Fix invalid buffer access in OOM times
Hopefully fully fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1856
This commit is contained in:
parent
fcd6c338ff
commit
e5930722d4
|
@ -1002,7 +1002,8 @@ static inline bool apply_lookup (hb_apply_context_t *c,
|
||||||
if (idx == 0 && lookupRecord[i].lookupListIndex == c->lookup_index)
|
if (idx == 0 && lookupRecord[i].lookupListIndex == c->lookup_index)
|
||||||
continue;
|
continue;
|
||||||
|
|
||||||
buffer->move_to (match_positions[idx]);
|
if (unlikely (!buffer->move_to (match_positions[idx])))
|
||||||
|
break;
|
||||||
|
|
||||||
unsigned int orig_len = buffer->backtrack_len () + buffer->lookahead_len ();
|
unsigned int orig_len = buffer->backtrack_len () + buffer->lookahead_len ();
|
||||||
if (!c->recurse (lookupRecord[i].lookupListIndex))
|
if (!c->recurse (lookupRecord[i].lookupListIndex))
|
||||||
|
|
Loading…
Reference in New Issue