diff options
author | Behdad Esfahbod <behdad@behdad.org> | 2014-12-18 18:22:21 -0800 |
---|---|---|
committer | Behdad Esfahbod <behdad@behdad.org> | 2014-12-18 18:22:21 -0800 |
commit | 7d5e7613ced3dd39d05df83ca7e8952cbecd68f6 (patch) | |
tree | 6c083dc673ed3614d1e9732b64d6b42c8327328d /test | |
parent | d5a5052098b0aa79ff55c235e61a9db477c4120f (diff) | |
download | harfbuzz-7d5e7613ced3dd39d05df83ca7e8952cbecd68f6.tar.gz |
Fail blob creation if length overflows or is too large
Fail if blob start plus length overflows; or if blob length
is greater than 2GB. It takes a while for fonts to get to that
size. In the mean time, it protects against bugs like this:
http://www.icu-project.org/trac/ticket/11450
Also avoids some weird issues with 32bit vs 64bit systems
as we accept length as unsigned int. As such, a length of
-1 will cause overflow on 32bit machines, but happily
accepted on a 64bit machine. Avoid that.
Diffstat (limited to 'test')
-rw-r--r-- | test/api/test-blob.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/test/api/test-blob.c b/test/api/test-blob.c index bbb7e2ef..f6713319 100644 --- a/test/api/test-blob.c +++ b/test/api/test-blob.c @@ -53,6 +53,9 @@ test_blob_empty (void) g_assert (hb_blob_is_immutable (hb_blob_get_empty ())); g_assert (hb_blob_get_empty () != NULL); g_assert (hb_blob_get_empty () == hb_blob_create (NULL, 0, HB_MEMORY_MODE_READONLY, NULL, NULL)); + g_assert (hb_blob_get_empty () == hb_blob_create ("asdf", 0, HB_MEMORY_MODE_READONLY, NULL, NULL)); + g_assert (hb_blob_get_empty () == hb_blob_create (NULL, -1, HB_MEMORY_MODE_READONLY, NULL, NULL)); + g_assert (hb_blob_get_empty () == hb_blob_create ("asdfg", -1, HB_MEMORY_MODE_READONLY, NULL, NULL)); blob = hb_blob_get_empty (); g_assert (blob == hb_blob_get_empty ()); |