diff options
Diffstat (limited to 'freetype/src/base/ftstream.c')
-rw-r--r-- | freetype/src/base/ftstream.c | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/freetype/src/base/ftstream.c b/freetype/src/base/ftstream.c index b638599db..9b087ac4d 100644 --- a/freetype/src/base/ftstream.c +++ b/freetype/src/base/ftstream.c @@ -4,7 +4,7 @@ /* */ /* I/O stream support (body). */ /* */ -/* Copyright 2000-2001, 2002, 2004, 2005, 2006, 2008, 2009 by */ +/* Copyright 2000-2001, 2002, 2004, 2005, 2006, 2008, 2009, 2010 by */ /* David Turner, Robert Wilhelm, and Werner Lemberg. */ /* */ /* This file is part of the FreeType project, and may only be used, */ @@ -246,6 +246,18 @@ /* allocate the frame in memory */ FT_Memory memory = stream->memory; + + /* simple sanity check */ + if ( count > stream->size ) + { + FT_ERROR(( "FT_Stream_EnterFrame:" + " frame size (%lu) larger than stream size (%lu)\n", + count, stream->size )); + + error = FT_Err_Invalid_Stream_Operation; + goto Exit; + } + #ifdef FT_DEBUG_MEMORY /* assume _ft_debug_file and _ft_debug_lineno are already set */ stream->base = (unsigned char*)ft_mem_qalloc( memory, count, &error ); |