Sophie

Sophie

distrib > PLD > ac > amd64 > by-pkgid > a5225a2efe6155850b8701a069d58fde > files > 4

freetype-2.1.10-2.src.rpm

--- freetype-2.1.10/src/base/ftutil.c.cve-2006-2661	2005-03-03 15:59:06.000000000 -0700
+++ freetype-2.1.10/src/base/ftutil.c	2006-06-07 18:09:04.314309308 -0600
@@ -52,6 +52,8 @@
             FT_Long    size,
             void*     *P )
   {
+    FT_Error  error = FT_Err_Ok;
+
     FT_ASSERT( P != 0 );
 
     if ( size > 0 )
@@ -68,13 +70,17 @@
       FT_MEM_ZERO( *P, size );
     }
     else
+    {
       *P = NULL;
+      if ( size < 0 )
+        error = FT_Err_Invalid_Argument;
+    }
 
     FT_TRACE7(( "FT_Alloc:" ));
     FT_TRACE7(( " size = %ld, block = 0x%08p, ref = 0x%08p\n",
                 size, *P, P ));
 
-    return FT_Err_Ok;
+    return error;
   }
 
 
@@ -128,11 +134,14 @@
       return FT_Alloc( memory, size, P );
 
     /* if the new block if zero-sized, clear the current one */
-    if ( size <= 0 )
+    if ( size == 0 )
     {
       FT_Free( memory, P );
       return FT_Err_Ok;
     }
+    
+    if ( size < 0 || current < 0 )
+      return FT_Err_Invalid_Argument;
 
     Q = memory->realloc( memory, current, size, *P );
     if ( !Q )
@@ -170,11 +179,14 @@
       return FT_QAlloc( memory, size, P );
 
     /* if the new block if zero-sized, clear the current one */
-    if ( size <= 0 )
+    if ( size == 0 )
     {
       FT_Free( memory, P );
       return FT_Err_Ok;
     }
+    
+    if ( size < 0 || current < 0 )
+      return FT_Err_Invalid_Argument;
 
     Q = memory->realloc( memory, current, size, *P );
     if ( !Q )

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional