 1 open bug, )

Details

(Keywords: coverity)

826  	#define TYPE1_CHARSTRING_COMMAND_SEAC		(32 + 6)

829 cairo_type1_font_subset_look_for_seac(cairo_type1_font_subset_t *font,

837     int stack[5], sp, value;

coverity happily takes the following actions:
853     while (p < end) { - true
854         if (*p < 32) { - true
855             command = *p++; - sure
856 
857             if (command == TYPE1_CHARSTRING_COMMAND_ESCAPE) 
858                 command = 32 + *p++;
859 
860             switch (command) { - TYPE1_CHARSTRING_COMMAND_SEAC
861             case TYPE1_CHARSTRING_COMMAND_SEAC:

with stack uninitialized:
868                 status = use_standard_encoding_glyph (font, stack[3]);

with stack uninitialized:
872                 status = use_standard_encoding_glyph (font, stack[4]);

While cairo might typically be used on systems where everyone is trustworthy, we're using cairo with the web, where everyone is untrustworthy, and i request that we not trust random input.
You need to log in before you can comment on or make changes to this bug.