packages/gnome-font-viewer
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
gnome-font-viewer/CVE-2019-19308.patch
starlet-dx 59af712b12 Fix CVE-2019-19308 
(cherry picked from commit 5f85fdf7c20ef50bdd5e08ee49849ae4119fbe41)
2022-02-25 15:57:05 +08:00

72 lines
2.2 KiB
Diff
Raw Permalink Blame History

From 9661683379806e2bad6a52ce6dde776a33f4f981 Mon Sep 17 00:00:00 2001
From: Cosimo Cecchi <cosimoc@gnome.org>
Date: Sun, 1 Dec 2019 15:22:25 -0800
Subject: [PATCH] Fallback to basename when no family name (CVE-2019-19308)
Instead of possibly returning an empty string, which will cause
issues later on.
We store the GFile that was loaded to create the FT_Face into its
generic client data structure, and load the basename from it when
we don't have a family name.
https://gitlab.gnome.org/GNOME/gnome-font-viewer/issues/17
---
src/sushi-font-loader.c | 30 +++++++++++++++++++++++++++---
1 file changed, 27 insertions(+), 3 deletions(-)
diff --git a/src/sushi-font-loader.c b/src/sushi-font-loader.c
index e7da560..df28c1a 100644
--- a/src/sushi-font-loader.c
+++ b/src/sushi-font-loader.c
@@ -67,6 +67,13 @@ font_load_job_free (FontLoadJob *job)
G_DEFINE_AUTOPTR_CLEANUP_FUNC (FontLoadJob, font_load_job_free)
+static void
+face_data_finalizer (void *object)
+{
+ FT_Face face = object;
+ g_clear_object (&face->generic.data);
+}
+
static FT_Face
create_face_from_contents (FontLoadJob *job,
gchar **contents,
@@ -88,6 +95,9 @@ create_face_from_contents (FontLoadJob *job,
return NULL;
}
+ retval->generic.data = g_object_ref (job->file);
+ retval->generic.finalizer = face_data_finalizer;
+
*contents = g_steal_pointer (&job->face_contents);
return retval;
}
@@ -181,8 +191,22 @@ gchar *
sushi_get_font_name (FT_Face face,
gboolean short_form)
{
- if (short_form && g_strcmp0 (face->style_name, "Regular") == 0)
- return g_strdup (face->family_name);
+ const char *style_name = face->style_name;
+ const char *family_name = face->family_name;
+
+ if (family_name == NULL) {
+ /* Try to get the basename of the file this was loaded from */
+ GFile *file = face->generic.data;
+ if (G_IS_FILE (file))
+ return g_file_get_basename (file);
+
+ /* Use an empty string as the last fallback */
+ return g_strdup ("");
+ }
+
+ if (style_name == NULL ||
+ (short_form && g_strcmp0 (style_name, "Regular") == 0))
+ return g_strdup (family_name);
- return g_strconcat (face->family_name, ", ", face->style_name, NULL);
+ return g_strconcat (family_name, ", ", style_name, NULL);
}
Reference in New Issue View Git Blame Copy Permalink