From 9661683379806e2bad6a52ce6dde776a33f4f981 Mon Sep 17 00:00:00 2001
From: Cosimo Cecchi <cosimoc@gnome.org>
Date: Sun, 1 Dec 2019 15:22:25 -0800
Subject: [PATCH] Fallback to basename when no family name (CVE-2019-19308)

Instead of possibly returning an empty string, which will cause
issues later on.

We store the GFile that was loaded to create the FT_Face into its
generic client data structure, and load the basename from it when
we don't have a family name.

https://gitlab.gnome.org/GNOME/gnome-font-viewer/issues/17
---
 src/sushi-font-loader.c | 30 +++++++++++++++++++++++++++---
 1 file changed, 27 insertions(+), 3 deletions(-)

diff --git a/src/sushi-font-loader.c b/src/sushi-font-loader.c
index e7da560..df28c1a 100644
--- a/src/sushi-font-loader.c
+++ b/src/sushi-font-loader.c
@@ -67,6 +67,13 @@ font_load_job_free (FontLoadJob *job)
 
 G_DEFINE_AUTOPTR_CLEANUP_FUNC (FontLoadJob, font_load_job_free)
 
+static void
+face_data_finalizer (void *object)
+{
+  FT_Face face = object;
+  g_clear_object (&face->generic.data);
+}
+
 static FT_Face
 create_face_from_contents (FontLoadJob *job,
                            gchar **contents,
@@ -88,6 +95,9 @@ create_face_from_contents (FontLoadJob *job,
     return NULL;
   }
 
+  retval->generic.data = g_object_ref (job->file);
+  retval->generic.finalizer = face_data_finalizer;
+
   *contents = g_steal_pointer (&job->face_contents);
   return retval;
 }
@@ -181,8 +191,22 @@ gchar *
 sushi_get_font_name (FT_Face face,
                      gboolean short_form)
 {
-  if (short_form && g_strcmp0 (face->style_name, "Regular") == 0)
-    return g_strdup (face->family_name);
+  const char *style_name = face->style_name;
+  const char *family_name = face->family_name;
+
+  if (family_name == NULL) {
+    /* Try to get the basename of the file this was loaded from */
+    GFile *file = face->generic.data;
+    if (G_IS_FILE (file))
+      return g_file_get_basename (file);
+
+    /* Use an empty string as the last fallback */
+    return g_strdup ("");
+  }
+
+  if (style_name == NULL ||
+      (short_form && g_strcmp0 (style_name, "Regular") == 0))
+    return g_strdup (family_name);
 
-  return g_strconcat (face->family_name, ", ", face->style_name, NULL);
+  return g_strconcat (family_name, ", ", style_name, NULL);
 }