walkero
/
harfbuzz
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

[buffer] When shifting forward, leave no gap 

Trying to see if this fixes the fuzzer issue:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36236
This commit is contained in:
Behdad Esfahbod 2021-07-29 17:49:10 -06:00
parent 5086e10538
commit 09c3b82f5e
1 changed files with 4 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/hb-buffer.cc
View File

@ -359,12 +359,11 @@ hb_buffer_t::move_to (unsigned int i)
/* This will blow in our face if memory allocation fails later /* This will blow in our face if memory allocation fails later
* in this same lookup... * in this same lookup...
* *
* We used to shift with extra 32 items, instead of the 0 below. * We used to shift with extra 32 items.
* But that would leave empty slots in the buffer in case of allocation * But that would leave empty slots in the buffer in case of allocation
* failures. Setting to zero for now to avoid other problems (see * failures. See comments in shift_forward(). This can cause O(N^2)
* comments in shift_forward(). This can cause O(N^2) behavior more * behavior more severely than adding 32 empty slots can... */
* severely than adding 32 empty slots can... */ if (unlikely (idx < count && !shift_forward (count - idx))) return false;
if (unlikely (idx < count && !shift_forward (count + 0))) return false;
assert (idx >= count); assert (idx >= count);