1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
|
From: Thomas Loimer <thomas.loimer@tuwien.ac.at>
Date: Thu, 10 Apr 2025 09:03:30 +0200
Origin: upstream, https://sourceforge.net/p/mcj/fig2dev/ci/dfa8b66
Bug: https://sourceforge.net/p/mcj/tickets/192/
Forwarded: not-needed
Subject: Detect nan in spline control values, ticket #192
--- a/fig2dev/read.c
+++ b/fig2dev/read.c
@@ -1582,9 +1582,11 @@ read_splineobject(FILE *fp, char **restr
free_splinestorage(s);
return NULL;
}
- if (lx < INT_MIN || lx > INT_MAX || ly < INT_MIN ||
- ly > INT_MAX || rx < INT_MIN || rx > INT_MAX ||
- ry < INT_MIN || ry > INT_MAX) {
+ if ( !isfinite(lx) || lx < INT_MIN || lx > INT_MAX ||
+ !isfinite(ly) || ly < INT_MIN || ly > INT_MAX ||
+ !isfinite(rx) || rx < INT_MIN || rx > INT_MAX ||
+ !isfinite(ry) || ry < INT_MIN || ry > INT_MAX)
+ {
/* clean up, to pass test "reject huge spline controls
values" when -fsanitize=address is enabled */
cp->next = NULL;
--- a/fig2dev/tests/read.at
+++ b/fig2dev/tests/read.at
@@ -608,6 +608,24 @@ EOF
])
AT_CLEANUP
+AT_SETUP([reject nan in spline controls values, #192])
+AT_KEYWORDS([read.c])
+# Use an output language that does not natively support Bezier splines.
+# Otherwise, the huge values are simply copied to the output.
+AT_CHECK([fig2dev -L epic <<EOF
+#FIG 3.1
+Landscape
+Center
+Metric
+1200 2
+3 2 0 1 0 7 50 -1 -1 0.0 0 0 0 2
+ 0 0 1200 0
+ 600 600 600 nan
+ 600 600 600 600
+EOF
+], 1, ignore, [Spline control points out of range at line 8.
+])
+AT_CLEANUP
AT_SETUP([allow text with leading spaces, ticket #181])
AT_KEYWORDS([read.c])
AT_CHECK([fig2dev -L eps <<EOF | $SED -n '70,$ s/.*\((.*spaces)\).*/\1/p'
|
