Sakurai/pdf.js
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #4473 from Snuffleupagus/bug-866395-partial

Browse Source 
Prevent infinite loop in CFFParser_parseHeader
This commit is contained in:
Yury Delendik 2014-03-17 08:14:54 -05:00
commit 59829bb49f
1 changed files with 8 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/core/fonts.js
View File

@ -5628,12 +5628,17 @@ var CFFParser = (function CFFParserClosure() {
}, },
parseHeader: function CFFParser_parseHeader() { parseHeader: function CFFParser_parseHeader() {
var bytes = this.bytes; var bytes = this.bytes;
var bytesLength = bytes.length;
var offset = 0; var offset = 0;
while (bytes[offset] != 1) // Prevent an infinite loop, by checking that the offset is within the
// bounds of the bytes array. Necessary in empty, or invalid, font files.
while (offset < bytesLength && bytes[offset] !== 1) {
++offset; ++offset;
}
if (offset !== 0) { if (offset >= bytesLength) {
error('Invalid CFF header');
} else if (offset !== 0) {
info('cff data is shifted'); info('cff data is shifted');
bytes = bytes.subarray(offset); bytes = bytes.subarray(offset);
this.bytes = bytes; this.bytes = bytes;