未验证 提交 c55aa147 编写于 作者: E Ebrahim Byagowi 提交者: GitHub

Do sanitization before the use on 'main' mini-program (#994)

上级 c02b40e5
...@@ -51,11 +51,15 @@ main (int argc, char **argv) ...@@ -51,11 +51,15 @@ main (int argc, char **argv)
const char *font_data = nullptr; const char *font_data = nullptr;
int len = 0; int len = 0;
hb_destroy_func_t destroy;
hb_memory_mode_t mm;
#ifdef HAVE_GLIB #ifdef HAVE_GLIB
GMappedFile *mf = g_mapped_file_new (argv[1], false, nullptr); GMappedFile *mf = g_mapped_file_new (argv[1], false, nullptr);
font_data = g_mapped_file_get_contents (mf); font_data = g_mapped_file_get_contents (mf);
len = g_mapped_file_get_length (mf); len = g_mapped_file_get_length (mf);
destroy = (hb_destroy_func_t) g_mapped_file_unref;
mm = HB_MEMORY_MODE_READONLY_MAY_MAKE_WRITABLE;
#else #else
FILE *f = fopen (argv[1], "rb"); FILE *f = fopen (argv[1], "rb");
fseek (f, 0, SEEK_END); fseek (f, 0, SEEK_END);
...@@ -63,11 +67,23 @@ main (int argc, char **argv) ...@@ -63,11 +67,23 @@ main (int argc, char **argv)
fseek (f, 0, SEEK_SET); fseek (f, 0, SEEK_SET);
font_data = (const char *) malloc (len); font_data = (const char *) malloc (len);
len = fread ((char *) font_data, 1, len, f); len = fread ((char *) font_data, 1, len, f);
destroy = free;
mm = HB_MEMORY_MODE_WRITABLE;
#endif #endif
printf ("Opened font file %s: %d bytes long\n", argv[1], len); printf ("Opened font file %s: %d bytes long\n", argv[1], len);
const OpenTypeFontFile &ot = *CastP<OpenTypeFontFile> (font_data); Sanitizer<OpenTypeFontFile> sanitizer;
hb_blob_t *blob = hb_blob_create (font_data, len, mm, (void *) font_data, destroy);
hb_blob_t *font_blob = sanitizer.sanitize (blob);
const OpenTypeFontFile* sanitized = Sanitizer<OpenTypeFontFile>::lock_instance (font_blob);
if (sanitized == &Null (OpenTypeFontFile))
{
printf ("Sanitization of the file wasn't successful. Exit");
return 1;
}
const OpenTypeFontFile& ot = *sanitized;
switch (ot.get_tag ()) { switch (ot.get_tag ()) {
case OpenTypeFontFile::TrueTypeTag: case OpenTypeFontFile::TrueTypeTag:
...@@ -101,7 +117,7 @@ main (int argc, char **argv) ...@@ -101,7 +117,7 @@ main (int argc, char **argv)
for (int n_table = 0; n_table < num_tables; n_table++) { for (int n_table = 0; n_table < num_tables; n_table++) {
const OpenTypeTable &table = font.get_table (n_table); const OpenTypeTable &table = font.get_table (n_table);
printf (" Table %2d of %2d: %.4s (0x%08x+0x%08x)\n", n_table, num_tables, printf (" Table %2d of %2d: %.4s (0x%08x+0x%08x)\n", n_table, num_tables,
(const char *)table.tag, (const char *) table.tag,
(unsigned int) table.offset, (unsigned int) table.offset,
(unsigned int) table.length); (unsigned int) table.length);
...@@ -197,5 +213,3 @@ main (int argc, char **argv) ...@@ -197,5 +213,3 @@ main (int argc, char **argv)
return 0; return 0;
} }
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册