Fix a potential resize bug and apply xpdf 3.02pl4 and 3.02pl5 security patches.

This partially resolves bug report 1175.
author: Darrell Anderson <[email protected]> 2012-08-22 13:05:27 -0500
committer: Darrell Anderson <[email protected]> 2012-08-22 13:05:27 -0500
commit: 561d1d6802dd50ddc9f441442cc2c351dd2759d6 (patch)
tree: 16397d32c394eda320ac37ec273701b2bd323591 /kpdf/xpdf/fofi
parent: debc30baa40bdc687b00414733a50c61f71572de (diff)
download: tdegraphics-561d1d6802dd50ddc9f441442cc2c351dd2759d6.tar.gz
tdegraphics-561d1d6802dd50ddc9f441442cc2c351dd2759d6.zip
1 files changed, 9 insertions, 4 deletions
diff --git a/kpdf/xpdf/fofi/FoFiType1.cc b/kpdf/xpdf/fofi/FoFiType1.cc
index efad5ee4..88b35ecc 100644
--- a/kpdf/xpdf/fofi/FoFiType1.cc
+++ b/kpdf/xpdf/fofi/FoFiType1.cc
@@ -224,7 +224,7 @@ void FoFiType1::parse() {
 		code = code * 8 + (*p2 - '0');
 	      }
 	    }
-	    if (code < 256) {
+	    if (code >= 0 && code < 256) {
 	      for (p = p2; *p == ' ' || *p == '\t'; ++p) ;
 	      if (*p == '/') {
 		++p;
@@ -235,9 +235,14 @@ void FoFiType1::parse() {
 	    }
 	  }
 	} else {
-	  if (strtok(buf, " \t") &&
-	      (p = strtok(NULL, " \t\n\r")) && !strcmp(p, "def")) {
-	    break;
+	  p = strtok(buf, " \t\n\r");
+	  if (p)
+	  {
+	    if (!strcmp(p, "def")) break;
+	    if (!strcmp(p, "readonly")) break;
+	    // the spec does not says this but i'm mantaining old xpdf behaviour that accepts "foo def" as end of the encoding array
+	    p = strtok(buf, " \t\n\r");
+	    if (p && !strcmp(p, "def")) break;
 	  }
 	}
       }
author	Darrell Anderson <[email protected]>	2012-08-22 13:05:27 -0500
committer	Darrell Anderson <[email protected]>	2012-08-22 13:05:27 -0500
commit	561d1d6802dd50ddc9f441442cc2c351dd2759d6 (patch)
tree	16397d32c394eda320ac37ec273701b2bd323591 /kpdf/xpdf/fofi
parent	debc30baa40bdc687b00414733a50c61f71572de (diff)
download	tdegraphics-561d1d6802dd50ddc9f441442cc2c351dd2759d6.tar.gz tdegraphics-561d1d6802dd50ddc9f441442cc2c351dd2759d6.zip