Allow zero length ranges in sanitization (#1617)

Fixes fvar table sanitization where there are no named instance
by allowing zero length ranges starting from Null() address.

Fixes #1607
This commit is contained in:
Ebrahim Byagowi 2019-03-14 16:49:42 -07:00 committed by GitHub
parent b1dfb8c850
commit 8aaab78efc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 25 additions and 14 deletions

View File

@ -329,13 +329,15 @@ struct hb_sanitize_context_t :
unsigned int len) const
{
const char *p = (const char *) base;
bool ok = this->start <= p &&
bool ok = !len ||
(this->start <= p &&
p <= this->end &&
(unsigned int) (this->end - p) >= len &&
this->max_ops-- > 0;
this->max_ops-- > 0);
DEBUG_MSG_LEVEL (SANITIZE, p, this->debug_depth+1, 0,
"check_range [%p..%p] (%d bytes) in [%p..%p] -> %s",
"check_range [%p..%p]"
" (%d bytes) in [%p..%p] -> %s",
p, p + len, len,
this->start, this->end,
ok ? "OK" : "OUT-OF-RANGE");

BIN
test/api/fonts/Zycon.ttf Normal file

Binary file not shown.

View File

@ -110,12 +110,21 @@ test_ot_face_empty (void)
test_face (hb_face_get_empty (), 0);
}
static void
test_ot_var_axis_on_zero_named_instance ()
{
hb_face_t *face = hb_test_open_font_file ("fonts/Zycon.ttf");
g_assert (hb_ot_var_get_axis_count (face));
hb_face_destroy (face);
}
int
main (int argc, char **argv)
{
hb_test_init (&argc, &argv);
hb_test_add (test_ot_face_empty);
hb_test_add (test_ot_var_axis_on_zero_named_instance);
return hb_test_run();
}