[aat] Fix offsetToIndex math for out-of-bounds values
Previously, some bad font data was accidentally being interpretted as legit if it happened to not fall out of memory bounds. The intention of the code was what this commit does. I'm surprised we weren't getting a "arithmetic between signed and unsigned values" warning / error before.
This commit is contained in:
parent
c5d6bdb4bf
commit
29708e959a
|
@ -678,7 +678,8 @@ struct ObsoleteTypes
|
||||||
const void *base,
|
const void *base,
|
||||||
const T *array)
|
const T *array)
|
||||||
{
|
{
|
||||||
return (offset - ((const char *) array - (const char *) base)) / T::static_size;
|
/* https://github.com/harfbuzz/harfbuzz/issues/2816 */
|
||||||
|
return (offset - unsigned ((const char *) array - (const char *) base)) / T::static_size;
|
||||||
}
|
}
|
||||||
template <typename T>
|
template <typename T>
|
||||||
static unsigned int byteOffsetToIndex (unsigned int offset,
|
static unsigned int byteOffsetToIndex (unsigned int offset,
|
||||||
|
|
Loading…
Reference in New Issue