walkero
/
harfbuzz
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

[gvar] Protect against out-of-range access 

Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47281
Fixes https://oss-fuzz.com/testcase-detail/5508865908670464
This commit is contained in:
Behdad Esfahbod 2022-05-06 11:54:38 -06:00
parent f10ddb8dd8
commit ca8a0f3ea3
2 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/hb-ot-var-gvar-table.hh
View File

@ -490,7 +490,10 @@ struct gvar
bool is_long_offset () const { return flags & 1; } bool is_long_offset () const { return flags & 1; }
unsigned get_offset (unsigned i) const unsigned get_offset (unsigned i) const
{ return is_long_offset () ? get_long_offset_array ()[i] : get_short_offset_array ()[i] * 2; } {
if (unlikely (i > glyphCount)) return 0;
return is_long_offset () ? get_long_offset_array ()[i] : get_short_offset_array ()[i] * 2;
}
const HBUINT32 * get_long_offset_array () const { return (const HBUINT32 *) &offsetZ; } const HBUINT32 * get_long_offset_array () const { return (const HBUINT32 *) &offsetZ; }
const HBUINT16 *get_short_offset_array () const { return (const HBUINT16 *) &offsetZ; } const HBUINT16 *get_short_offset_array () const { return (const HBUINT16 *) &offsetZ; }

BIN
test/fuzzing/fonts/clusterfuzz-testcase-hb-subset-fuzzer-5508865908670464 Normal file
View File

Binary file not shown.