dany/pdfio
1
0
Fork 0
mirror of https://github.com/michaelrsweet/pdfio.git synced 2025-04-22 16:36:47 +02:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: dany:138f3955d19b959bfd4016f654740a5c9d92300d
Branches Tags
dany:master
dany:v1.5.x
dany:v1.1.x
dany:v1.5.2
dany:v1.5.1
dany:v1.5.0
dany:v1.4.1
dany:v1.4.0
dany:v1.3.2
dany:v1.3.1
dany:v1.3.0
dany:v1.2.0
dany:v1.1.4
dany:v1.1.3
dany:v1.1.2
dany:v1.1.1
dany:v1.1.0
dany:v1.0.1
dany:v1.0.0
dany:v1.0rc1
dany:v1.0b2
dany:v1.0b1
..
compare: dany:6cb661f0f45ae2d1d3824bcf7bca7a5f68ba946a
Branches Tags
dany:master
dany:v1.5.x
dany:v1.1.x
dany:v1.5.2
dany:v1.5.1
dany:v1.5.0
dany:v1.4.1
dany:v1.4.0
dany:v1.3.2
dany:v1.3.1
dany:v1.3.0
dany:v1.2.0
dany:v1.1.4
dany:v1.1.3
dany:v1.1.2
dany:v1.1.1
dany:v1.1.0
dany:v1.0.1
dany:v1.0.0
dany:v1.0rc1
dany:v1.0b2
dany:v1.0b1

2 Commits
138f3955d1 ... 6cb661f0f4

Author SHA1 Message Date
Michael R Sweet
6cb661f0f4
Cleanup changelog. 2024-08-21 08:25:11 -04:00
Michael R Sweet
7e01451b18
Merge 0-character font fix from TTF. 2024-08-21 08:22:31 -04:00
2 changed files with 31 additions and 31 deletions
Show Stats Expand all files Collapse all files

56
CHANGES.md
View File

@ -2,22 +2,22 @@ Changes in PDFio
================ ================
v1.3.2 (Month DD, YYYY) v1.3.2 - YYYY-MM-DD
----------------------- -------------------
- Added some more sanity checks to the TrueType font reader. - Added some more sanity checks to the TrueType font reader.
v1.3.1 (August 5, 2024) v1.3.1 - 2024-08-05
----------------------- -------------------
- CVE 2024-42358: Updated TrueType font reader to avoid large memory - CVE 2024-42358: Updated TrueType font reader to avoid large memory
allocations. allocations.
- Fixed some documentation errors and added examples (Issue #68, Issue #69) - Fixed some documentation errors and added examples (Issue #68, Issue #69)
v1.3.0 (June 28, 2024) v1.3.0 - 2024-06-28
---------------------- -------------------
- Added `pdfioFileGetCatalog` API for accessing the root/catalog object of a - Added `pdfioFileGetCatalog` API for accessing the root/catalog object of a
PDF file (Issue #67) PDF file (Issue #67)
@ -27,8 +27,8 @@ v1.3.0 (June 28, 2024)
- Optimized string pool code. - Optimized string pool code.
v1.2.0 (January 24, 2024) v1.2.0 - 2024-01-24
------------------------- -------------------
- Now use autoconf to configure the PDFio sources (Issue #54) - Now use autoconf to configure the PDFio sources (Issue #54)
- Added `pdfioFileCreateNumberObj` and `pdfioFileCreateStringObj` functions - Added `pdfioFileCreateNumberObj` and `pdfioFileCreateStringObj` functions
@ -51,8 +51,8 @@ v1.2.0 (January 24, 2024)
65536 in the xref table (Issue #59) 65536 in the xref table (Issue #59)
v1.1.4 (December 3, 2023) v1.1.4 - 2023-12-03
------------------------- -------------------
- Fixed detection of encrypted strings that are too short (Issue #52) - Fixed detection of encrypted strings that are too short (Issue #52)
- Fixed a TrueType CMAP decoding bug. - Fixed a TrueType CMAP decoding bug.
@ -60,15 +60,15 @@ v1.1.4 (December 3, 2023)
- Added a ToUnicode map for Unicode text to support text copying. - Added a ToUnicode map for Unicode text to support text copying.
v1.1.3 (November 15, 2023) v1.1.3 - 2023-11-15
-------------------------- -------------------
- Fixed Unicode font support (Issue #16) - Fixed Unicode font support (Issue #16)
- Fixed missing initializer for 40-bit RC4 encryption (Issue #51) - Fixed missing initializer for 40-bit RC4 encryption (Issue #51)
v1.1.2 (October 10, 2023) v1.1.2 - 2023-10-10
------------------------- -------------------
- Updated `pdfioContentSetDashPattern` to support setting a solid (0 length) - Updated `pdfioContentSetDashPattern` to support setting a solid (0 length)
dash pattern (Issue #41) dash pattern (Issue #41)
@ -83,15 +83,15 @@ v1.1.2 (October 10, 2023)
(Issue #48) (Issue #48)
v1.1.1 (March 20, 2023) v1.1.1 - 2023-03-20
----------------------- -------------------
- CVE-2023-28428: Fixed a potential denial-of-service with corrupt PDF files. - CVE-2023-28428: Fixed a potential denial-of-service with corrupt PDF files.
- Fixed a few build issues. - Fixed a few build issues.
v1.1.0 (February 6, 2023) v1.1.0 - 2023-02-06
------------------------- -------------------
- CVE-2023-24808: Fixed a potential denial-of-service with corrupt PDF files. - CVE-2023-24808: Fixed a potential denial-of-service with corrupt PDF files.
- Added `pdfioFileCreateTemporary` function (Issue #29) - Added `pdfioFileCreateTemporary` function (Issue #29)
@ -105,28 +105,28 @@ v1.1.0 (February 6, 2023)
- Fixed `pdfioContentMatrixRotate` function. - Fixed `pdfioContentMatrixRotate` function.
v1.0.1 (March 2, 2022) v1.0.1 - 2022-03-02
---------------------- -------------------
- Added missing `pdfioPageGetNumStreams` and `pdfioPageOpenStream` functions. - Added missing `pdfioPageGetNumStreams` and `pdfioPageOpenStream` functions.
- Added demo pdfiototext utility. - Added demo pdfiototext utility.
- Fixed bug in `pdfioStreamGetToken`. - Fixed bug in `pdfioStreamGetToken`.
v1.0.0 (December 14, 2021) v1.0.0 - 2021-12-14
-------------------------- -------------------
- First stable release. - First stable release.
v1.0rc1 (November 30, 2021) v1.0rc1 - 2021-11-30
--------------------------- --------------------
- Fixed a few stack/buffer overflow bugs discovered via fuzzing. - Fixed a few stack/buffer overflow bugs discovered via fuzzing.
v1.0b2 (November 7, 2021) v1.0b2 - 2021-11-07
------------------------- -------------------
- Added `pdfioFileCreateOutput` API to support streaming output of PDF - Added `pdfioFileCreateOutput` API to support streaming output of PDF
(Issue #21) (Issue #21)
@ -137,7 +137,7 @@ v1.0b2 (November 7, 2021)
- Fixed some issues identified by a Coverity scan. - Fixed some issues identified by a Coverity scan.
v1.0b1 (August 30, 2021) v1.0b1 - 2021-08-30
------------------------ -------------------
- Initial release - Initial release

6
ttf.c
View File

@ -1323,7 +1323,7 @@ read_cmap(ttf_t *font) // I - Font
TTF_DEBUG("read_cmap: glyphIdArray[%d]=%d\n", i, glyphIdArray[i]); TTF_DEBUG("read_cmap: glyphIdArray[%d]=%d\n", i, glyphIdArray[i]);
#endif /* DEBUG */ #endif /* DEBUG */
if (font->num_cmap > TTF_FONT_MAX_CHAR) if (font->num_cmap == 0 || font->num_cmap > TTF_FONT_MAX_CHAR)
{ {
errorf(font, "Invalid cmap table with %u characters.", (unsigned)font->num_cmap); errorf(font, "Invalid cmap table with %u characters.", (unsigned)font->num_cmap);
return (false); return (false);
@ -1433,7 +1433,7 @@ read_cmap(ttf_t *font) // I - Font
// uncompressed cmap table... // uncompressed cmap table...
TTF_DEBUG("read_cmap: num_cmap=%u\n", (unsigned)font->num_cmap); TTF_DEBUG("read_cmap: num_cmap=%u\n", (unsigned)font->num_cmap);
if (font->num_cmap > TTF_FONT_MAX_CHAR) if (font->num_cmap == 0 || font->num_cmap > TTF_FONT_MAX_CHAR)
{ {
errorf(font, "Invalid cmap table with %u characters.", (unsigned)font->num_cmap); errorf(font, "Invalid cmap table with %u characters.", (unsigned)font->num_cmap);
return (false); return (false);
@ -1522,7 +1522,7 @@ read_cmap(ttf_t *font) // I - Font
// uncompressed cmap table... // uncompressed cmap table...
TTF_DEBUG("read_cmap: num_cmap=%u\n", (unsigned)font->num_cmap); TTF_DEBUG("read_cmap: num_cmap=%u\n", (unsigned)font->num_cmap);
if (font->num_cmap > TTF_FONT_MAX_CHAR) if (font->num_cmap == 0 || font->num_cmap > TTF_FONT_MAX_CHAR)
{ {
errorf(font, "Invalid cmap table with %u characters.", (unsigned)font->num_cmap); errorf(font, "Invalid cmap table with %u characters.", (unsigned)font->num_cmap);
return (false); return (false);