RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-27 07:37:46 +00:00
Code Issues Activity Actions

LibGfx/OpenType: Allow zero-sized table entries

Browse source 
Kind of reverts #21675, but #21744 made that better

4 of my 1000 test PDFs complained "Invalid table offset or length in
font" before.

For example, in 0000203.pdf, these tags had length 0: 'cvt ', 'fpgm',
'prep', 'name', 'OS/2'. (Generally it's tables that aren't needed
for rendering PDFs, and the PDF writer figured it's easier to zero
out these tables instead of omitting them altogether for some reason.)

Increases number of PDFs that render without diagnostics from
765 to 767.
This commit is contained in:
Nico Weber 2024-02-20 12:14:37 -05:00 committed by Andreas Kling
parent cade76d240
commit 08381b20e0
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
Userland/Libraries/LibGfx/Font/OpenType/Font.cpp
View file

@ -210,7 +210,7 @@ ErrorOr<NonnullRefPtr<Font>> Font::try_load_from_offset(ReadonlyBytes buffer, u3
for (auto i = 0; i < table_directory.num_tables; i++) { for (auto i = 0; i < table_directory.num_tables; i++) {
auto& table_record = *TRY(stream.read_in_place<TableRecord const>()); auto& table_record = *TRY(stream.read_in_place<TableRecord const>());
if (table_record.length == 0 || Checked<u32>::addition_would_overflow(static_cast<u32>(table_record.offset), static_cast<u32>(table_record.length))) if (Checked<u32>::addition_would_overflow(static_cast<u32>(table_record.offset), static_cast<u32>(table_record.length)))
return Error::from_string_literal("Invalid table offset or length in font"); return Error::from_string_literal("Invalid table offset or length in font");
if (buffer.size() < table_record.offset + table_record.length) if (buffer.size() < table_record.offset + table_record.length)