walkero
/
harfbuzz
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

[subset] Don't crash if subsetting GSUB/GPOS fails 

Fixes fuzzer issue.
This commit is contained in:
Behdad Esfahbod 2019-04-27 10:05:25 -07:00
parent 2b051e7aa1
commit 6977a95fed
1 changed files with 14 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/hb-subset.cc
View File

@ -68,11 +68,11 @@ template<typename TableType>
static bool static bool
_subset2 (hb_subset_plan_t *plan) _subset2 (hb_subset_plan_t *plan)
{ {
bool result = true;
hb_blob_t *source_blob = hb_sanitize_context_t ().reference_table<TableType> (plan->source); hb_blob_t *source_blob = hb_sanitize_context_t ().reference_table<TableType> (plan->source);
const TableType *table = source_blob->as<TableType> (); const TableType *table = source_blob->as<TableType> ();
hb_tag_t tag = TableType::tableTag; hb_tag_t tag = TableType::tableTag;
hb_bool_t result = false;
if (source_blob->data) if (source_blob->data)
{ {
hb_vector_t<char> buf; hb_vector_t<char> buf;
@ -87,7 +87,7 @@ _subset2 (hb_subset_plan_t *plan)
hb_serialize_context_t serializer ((void *) buf, buf_size); hb_serialize_context_t serializer ((void *) buf, buf_size);
serializer.start_serialize<TableType> (); serializer.start_serialize<TableType> ();
hb_subset_context_t c (plan, &serializer); hb_subset_context_t c (plan, &serializer);
result = table->subset (&c); bool needed = table->subset (&c);
if (serializer.ran_out_of_room) if (serializer.ran_out_of_room)
{ {
buf_size += (buf_size >> 1) + 32; buf_size += (buf_size >> 1) + 32;
@ -101,10 +101,11 @@ _subset2 (hb_subset_plan_t *plan)
} }
serializer.end_serialize (); serializer.end_serialize ();
if (serializer.in_error ()) result = !serializer.in_error ();
abort ();
if (result) if (result)
{
if (needed)
{ {
hb_blob_t *dest_blob = serializer.copy_blob (); hb_blob_t *dest_blob = serializer.copy_blob ();
DEBUG_MSG(SUBSET, nullptr, "OT::%c%c%c%c final subset table size: %u bytes.", HB_UNTAG (tag), dest_blob->length); DEBUG_MSG(SUBSET, nullptr, "OT::%c%c%c%c final subset table size: %u bytes.", HB_UNTAG (tag), dest_blob->length);
@ -114,7 +115,7 @@ _subset2 (hb_subset_plan_t *plan)
else else
{ {
DEBUG_MSG(SUBSET, nullptr, "OT::%c%c%c%c::subset table subsetted to empty.", HB_UNTAG (tag)); DEBUG_MSG(SUBSET, nullptr, "OT::%c%c%c%c::subset table subsetted to empty.", HB_UNTAG (tag));
result = true; }
} }
} }
else else