From 87496bf63ea7644733cdcc08f330a522597509a1 Mon Sep 17 00:00:00 2001
From: Garret Rieger <grieger@google.com>
Date: Thu, 13 Jan 2022 11:03:45 -0800
Subject: [PATCH] [subset] fix fuzzer timeout if visisted_paint goes into
 error.

---
 src/hb-ot-color-colr-table.hh                     |   2 +-
 ...se-minimized-hb-subset-fuzzer-4979711393005568 | Bin 0 -> 349 bytes
 2 files changed, 1 insertion(+), 1 deletion(-)
 create mode 100644 test/fuzzing/fonts/clusterfuzz-testcase-minimized-hb-subset-fuzzer-4979711393005568

diff --git a/src/hb-ot-color-colr-table.hh b/src/hb-ot-color-colr-table.hh
index 008422d08..977b1ab0f 100644
--- a/src/hb-ot-color-colr-table.hh
+++ b/src/hb-ot-color-colr-table.hh
@@ -71,7 +71,7 @@ struct hb_colrv1_closure_context_t :
   bool paint_visited (const void *paint)
   {
     hb_codepoint_t delta = (hb_codepoint_t) ((uintptr_t) paint - (uintptr_t) base);
-     if (visited_paint.has (delta))
+    if (visited_paint.in_error() || visited_paint.has (delta))
       return true;
 
     visited_paint.add (delta);
diff --git a/test/fuzzing/fonts/clusterfuzz-testcase-minimized-hb-subset-fuzzer-4979711393005568 b/test/fuzzing/fonts/clusterfuzz-testcase-minimized-hb-subset-fuzzer-4979711393005568
new file mode 100644
index 0000000000000000000000000000000000000000..1d32c3b17fb08294d3326208ef5032c49a2aab07
GIT binary patch
literal 349
zcmZQzWME)my2P^nh3+k9f1e-*w*a63gEspM28P_kiULsvH6svTlRu0Bq|^#XfM^hq
zXPC=yb|wQzS6BcSP(bnTzyHkaFM4_mdVsudK$QX@bzmUC$iUCQ@JQS=!;tZRJxCG^
zelu)x;$bLGElXu!_%F&gjg^6giGh_tSQaSjz@q{(2M8eMK<ovP{EzB6nE&THvv4z~
zFo+wW8u=g9d<Hz`f5c`!&;tHP)?oA9+%_aR#;gI_`1>b=*{?#?!~}np0!Idjy-=?}
OgF}G<C=A3%AqfEP;zLIO

literal 0
HcmV?d00001