On Thu, Jul 07, 2022 at 03:34:38PM +0000, Darren Kenny wrote: > With gsub substitutions the offsets should be validated against the > the number of glyphs in a font face and the memory allocated for the gsub > substitution data. > > Both the number of glyphs and the last address in the allocated data are > passed in to process_cursive(), where the number of glyphs validates the end > of the range. > > Enabling memory allocation validation uses two macros, one to simply check the > address against the allocated space, and the other to check that the number of > items of a given size doesn't extend outside of the allocated space. > > Fixes: CID 73770 > Fixes: CID 314040 > > Signed-off-by: Darren Kenny <darren.ke...@oracle.com>
Reviewed-by: Daniel Kiper <daniel.ki...@oracle.com> Daniel _______________________________________________ Grub-devel mailing list Grub-devel@gnu.org https://lists.gnu.org/mailman/listinfo/grub-devel
