From 60c13976733ea05e71c66c486d62e31ffbb71bac Mon Sep 17 00:00:00 2001
From: Behdad Esfahbod <behdad@behdad.org>
Date: Sun, 14 Oct 2018 19:36:46 -0700
Subject: [PATCH] [buffer] Fix output_glyph at end of buffer

Part of https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10955
---
 src/hb-buffer.hh | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/hb-buffer.hh b/src/hb-buffer.hh
index 9628ddae0..0d888e1e0 100644
--- a/src/hb-buffer.hh
+++ b/src/hb-buffer.hh
@@ -229,7 +229,10 @@ struct hb_buffer_t
   {
     if (unlikely (!make_room_for (0, 1))) return Crap(hb_glyph_info_t);
 
-    out_info[out_len] = info[idx];
+    if (unlikely (idx == len && !out_len))
+      return Crap(hb_glyph_info_t);
+
+    out_info[out_len] = idx < len ? info[idx] : out_info[out_len - 1];
     out_info[out_len].codepoint = glyph_index;
 
     out_len++;