Merge pull request #1456 from harfbuzz/cff-subr-sanitize
[CFF] fix oss-fuzz issue 11691 (BlendArg::set_blends)
This commit is contained in:
commit
6727c4b6f0
|
@ -1067,7 +1067,7 @@ struct cff1
|
||||||
{ fini (); return; }
|
{ fini (); return; }
|
||||||
|
|
||||||
globalSubrs = &StructAtOffset<CFF1Subrs> (stringIndex, stringIndex->get_size ());
|
globalSubrs = &StructAtOffset<CFF1Subrs> (stringIndex, stringIndex->get_size ());
|
||||||
if ((globalSubrs != &Null (CFF1Subrs)) && !stringIndex->sanitize (&sc))
|
if ((globalSubrs != &Null (CFF1Subrs)) && !globalSubrs->sanitize (&sc))
|
||||||
{ fini (); return; }
|
{ fini (); return; }
|
||||||
|
|
||||||
charStrings = &StructAtOffsetOrNull<CFF1CharStrings> (cff, topDict.charStringsOffset);
|
charStrings = &StructAtOffsetOrNull<CFF1CharStrings> (cff, topDict.charStringsOffset);
|
||||||
|
|
|
@ -466,6 +466,7 @@ struct cff2
|
||||||
|
|
||||||
if (((varStore != &Null(CFF2VariationStore)) && unlikely (!varStore->sanitize (&sc))) ||
|
if (((varStore != &Null(CFF2VariationStore)) && unlikely (!varStore->sanitize (&sc))) ||
|
||||||
(charStrings == &Null(CFF2CharStrings)) || unlikely (!charStrings->sanitize (&sc)) ||
|
(charStrings == &Null(CFF2CharStrings)) || unlikely (!charStrings->sanitize (&sc)) ||
|
||||||
|
(globalSubrs == &Null(CFF2Subrs)) || unlikely (!globalSubrs->sanitize (&sc)) ||
|
||||||
(fdArray == &Null(CFF2FDArray)) || unlikely (!fdArray->sanitize (&sc)) ||
|
(fdArray == &Null(CFF2FDArray)) || unlikely (!fdArray->sanitize (&sc)) ||
|
||||||
(((fdSelect != &Null(CFF2FDSelect)) && unlikely (!fdSelect->sanitize (&sc, fdArray->count)))))
|
(((fdSelect != &Null(CFF2FDSelect)) && unlikely (!fdSelect->sanitize (&sc, fdArray->count)))))
|
||||||
{ fini (); return; }
|
{ fini (); return; }
|
||||||
|
|
Binary file not shown.
Loading…
Reference in New Issue