From 503748d8a80dd5db450c8c4dc109f2b97049d989 Mon Sep 17 00:00:00 2001
From: Behdad Esfahbod <behdad@behdad.org>
Date: Wed, 8 May 2019 12:45:02 -0700
Subject: [PATCH] [name] Sanitize records for reals

Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14641
---
 src/hb-ot-name-table.hh | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/hb-ot-name-table.hh b/src/hb-ot-name-table.hh
index 4e4da74bc..1c8f54406 100644
--- a/src/hb-ot-name-table.hh
+++ b/src/hb-ot-name-table.hh
@@ -220,7 +220,6 @@ struct name
   {
     TRACE_SANITIZE (this);
     const void *string_pool = (this+stringOffset).arrayZ;
-    /* TODO: Move to run-time?! */
     return_trace (nameRecordZ.sanitize (c, count, string_pool));
   }
 
@@ -230,7 +229,8 @@ struct name
     return_trace (c->check_struct (this) &&
 		  likely (format == 0 || format == 1) &&
 		  c->check_array (nameRecordZ.arrayZ, count) &&
-		  c->check_range (this, stringOffset));
+		  c->check_range (this, stringOffset) &&
+		  sanitize_records (c));
   }
 
   struct accelerator_t