Commit b8cf8b04 authored by Albert Astals Cid's avatar Albert Astals Cid

FoFiType1::parse: Don't copy to buf more than the available file

fixes oss-fuzz/8576
parent 10a3dc2a
......@@ -340,8 +340,10 @@ void FoFiType1::parse() {
} else if (!gotMatrix &&
(line + 11 <= (char*)file + len) &&
!strncmp(line, "/FontMatrix", 11)) {
strncpy(buf, line + 11, 255);
buf[255] = '\0';
const auto availableFile = (char*)file + len - (line + 11);
const int bufLen = availableFile < 255 ? availableFile : 255;
strncpy(buf, line + 11, bufLen);
buf[bufLen] = '\0';
if ((p = strchr(buf, '['))) {
++p;
if ((p2 = strchr(p, ']'))) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment