File tree 1 file changed +7
-7
lines changed
1 file changed +7
-7
lines changed Original file line number Diff line number Diff line change @@ -1443,6 +1443,13 @@ PHP_FUNCTION(imageloadfont)
14431443 body_size_check = php_stream_tell (stream ) - hdr_size ;
14441444 php_stream_seek (stream , i , SEEK_SET );
14451445
1446+ if (overflow2 (font -> nchars , font -> h ) || overflow2 (font -> nchars * font -> h , font -> w )) {
1447+ php_error_docref (NULL , E_WARNING , "Error reading font, invalid font header" );
1448+ efree (font );
1449+ php_stream_close (stream );
1450+ RETURN_FALSE ;
1451+ }
1452+
14461453 body_size = font -> w * font -> h * font -> nchars ;
14471454 if (body_size != body_size_check ) {
14481455 font -> w = FLIPWORD (font -> w );
@@ -1451,13 +1458,6 @@ PHP_FUNCTION(imageloadfont)
14511458 body_size = font -> w * font -> h * font -> nchars ;
14521459 }
14531460
1454- if (overflow2 (font -> nchars , font -> h ) || overflow2 (font -> nchars * font -> h , font -> w )) {
1455- php_error_docref (NULL , E_WARNING , "Error reading font, invalid font header" );
1456- efree (font );
1457- php_stream_close (stream );
1458- RETURN_FALSE ;
1459- }
1460-
14611461 if (body_size != body_size_check ) {
14621462 php_error_docref (NULL , E_WARNING , "Error reading font" );
14631463 efree (font );
You can’t perform that action at this time.
0 commit comments