diff -up freetype-pre1.4/lib/ttgload.c.freetype-pre1.4-CVE-2006-1861-null-pointer freetype-pre1.4/lib/ttgload.c --- freetype-pre1.4/lib/ttgload.c.freetype-pre1.4-CVE-2006-1861-null-pointer 2009-05-12 19:40:52.000000000 -0400 +++ freetype-pre1.4/lib/ttgload.c 2009-05-12 19:41:03.000000000 -0400 @@ -270,6 +270,10 @@ j = 0; flag = exec->pts.touch; + /* CVE-2006-1861 */ + if ( flag == NULL ) + return TT_Err_Invalid_Composite; /* for lack of a better err code */ + while ( j < n_points ) { Byte c, cnt;