From ff984ed3cdd18290ed3a37c76961176d9f86c9cd Mon Sep 17 00:00:00 2001 From: Ebrahim Byagowi Date: Tue, 11 Feb 2020 19:50:51 +0330 Subject: [PATCH] Use multiplication to avoid undefined behaviour per clang Newer versions of MSVC with /we4146 don't like putting negative sign behind a unsigned number as https://github.com/harfbuzz/harfbuzz/pull/2069 That however have made https://crbug.com/1050424 this complain: src/hb-ot-color-sbix-table.hh:304:28: runtime error: negation of -2147483648 cannot be represented in type 'int'; cast to an unsigned type to negate this value to itself which apparently can be fixed using this change. Let's see if this won't make another ubsan complain! --- src/hb-ot-color-sbix-table.hh | 2 +- ...ase-minimized-hb_shape_fuzzer-5633785895911424 | Bin 0 -> 582 bytes 2 files changed, 1 insertion(+), 1 deletion(-) create mode 100644 test/fuzzing/fonts/clusterfuzz-testcase-minimized-hb_shape_fuzzer-5633785895911424 diff --git a/src/hb-ot-color-sbix-table.hh b/src/hb-ot-color-sbix-table.hh index 9ec44d70c..726356a59 100644 --- a/src/hb-ot-color-sbix-table.hh +++ b/src/hb-ot-color-sbix-table.hh @@ -301,7 +301,7 @@ struct sbix extents->x_bearing = x_offset; extents->y_bearing = png.IHDR.height + y_offset; extents->width = png.IHDR.width; - extents->height = -static_cast(png.IHDR.height); + extents->height = -1 * png.IHDR.height; /* Convert to font units. */ if (strike_ppem) diff --git a/test/fuzzing/fonts/clusterfuzz-testcase-minimized-hb_shape_fuzzer-5633785895911424 b/test/fuzzing/fonts/clusterfuzz-testcase-minimized-hb_shape_fuzzer-5633785895911424 new file mode 100644 index 0000000000000000000000000000000000000000..0bbeb5c90f523586d5f7850da095e3e83b351e5d GIT binary patch literal 582 zcmb7>%_~Gv7{;G-@7x*R24f*9#pXP2>*c+ zStw+|pI~8UVIj@V%63d0@43S?mfkw&bk1|$=Y7xbfB|Sk9_rZqbZ~M?Q62!*GWxcX zckdT*zBeC8e*%fNblg_Xtp=t7U9d zn=~JoiD;p=B{)vnD~&~#@*c^ud;u!kj2)1N%6gJ20GDq38J9+2-{S3)bFAV?TcxrR> tRyb-xXv_k;r?=!OpQ6lhfH+2~IhKUemrWbp*5eiZ;&@RATK|_xdEZwUhY0`x literal 0 HcmV?d00001