From 9dc9f0385dce05456d48730bf5dc7cac52eaa4da Mon Sep 17 00:00:00 2001 From: Qunxin Liu Date: Thu, 8 Apr 2021 11:00:17 -0700 Subject: [PATCH] [subset] fix for fuzzer testcase: https://oss-fuzz.com/testcase-detail/5858518134554624 --- src/hb-ot-layout-gpos-table.hh | 4 ++++ ...se-minimized-hb-subset-fuzzer-5858518134554624 | Bin 0 -> 802 bytes 2 files changed, 4 insertions(+) create mode 100644 test/fuzzing/fonts/clusterfuzz-testcase-minimized-hb-subset-fuzzer-5858518134554624 diff --git a/src/hb-ot-layout-gpos-table.hh b/src/hb-ot-layout-gpos-table.hh index 0e389b761..e4189754f 100644 --- a/src/hb-ot-layout-gpos-table.hh +++ b/src/hb-ot-layout-gpos-table.hh @@ -492,9 +492,13 @@ struct Anchor { TRACE_SUBSET (this); if (c->plan->drop_hints) + { // AnchorFormat 2 and 3 just containing extra hinting information, so // if hints are being dropped convert to format 1. + if (u.format != 1 && u.format != 2 && u.format != 3) + return_trace (false); return_trace (bool (reinterpret_cast (u.format1.copy (c->serializer)))); + } switch (u.format) { case 1: return_trace (bool (reinterpret_cast (u.format1.copy (c->serializer)))); diff --git a/test/fuzzing/fonts/clusterfuzz-testcase-minimized-hb-subset-fuzzer-5858518134554624 b/test/fuzzing/fonts/clusterfuzz-testcase-minimized-hb-subset-fuzzer-5858518134554624 new file mode 100644 index 0000000000000000000000000000000000000000..90a743b9fe0eb7307338292d2c55cb0e05a4f25f GIT binary patch literal 802 zcma)4OKTHR6#ix=FD9Y3kVTy)P(rLWB(c_o5~-#^4Q{LwgBTGrn5400+E9ZgQB1P1 z1vf$$ajPpW{s12!xNzkv?ur{xH!jS=TAD(&<2N%^if%lYd+xdC@!j*d5CHU{2?^PW z<0nL%+y&%1U(s-SlV_$$BC^x!^|I~+0mUFeJlF2k3NJ=3yD5jpAl@zJRlz14T*r56U_-HprsugM zMgIt}6)biuRp)8EJ_hj#9bBc>70>jYTH&Spn^zFw(9~)f30sD?Jp!7;vszx2@n{EC zD|!nVj2Hz#oLUY+eIdUu65>}HttgvDi~cU~#SMIU*{&YrQsUBzzMg^oh{PYC#!MaW){is64C z3>YP#D5Itz;r(9(9N~+6T+2)TUgo3!@v_^+BFC9jtUQ;i=nGg`HAtF73a7Zk?8tda z=Lq>MSkx+20SvmrL76bCS>y1tH3_R!^22|mZQ*U( zqNs7~Z?|KIfJM``W>Hw1`91TpI-j4N-#mNcYOSQV^mU1TdPsNtT-vDndYkNQj~`VM zSd~APNTrjmTgF#b5MvI&3