EPUB: fix possible buffer overflow #572
Conversation
|
Can we assume the same issue can happen with the function just above, |
|
Yep. Will amend. |
|
And my code is buggy, I'm surprised it works… We want the start of the read, so |
|
And was the previous code for |
|
I think int keyPos = (i + pos) & 15;
((lUInt8*)buf)[i] ^= _key[keyPos];vs int keyPos = (i + pos) % 20;
((lUInt8*)buf)[i+pos] ^= _key[keyPos];We should be writing at |
benoit-pierre
force-pushed
the
pr/fix_crash
branch
3 times, most recently
from
bb1a4ae
to
23fd335
Compare
|
Here are the few EPUBs with some META-INF/encryption.xml I may have used for testing: |
Looks like so. |
Thanks. (Because right now I can |
|
I get "unknown file format" errors from |
|
Before and after this PR ? |
Yes. Hexdumps of the first 4 bytes of the key and each obfuscated font:
The 4 fist bytes of each font should be the |
|
Any idea what other reading softwares that supports obfuscated fonts (dunno which does, calibre?) do? |
Necessary for cases where we can't be sure of the full size: e.g. when the data is compressed with no information about the unpacked size.
Fix `AdobeDemanglingStream` & `IdpfDemanglingStream` implementations.
The unobfuscated data of some obfuscated (possibly compressed) fonts can sometime itself be a raw DEFLATE compressed stream.
benoit-pierre
force-pushed
the
pr/fix_crash
branch
from
23fd335
to
7b6deb3
Compare
|
I looked at what happens with calibre, and the deDRM plugin has some extra code for obfuscated fonts: it turns out that the unobfuscated data can sometime itself be a raw DEFLATE compressed stream! After implementing, all fonts for those 3 ebooks now load fine. Before/after screenshots:
|
|
@benoit-pierre : any idea why I don't get the embedded font for the text in blue ? I need to remove .Emphasis4 {
font-style: italic;
color: #2f5496;
font-family: Zawgyi-One,sans-serif;
font-weight: bold;
font-size: 1.091em;
} |
|
I don't have to do anything to get it: clean build, no custom settings, removed |
|
OK. Feels like some hell I've already met... |
|
That font selection could use another sub-menu… It's annoying to use, since the page for the selected font is focused, I have to go back manually to the first one to get access to the 2 other submenus. As a new user, you would not even now they are available. |
|
Why is my system installed DejaVu Sans not available in the font family serif sub-menu? |
|
By default, everything in font family is unchecked. |
And you can't do it fast because the page height changes, so the back button position changes… |
Page up to the rescue! \o/ |
|
Or page down, it's a wrap! Even faster. |
|
I still can't get into your state. |
|
(Presumably Home/End should be make to work there.) |
Ok, so you're saying you had it unchecked, right? And so that's the reason it worked for you.
No idea, it should be there in Sans> and in Serif> as we don't distinguish sans from serif.
Well, it's not super essential. It's just mimicking the main font menu & reusing the code, that's good enough.
Even if you let it reload - or quit, rm cache, and restart? |
|
Nope. |
Correct also for me. (Also correct with FreeSerif). May be because the Free fonts have support for that script, and it's them that are used - and our western eyes are not educated enough to tell :) |
So, not confirmed by printfs, but I believe that when the font you have associated to sans-serif has a bold variant (which is the case of my DejaVuSans, but not of our Free fonts), and because that Zawgyi-One is provided only in regular, that our found sans-serif bold ttf gets a bigger score than the Zawgyi-One (which would need to be synthecized bold), so it is used instead... :/ |
|
Possible fix for the above issue: --- a/crengine/src/lvfntman.cpp
+++ b/crengine/src/lvfntman.cpp
@@ -7137,5 +7137,5 @@ int LVFontDef::CalcMatch( const LVFontDef & def, bool useBias ) const
+ (features_match * 1000)
+ (family_match * 100)
- + (typeface_match * 1000);
+ + (typeface_match * 10000);
// printf("### %s (%d) vs %s (%d): size=%d weight=%d italic=%d family=%d typeface=%d bias=%d => %d\n",
@@ -7387,6 +7387,9 @@ LVFontCacheItem * LVFontCache::find( const LVFontDef * fntdef, bool useBias )
else
def.setTypeFace(lString8::empty_str);
+ int typeface_match = false;
for (i=0; i<_instance_list.length(); i++) {
int match = _instance_list[i]->_def.CalcMatch( def, useBias );
+ if ( match >= 2560000 )
+ typeface_match = true;
match = match * 256 + ordering_weight;
if (match > best_instance_match) {
@@ -7397,4 +7400,6 @@ LVFontCacheItem * LVFontCache::find( const LVFontDef * fntdef, bool useBias )
for (i=0; i<_registered_list.length(); i++) {
int match = _registered_list[i]->_def.CalcMatch( def, useBias );
+ if ( match >= 2560000 )
+ typeface_match = true;
match = match * 256 + ordering_weight;
if (match > best_match) {
@@ -7403,7 +7408,15 @@ LVFontCacheItem * LVFontCache::find( const LVFontDef * fntdef, bool useBias )
}
}
+ if ( typeface_match ) {
+ // No need to check next font names (which may get a better score
+ // if the first fonts do not have the requested italic or weight
+ // variants, so let's avoid that too).
+ break;
+ }
}
if (best_index<0)
return NULL;
+ // if (best_instance_match >= best_match) printf("Find '%s' best instance: %s\n", fntdef->getTypeFace().c_str(), _instance_list[best_instance_index]->_def.getTypeFace().c_str());
+ // else printf("Find '%s' best registered: %s\n", fntdef->getTypeFace().c_str(), _registered_list[best_index]->_def.getTypeFace().c_str());
if (best_instance_match >= best_match)
return _instance_list[best_instance_index];I'll keep that for later this summer, as it's a bit risky. |
Handle obfuscated font files smaller than 1040 bytes.
This change is