[CFF] bad offset in Index (#1476)
* Update hb-ot-cff-common.hh * fix bug * bummer fix wasn't hit. refix * additional sanity check * Added test cases for oss-fuzz issues 11805, 11806
This commit is contained in:
parent
bcb4ecaf68
commit
798e98c47b
|
@ -200,7 +200,13 @@ struct CFFIndex
|
||||||
}
|
}
|
||||||
|
|
||||||
inline unsigned int length_at (unsigned int index) const
|
inline unsigned int length_at (unsigned int index) const
|
||||||
{ return offset_at (index + 1) - offset_at (index); }
|
{
|
||||||
|
if (likely ((offset_at (index + 1) >= offset_at (index)) &&
|
||||||
|
(offset_at (index + 1) <= offset_at (count))))
|
||||||
|
return offset_at (index + 1) - offset_at (index);
|
||||||
|
else
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
inline const char *data_base (void) const
|
inline const char *data_base (void) const
|
||||||
{ return (const char *)this + min_size + offset_array_size (); }
|
{ return (const char *)this + min_size + offset_array_size (); }
|
||||||
|
@ -211,7 +217,7 @@ struct CFFIndex
|
||||||
inline ByteStr operator [] (unsigned int index) const
|
inline ByteStr operator [] (unsigned int index) const
|
||||||
{
|
{
|
||||||
if (likely (index < count))
|
if (likely (index < count))
|
||||||
return ByteStr (data_base () + offset_at (index) - 1, offset_at (index + 1) - offset_at (index));
|
return ByteStr (data_base () + offset_at (index) - 1, length_at (index));
|
||||||
else
|
else
|
||||||
return Null(ByteStr);
|
return Null(ByteStr);
|
||||||
}
|
}
|
||||||
|
|
Binary file not shown.
Binary file not shown.
Loading…
Reference in New Issue