S-177: Vulnerabilities in Microsoft Works File Converter
A remote code vulnerability exists in Microsoft Works File Converter due to the way that it improperly validates: 1) section length headers with the .wps format; 2) section header index table information with the .wps file format; and 3) various field lengths information with the .wps file format. The risk is MEDIUM. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts.
Font::TTF::Cmap(3pm) User Contributed Perl Documentation Font::TTF::Cmap(3pm)NAME
Font::TTF::Cmap - Character map table
DESCRIPTION
Looks after the character map. For ease of use, the actual cmap is held in a hash against codepoint. Thus for a given table:
$gid = $font->{'cmap'}{'Tables'}[0]{'val'}{$code};
Note that $code should be a true value(0x1234) rather than a string representation.
INSTANCE VARIABLES
The instance variables listed here are not preceded by a space due to their emulating structural information in the font.
Num Number of subtables in this table
Tables
An array of subtables ([0..Num-1])
Each subtables also has its own instance variables which are, again, not preceded by a space.
Platform
The platform number for this subtable
Encoding
The encoding number for this subtable
Format
Gives the stored format of this subtable
Ver Gives the version (or language) information for this subtable
val A hash keyed by the codepoint value (not a string) storing the glyph id
METHODS
$t->read
Reads the cmap into memory. Format 4 subtables read the whole subtable and fill in the segmented array accordingly.
$t->ms_lookup($uni)
Finds a Unicode table, giving preference to the MS one, and looks up the given Unicode codepoint in it to find the glyph id.
$t->find_ms
Finds the a Unicode table, giving preference to the Microsoft one, and sets the "mstable" instance variable to it if found. Returns the
table it finds.
$t->ms_enc
Returns the encoding of the microsoft table (0 => symbol, etc.). Returns undef if there is no Microsoft cmap.
$t->out($fh)
Writes out a cmap table to a filehandle. If it has not been read, then just copies from input file to output
$t->XML_element($context, $depth, $name, $val)
Outputs the elements of the cmap in XML. We only need to process val here
@map = $t->reverse(%opt)
Returns a reverse map of the Unicode cmap. I.e. given a glyph gives the Unicode value for it. Options are:
tnum
Table number to use rather than the default Unicode table
array
Returns each element of reverse as an array since a glyph may be mapped by more than one Unicode value. The arrays are unsorted.
Otherwise store any one unicode value for a glyph.
is_unicode($index)
Returns whether the table of a given index is known to be a unicode table (as specified in the specifications)
BUGS
o No support for format 2 tables (MBCS)
AUTHOR
Martin Hosken Martin_Hosken@sil.org. See Font::TTF::Font for copyright and licensing.
perl v5.10.1 2011-02-25 Font::TTF::Cmap(3pm)