1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
|
From: =?utf-8?q?=22Kan-Ru_Chen_=28=E9=99=B3=E4=BE=83=E5=A6=82=29=22?=
<koster@debian.org>
Date: Sat, 20 Sep 2014 20:15:19 +0800
Subject: Fix unsafe conversion from float to fz_linecap
---
source/pdf/pdf-op-run.c | 13 ++++++++++---
1 file changed, 10 insertions(+), 3 deletions(-)
diff --git a/source/pdf/pdf-op-run.c b/source/pdf/pdf-op-run.c
index da881b2..629343c 100644
--- a/source/pdf/pdf-op-run.c
+++ b/source/pdf/pdf-op-run.c
@@ -2000,12 +2000,19 @@ static void pdf_run_J(pdf_csi *csi, void *state)
{
pdf_run_state *pr = (pdf_run_state *)state;
pdf_gstate *gstate = pr->gstate + pr->gtop;
+ fz_context *ctx = pr->ctx;
+ int linecap;
pr->dev->flags &= ~(FZ_DEVFLAG_STARTCAP_UNDEFINED | FZ_DEVFLAG_DASHCAP_UNDEFINED | FZ_DEVFLAG_ENDCAP_UNDEFINED);
gstate->stroke_state = fz_unshare_stroke_state(csi->doc->ctx, gstate->stroke_state);
- gstate->stroke_state->start_cap = csi->stack[0];
- gstate->stroke_state->dash_cap = csi->stack[0];
- gstate->stroke_state->end_cap = csi->stack[0];
+
+ linecap = (int) csi->stack[0];
+ if (linecap < FZ_LINECAP_BUTT || linecap > FZ_LINECAP_TRIANGLE)
+ fz_throw(ctx, FZ_ERROR_GENERIC, "Invalid linecap %d", linecap);
+
+ gstate->stroke_state->start_cap = linecap;
+ gstate->stroke_state->dash_cap = linecap;
+ gstate->stroke_state->end_cap = linecap;
}
static void pdf_run_K(pdf_csi *csi, void *state)
|
