walkero
/
harfbuzz
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

[repacker] fix fuzzer reported stack overflow. 

Fixes https://oss-fuzz.com/testcase-detail/6014493291577344.
This commit is contained in:
Garret Rieger 2022-12-07 00:47:28 +00:00 committed by Behdad Esfahbod
parent b17fbc200b
commit 35233d2514
3 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/graph/graph.hh
View File

@ -1187,6 +1187,11 @@ struct graph_t
} }
} }
for (unsigned i = 0; i < vertices_.length; i++)
// parents arrays must be accurate or downstream operations like cycle detection
// and sorting won't work correctly.
check_success (!vertices_[i].parents.in_error ());
parents_invalid = false; parents_invalid = false;
} }

8
src/hb-repacker.hh
View File

@ -393,6 +393,14 @@ hb_resolve_overflows (const T& packed,
return nullptr; return nullptr;
} }
if (sorted_graph.in_error ())
{
// Allocations failed somewhere
DEBUG_MSG (SUBSET_REPACK, nullptr,
"Graph is in error, likely due to a memory allocation error.");
return nullptr;
}
if (!hb_resolve_graph_overflows (table_tag, max_rounds, recalculate_extensions, sorted_graph)) if (!hb_resolve_graph_overflows (table_tag, max_rounds, recalculate_extensions, sorted_graph))
return nullptr; return nullptr;

BIN
test/fuzzing/graphs/clusterfuzz-testcase-minimized-hb-repacker-fuzzer-6014493291577344 Normal file
View File

Binary file not shown.