From 1e48225ca312a955cc7f4a4b7683492e83d77117 Mon Sep 17 00:00:00 2001
From: ebraminio <ebrahim@gnu.org>
Date: Thu, 13 Aug 2020 23:22:14 +0430
Subject: [PATCH] [ENOMEM] Check whether serialize context isn't in error

---
 src/hb-ot-shape-complex-arabic-fallback.hh         |   4 ++--
 ...case-minimized-hb-shape-fuzzer-5138182937772032 | Bin 0 -> 68 bytes
 2 files changed, 2 insertions(+), 2 deletions(-)
 create mode 100644 test/fuzzing/fonts/clusterfuzz-testcase-minimized-hb-shape-fuzzer-5138182937772032

diff --git a/src/hb-ot-shape-complex-arabic-fallback.hh b/src/hb-ot-shape-complex-arabic-fallback.hh
index 262ab8a1f..244e967b1 100644
--- a/src/hb-ot-shape-complex-arabic-fallback.hh
+++ b/src/hb-ot-shape-complex-arabic-fallback.hh
@@ -92,7 +92,7 @@ arabic_fallback_synthesize_lookup_single (const hb_ot_shape_plan_t *plan HB_UNUS
 				       hb_array (substitutes, num_glyphs));
   c.end_serialize ();
 
-  return ret ? c.copy<OT::SubstLookup> () : nullptr;
+  return ret && !c.in_error () ? c.copy<OT::SubstLookup> () : nullptr;
 }
 
 static OT::SubstLookup *
@@ -170,7 +170,7 @@ arabic_fallback_synthesize_lookup_ligature (const hb_ot_shape_plan_t *plan HB_UN
   c.end_serialize ();
   /* TODO sanitize the results? */
 
-  return ret ? c.copy<OT::SubstLookup> () : nullptr;
+  return ret && !c.in_error () ? c.copy<OT::SubstLookup> () : nullptr;
 }
 
 static OT::SubstLookup *
diff --git a/test/fuzzing/fonts/clusterfuzz-testcase-minimized-hb-shape-fuzzer-5138182937772032 b/test/fuzzing/fonts/clusterfuzz-testcase-minimized-hb-shape-fuzzer-5138182937772032
new file mode 100644
index 0000000000000000000000000000000000000000..2f2f7b89ed96009c836c65f86e62a7c56a322e18
GIT binary patch
literal 68
tcmZQzWME)mVqgZ63=BdF3JU*$G%t__g5=!90w9kGgcbfWFn|TI5CHNX2nPTF

literal 0
HcmV?d00001