[subset-fuzzer] Protect against overflow

Fixes
https://github.com/harfbuzz/harfbuzz/issues/4137#issuecomment-1448994447
This commit is contained in:
Behdad Esfahbod 2023-02-28 15:31:45 -07:00
parent 5226d69733
commit 2d33a6b4df
1 changed files with 1 additions and 1 deletions

View File

@ -85,7 +85,7 @@ extern "C" int LLVMFuzzerTestOneInput (const uint8_t *data, size_t size)
data + size, data + size,
sizeof (num_axes)); sizeof (num_axes));
if (num_axes > 0 && size > num_axes * (sizeof(hb_tag_t) + sizeof(float))) if (num_axes > 0 && num_axes < 8 && size > num_axes * (sizeof(hb_tag_t) + sizeof(int)))
{ {
for (unsigned i = 0; i < num_axes; i++) { for (unsigned i = 0; i < num_axes; i++) {
hb_tag_t tag; hb_tag_t tag;