From 2bdd903c69eb3a34f3d3bf5e4f4c94cd66337117 Mon Sep 17 00:00:00 2001 From: Garret Rieger Date: Tue, 31 Jul 2018 17:44:02 -0700 Subject: [PATCH] [subset] limit the max codepoint value to the unicode limit. When collecting all codepoints in the cmap avoid using large amount of memory for fonts that declare coverage over all 32 bit integers. --- src/hb-ot-cmap-table.hh | 9 +++++++-- ...-subset-get-codepoints-fuzzer-5973295416475648 | Bin 0 -> 109 bytes 2 files changed, 7 insertions(+), 2 deletions(-) create mode 100644 test/api/fonts/clusterfuzz-testcase-minimized-hb-subset-get-codepoints-fuzzer-5973295416475648 diff --git a/src/hb-ot-cmap-table.hh b/src/hb-ot-cmap-table.hh index 00f835285..67a9c7dd9 100644 --- a/src/hb-ot-cmap-table.hh +++ b/src/hb-ot-cmap-table.hh @@ -37,6 +37,9 @@ */ #define HB_OT_TAG_cmap HB_TAG('c','m','a','p') +#ifndef HB_MAX_UNICODE_CODEPOINT_VALUE +#define HB_MAX_UNICODE_CODEPOINT_VALUE 0x10FFFF +#endif namespace OT { @@ -437,8 +440,10 @@ struct CmapSubtableLongSegmented { for (unsigned int i = 0; i < this->groups.len; i++) { hb_set_add_range (out, - this->groups[i].startCharCode, - this->groups[i].endCharCode); + MIN ((unsigned int) this->groups[i].startCharCode, + (unsigned int) HB_MAX_UNICODE_CODEPOINT_VALUE), + MIN ((unsigned int) this->groups[i].endCharCode, + (unsigned int) HB_MAX_UNICODE_CODEPOINT_VALUE)); } } diff --git a/test/api/fonts/clusterfuzz-testcase-minimized-hb-subset-get-codepoints-fuzzer-5973295416475648 b/test/api/fonts/clusterfuzz-testcase-minimized-hb-subset-get-codepoints-fuzzer-5973295416475648 new file mode 100644 index 0000000000000000000000000000000000000000..b506d2a5ab0e6ed72082ae9e5b4c9c24bb6dda7a GIT binary patch literal 109 zcmZQzWME)mRe*s13JO332g$jK1q=*pKq@r<0SRUX9v%<}23X!P{8s~V*o7DvK;o|K f5E(88{-3Y@AGtk!k`O~hDuVzcTSh8SW&r~Lqn8rN literal 0 HcmV?d00001