[color] Check for null CPAL arrays

We cannot use a nullable offset here though.
2018-10-22 14:54:55 -07:00 · 2018-10-22 14:54:55 -07:00 · 5ae18855d1
parent 69ab72e4aa
commit 5ae18855d1
1 changed files with 6 additions and 6 deletions
--- a/src/hb-ot-color-cpal-table.hh
+++ b/src/hb-ot-color-cpal-table.hh
@ -53,7 +53,7 @@ struct CPALV1Tail
 		     unsigned int palette_index,
 		     unsigned int palette_count) const
  {
-    if (unlikely (palette_index >= palette_count))
+    if (unlikely (palette_index >= palette_count || !paletteFlagsZ))
      return HB_OT_COLOR_PALETTE_FLAG_DEFAULT;

    return (hb_ot_color_palette_flags_t) (uint32_t) (base+paletteFlagsZ)[palette_index];
@ -64,7 +64,7 @@ struct CPALV1Tail
 		       unsigned int palette_index,
 		       unsigned int palette_count) const
  {
-    if (unlikely (palette_index >= palette_count))
+    if (unlikely (palette_index >= palette_count || !paletteLabelZ))
      return HB_NAME_ID_INVALID;

    return (base+paletteLabelZ)[palette_index];
@ -75,7 +75,7 @@ struct CPALV1Tail
 		     unsigned int color_index,
 		     unsigned int color_count) const
  {
-    if (unlikely (color_index >= color_count))
+    if (unlikely (color_index >= color_count || !paletteEntryLabelZ))
      return HB_NAME_ID_INVALID;

    return (base+paletteEntryLabelZ)[color_index];
@ -87,9 +87,9 @@ struct CPALV1Tail
  {
    TRACE_SANITIZE (this);
    return_trace (c->check_struct (this) &&
-		  (base+paletteFlagsZ).sanitize (c, palette_count) &&
-		  (base+paletteLabelZ).sanitize (c, palette_count) &&
-		  (base+paletteEntryLabelZ).sanitize (c, color_count));
+		  (!paletteFlagsZ || (base+paletteFlagsZ).sanitize (c, palette_count)) &&
+		  (!paletteLabelZ || (base+paletteLabelZ).sanitize (c, palette_count)) &&
+		  (!paletteEntryLabelZ || (base+paletteEntryLabelZ).sanitize (c, color_count)));
  }

  protected: