From 5bd6f963f682c7ab332d8c640e67ff66a6bb4a96 Mon Sep 17 00:00:00 2001 From: Po Lu Date: Sat, 23 Sep 2023 10:07:38 +0800 Subject: [PATCH] Correct comparisons between size_t and ssize_t * src/sfnt.c (sfnt_read_table_directory, sfnt_read_cmap_format_0) (sfnt_read_cmap_format_2, sfnt_read_cmap_format_4) (sfnt_read_cmap_format_6, sfnt_read_cmap_format_8) (sfnt_read_cmap_format_12, sfnt_read_cmap_format_14) (sfnt_read_cmap_table_1, sfnt_read_cmap_table) (sfnt_read_head_table, sfnt_read_hhea_table, sfnt_read_maxp_table) (sfnt_read_glyf_table, sfnt_read_hmtx_table, sfnt_read_name_table) (sfnt_read_meta_table, sfnt_read_ttc_header) (sfnt_read_default_uvs_table, sfnt_read_nondefault_uvs_table) (sfnt_read_fvar_table, sfnt_read_gvar_table, sfnt_read_avar_table) (sfnt_read_cvar_table, sfnt_read_OS_2_table): * src/sfntfont.c (sfnt_enum_font): Revise code written with only signed `long' in mind to properly compare size_t values with ssize_t. --- src/sfnt.c | 108 +++++++++++++++++++++++++------------------------ src/sfntfont.c | 9 +++-- 2 files changed, 62 insertions(+), 55 deletions(-) diff --git a/src/sfnt.c b/src/sfnt.c index 9340d8abc66..360b0cd2d4d 100644 --- a/src/sfnt.c +++ b/src/sfnt.c @@ -202,9 +202,9 @@ sfnt_read_table_directory (int fd) range_shift, uint16_t); rc = read (fd, subtable, offset); - if (rc < offset) + if (rc == -1 || rc < offset) { - if (rc >= sizeof (uint32_t)) + if (rc != -1 && rc >= sizeof (uint32_t)) { /* Detect a TTC file. In that case, the first long will be ``ttcf''. */ @@ -247,7 +247,7 @@ sfnt_read_table_directory (int fd) rc = read (fd, subtable->subtables, subtable_size); - if (rc < offset) + if (rc == -1 || rc < offset) { xfree (subtable); return NULL; @@ -311,7 +311,7 @@ sfnt_read_cmap_format_0 (int fd, language)); rc = read (fd, &format0->language, wanted_size); - if (rc < wanted_size) + if (rc == -1 || rc < wanted_size) { xfree (format0); return (struct sfnt_cmap_format_0 *) -1; @@ -349,7 +349,7 @@ sfnt_read_cmap_format_2 (int fd, /* Read the part before the variable length data. */ min_bytes -= offsetof (struct sfnt_cmap_format_2, language); rc = read (fd, &format2->language, min_bytes); - if (rc < min_bytes) + if (rc == -1 || rc < min_bytes) { xfree (format2); return (struct sfnt_cmap_format_2 *) -1; @@ -383,7 +383,7 @@ sfnt_read_cmap_format_2 (int fd, - SFNT_ENDOF (struct sfnt_cmap_format_2, sub_header_keys, uint16_t[256])); rc = read (fd, format2 + 1, min_bytes); - if (rc < min_bytes) + if (rc == -1 || rc < min_bytes) { xfree (format2); return (struct sfnt_cmap_format_2 *) -1; @@ -454,7 +454,7 @@ sfnt_read_cmap_format_4 (int fd, /* Read the initial data. */ min_bytes -= offsetof (struct sfnt_cmap_format_4, language); rc = read (fd, &format4->language, min_bytes); - if (rc < min_bytes) + if (rc == -1 || rc < min_bytes) { xfree (format4); return (struct sfnt_cmap_format_4 *) -1; @@ -490,7 +490,7 @@ sfnt_read_cmap_format_4 (int fd, /* Read the rest of the bytes to the end of format4. */ rc = read (fd, format4 + 1, bytes_minus_format4); - if (rc < bytes_minus_format4) + if (rc == -1 || rc < bytes_minus_format4) { xfree (format4); return (struct sfnt_cmap_format_4 *) -1; @@ -559,7 +559,7 @@ sfnt_read_cmap_format_6 (int fd, /* Read the fixed size data. */ min_size -= offsetof (struct sfnt_cmap_format_6, language); rc = read (fd, &format6->language, min_size); - if (rc < min_size) + if (rc == -1 || rc < min_size) { xfree (format6); return (struct sfnt_cmap_format_6 *) -1; @@ -583,7 +583,8 @@ sfnt_read_cmap_format_6 (int fd, rc = read (fd, format6 + 1, (format6->entry_count * sizeof *format6->glyph_index_array)); - if (rc < format6->entry_count * sizeof *format6->glyph_index_array) + if (rc == -1 || (rc < (format6->entry_count + * sizeof *format6->glyph_index_array))) { xfree (format6); return (struct sfnt_cmap_format_6 *) -1; @@ -611,7 +612,7 @@ sfnt_read_cmap_format_8 (int fd, uint32_t length, i; /* Read the 32-bit length field. */ - if (read (fd, &length, sizeof (length)) < sizeof (length)) + if (read (fd, &length, sizeof length) < (int) sizeof length) return (struct sfnt_cmap_format_8 *) -1; /* Swap the 32-bit length field. */ @@ -633,7 +634,7 @@ sfnt_read_cmap_format_8 (int fd, /* Read the fixed length data. */ min_size -= offsetof (struct sfnt_cmap_format_8, language); rc = read (fd, &format8->language, min_size); - if (rc < min_size) + if (rc == -1 || rc < min_size) { xfree (format8); return (struct sfnt_cmap_format_8 *) -1; @@ -669,7 +670,7 @@ sfnt_read_cmap_format_8 (int fd, /* Now read the variable length data. */ rc = read (fd, format8 + 1, temp); - if (rc < temp) + if (rc == -1 || rc < temp) { xfree (format8); return (struct sfnt_cmap_format_8 *) -1; @@ -703,7 +704,7 @@ sfnt_read_cmap_format_12 (int fd, uint32_t length, i; /* Read the 32-bit length field. */ - if (read (fd, &length, sizeof (length)) < sizeof (length)) + if (read (fd, &length, sizeof length) < (int) sizeof length) return (struct sfnt_cmap_format_12 *) -1; /* Swap the 32-bit length field. */ @@ -725,7 +726,7 @@ sfnt_read_cmap_format_12 (int fd, /* Read the fixed length data. */ min_size -= offsetof (struct sfnt_cmap_format_12, language); rc = read (fd, &format12->language, min_size); - if (rc < min_size) + if (rc == -1 || rc < min_size) { xfree (format12); return (struct sfnt_cmap_format_12 *) -1; @@ -761,7 +762,7 @@ sfnt_read_cmap_format_12 (int fd, /* Now read the variable length data. */ rc = read (fd, format12 + 1, temp); - if (rc < temp) + if (rc == -1 || rc < temp) { xfree (format12); return (struct sfnt_cmap_format_12 *) -1; @@ -808,12 +809,12 @@ sfnt_read_cmap_format_14 (int fd, uint32_t buffer1[2]; size_t size, temp; char buffer[3 + 4 + 4]; - int i; + uint32_t i; /* Read the length field and number of variation selector records. */ - if (read (fd, buffer1, sizeof buffer1) < sizeof buffer1) + if (read (fd, buffer1, sizeof buffer1) < (int) sizeof buffer1) return NULL; length = buffer1[0]; @@ -847,7 +848,7 @@ sfnt_read_cmap_format_14 (int fd, for (i = 0; i < num_records; ++i) { - if (read (fd, buffer, sizeof buffer) < sizeof buffer) + if (read (fd, buffer, sizeof buffer) < (int) sizeof buffer) { xfree (format14); return NULL; @@ -893,7 +894,7 @@ sfnt_read_cmap_table_1 (int fd, uint32_t directory_offset, return (struct sfnt_cmap_encoding_subtable_data *) -1; if (read (fd, &header.format, sizeof header.format) - < sizeof header.format) + < (int) sizeof header.format) return (struct sfnt_cmap_encoding_subtable_data *) -1; sfnt_swap16 (&header.format); @@ -905,7 +906,7 @@ sfnt_read_cmap_table_1 (int fd, uint32_t directory_offset, if (header.format != 14) { if (read (fd, &header.length, sizeof header.length) - < sizeof header.length) + < (int) sizeof header.length) return (struct sfnt_cmap_encoding_subtable_data *) -1; sfnt_swap16 (&header.length); @@ -984,7 +985,7 @@ sfnt_read_cmap_table (int fd, struct sfnt_offset_subtable *subtable, cmap = xmalloc (sizeof *cmap); rc = read (fd, cmap, sizeof *cmap); - if (rc < sizeof *cmap) + if (rc < (int) sizeof *cmap) { xfree (cmap); return NULL; @@ -1011,7 +1012,7 @@ sfnt_read_cmap_table (int fd, struct sfnt_offset_subtable *subtable, /* Read the common part of the new subtable. */ rc = read (fd, &(*subtables)[i], sizeof (*subtables)[i]); - if (rc < sizeof (*subtables)[i]) + if (rc < (int) sizeof (*subtables)[i]) { xfree (cmap); xfree (*subtables); @@ -1430,7 +1431,7 @@ sfnt_read_head_table (int fd, struct sfnt_offset_subtable *subtable) head = xmalloc (sizeof *head); rc = read (fd, head, sizeof *head); - if (rc < sizeof *head) + if (rc < (int) sizeof *head) { xfree (head); return NULL; @@ -1506,7 +1507,7 @@ sfnt_read_hhea_table (int fd, struct sfnt_offset_subtable *subtable) hhea = xmalloc (sizeof *hhea); rc = read (fd, hhea, sizeof *hhea); - if (rc < sizeof *hhea) + if (rc < (int) sizeof *hhea) { xfree (hhea); return NULL; @@ -1669,7 +1670,7 @@ sfnt_read_maxp_table (int fd, struct sfnt_offset_subtable *subtable) size = MIN (directory->length, sizeof *maxp); rc = read (fd, maxp, size); - if (rc < size) + if (rc == -1 || rc < size) { xfree (maxp); return NULL; @@ -1749,7 +1750,7 @@ sfnt_read_glyf_table (int fd, struct sfnt_offset_subtable *subtable) /* Read the glyph data. */ rc = read (fd, glyf->glyphs, glyf->size); - if (rc < glyf->size) + if (rc == -1 || rc < glyf->size) { xfree (glyf); return NULL; @@ -4637,7 +4638,7 @@ sfnt_read_hmtx_table (int fd, struct sfnt_offset_subtable *subtable, /* Read into hmtx + 1. */ rc = read (fd, hmtx + 1, size); - if (rc < size) + if (rc == -1 || rc < size) { xfree (hmtx); return NULL; @@ -4801,7 +4802,7 @@ sfnt_read_name_table (int fd, struct sfnt_offset_subtable *subtable) /* Read the fixed length data. */ rc = read (fd, name, required); - if (rc < required) + if (rc == -1 || rc < required) { xfree (name); return NULL; @@ -4835,8 +4836,8 @@ sfnt_read_name_table (int fd, struct sfnt_offset_subtable *subtable) rc = read (fd, name->name_records, (name->count * sizeof *name->name_records)); - if (rc < (name->count - * sizeof *name->name_records)) + if (rc == -1 || (rc < (name->count + * sizeof *name->name_records))) { xfree (name); return NULL; @@ -4892,7 +4893,7 @@ sfnt_read_name_table (int fd, struct sfnt_offset_subtable *subtable) name->data = (unsigned char *) (name->name_records + name->count); rc = read (fd, name->data, required); - if (rc < required) + if (rc == -1 || rc < required) { xfree (name); return NULL; @@ -4974,7 +4975,7 @@ sfnt_read_meta_table (int fd, struct sfnt_offset_subtable *subtable) /* Read the header. */ rc = read (fd, meta, required); - if (rc < required) + if (rc == -1 || rc < required) { xfree (meta); return NULL; @@ -5120,7 +5121,7 @@ sfnt_read_ttc_header (int fd) size = SFNT_ENDOF (struct sfnt_ttc_header, num_fonts, uint32_t); rc = read (fd, ttc, size); - if (rc < size) + if (rc == -1 || rc < size) { xfree (ttc); return NULL; @@ -5152,7 +5153,7 @@ sfnt_read_ttc_header (int fd) ttc = xrealloc (ttc, sizeof *ttc + size); ttc->offset_table = (uint32_t *) (ttc + 1); rc = read (fd, ttc->offset_table, size); - if (rc < size) + if (rc == -1 || rc < size) { xfree (ttc); return NULL; @@ -5175,7 +5176,7 @@ sfnt_read_ttc_header (int fd) uint32_t) - offsetof (struct sfnt_ttc_header, ul_dsig_tag)); rc = read (fd, &ttc->ul_dsig_offset, size); - if (rc < size) + if (rc == -1 || rc < size) { xfree (ttc); return NULL; @@ -12312,7 +12313,7 @@ sfnt_read_default_uvs_table (int fd, off_t offset) { struct sfnt_default_uvs_table *uvs; uint32_t num_ranges, i, j; - size_t size, temp; + ssize_t size, temp; char data[512]; /* First, seek to the given offset. */ @@ -12322,7 +12323,8 @@ sfnt_read_default_uvs_table (int fd, off_t offset) /* Next, read the number of ranges present. */ - if (read (fd, &num_ranges, sizeof num_ranges) != sizeof num_ranges) + if (read (fd, &num_ranges, sizeof num_ranges) + != (int) sizeof num_ranges) return NULL; /* Swap the number of ranges present. */ @@ -12382,7 +12384,7 @@ sfnt_read_nondefault_uvs_table (int fd, off_t offset) { struct sfnt_nondefault_uvs_table *uvs; uint32_t num_mappings, i, j; - size_t size, temp; + ssize_t size, temp; char data[500]; /* First, seek to the given offset. */ @@ -12884,7 +12886,7 @@ sfnt_read_fvar_table (int fd, struct sfnt_offset_subtable *subtable) /* Read the fvar table header. */ buffer = NULL; rc = read (fd, fvar, min_bytes); - if (rc != min_bytes) + if (rc == -1 || rc != min_bytes) goto bail; /* Swap what was read. */ @@ -12994,7 +12996,7 @@ sfnt_read_fvar_table (int fd, struct sfnt_offset_subtable *subtable) goto bail; rc = read (fd, fvar->axis, sizeof *fvar->axis * fvar->axis_count); - if (rc != sizeof *fvar->axis * fvar->axis_count) + if (rc == -1 || rc != sizeof *fvar->axis * fvar->axis_count) goto bail; /* Swap each axis. */ @@ -13113,7 +13115,7 @@ sfnt_read_gvar_table (int fd, struct sfnt_offset_subtable *subtable) /* Read the gvar table header. */ rc = read (fd, gvar, min_bytes); - if (rc != min_bytes) + if (rc == -1 || rc != min_bytes) goto bail; /* Swap what was read. */ @@ -13179,7 +13181,7 @@ sfnt_read_gvar_table (int fd, struct sfnt_offset_subtable *subtable) { gvar->u.offset_long = (uint32_t *) (gvar + 1); rc = read (fd, gvar->u.offset_long, off_size); - if (rc != off_size) + if (rc == -1 || rc != off_size) goto bail; for (i = 0; i <= gvar->glyph_count; ++i) @@ -13200,8 +13202,9 @@ sfnt_read_gvar_table (int fd, struct sfnt_offset_subtable *subtable) if (lseek (fd, offset, SEEK_SET) != offset) goto bail; - if (read (fd, gvar->global_coords, coordinate_size) - != coordinate_size) + rc = read (fd, gvar->global_coords, coordinate_size); + + if (rc == -1 || rc != coordinate_size) goto bail; for (i = 0; i < coordinate_size / sizeof *gvar->global_coords; ++i) @@ -13224,8 +13227,9 @@ sfnt_read_gvar_table (int fd, struct sfnt_offset_subtable *subtable) if (lseek (fd, offset, SEEK_SET) != offset) goto bail; - if (read (fd, gvar->glyph_variation_data, - gvar->data_size) != gvar->data_size) + rc = read (fd, gvar->glyph_variation_data, gvar->data_size); + + if (rc == -1 || rc != gvar->data_size) goto bail; } @@ -13276,7 +13280,7 @@ sfnt_read_avar_table (int fd, struct sfnt_offset_subtable *subtable) /* Read the avar table header. */ rc = read (fd, avar, min_size); - if (rc != min_size) + if (rc == -1 || rc != min_size) goto bail; /* Swap what was read. */ @@ -13293,7 +13297,7 @@ sfnt_read_avar_table (int fd, struct sfnt_offset_subtable *subtable) size = directory->length - min_size; buffer = xmalloc (size); rc = read (fd, buffer, size); - if (rc != size) + if (rc == -1 || rc != size) goto bail1; /* Swap each word. */ @@ -13594,7 +13598,7 @@ sfnt_read_cvar_table (int fd, struct sfnt_offset_subtable *subtable, size = directory->length - min_size; buffer = xmalloc (size); rc = read (fd, buffer, size); - if (rc != size) + if (rc == -1 || rc != size) goto bail; /* Now figure out how large cvar must be by reading the tuples. */ @@ -15346,7 +15350,7 @@ sfnt_read_OS_2_table (int fd, struct sfnt_offset_subtable *subtable) unsigned char[10]); rc = read (fd, OS_2, wanted); - if (rc != wanted) + if (rc == -1 || rc != wanted) { xfree (OS_2); return NULL; @@ -15377,7 +15381,7 @@ sfnt_read_OS_2_table (int fd, struct sfnt_offset_subtable *subtable) - offsetof (struct sfnt_OS_2_table, ul_unicode_range)); rc = read (fd, &OS_2->ul_unicode_range, wanted); - if (rc != wanted) + if (rc == -1 || rc != wanted) { xfree (OS_2); return NULL; diff --git a/src/sfntfont.c b/src/sfntfont.c index db527d7d4af..d556092db12 100644 --- a/src/sfntfont.c +++ b/src/sfntfont.c @@ -1144,7 +1144,9 @@ sfnt_enum_font_1 (int fd, const char *file, int sfnt_enum_font (const char *file) { - int fd, rc; + int fd; + int rc; + off_t seek; struct sfnt_offset_subtable *subtables; struct sfnt_ttc_header *ttc; size_t i; @@ -1175,8 +1177,9 @@ sfnt_enum_font (const char *file) for (i = 0; i < ttc->num_fonts; ++i) { - if (lseek (fd, ttc->offset_table[i], SEEK_SET) - != ttc->offset_table[i]) + seek = lseek (fd, ttc->offset_table[i], SEEK_SET); + + if (seek == -1 || seek != ttc->offset_table[i]) continue; subtables = sfnt_read_table_directory (fd); -- 2.39.2