From 578bcf103a12fb742cdb314565819011d1ac12a7 Mon Sep 17 00:00:00 2001
From: Werner Lemberg <wl@gnu.org>
Date: Mon, 30 Jul 2018 11:28:04 +0200
Subject: [PATCH] [cff] Fix typo.

Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9409

* src/cff/cffdrivr.c (cff_get_cid_from_glyph_index): Fix boundary
check.
---
 ChangeLog          | 11 +++++++++++
 src/cff/cffdrivr.c |  2 +-
 2 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/ChangeLog b/ChangeLog
index 578d00996..2402b717a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,14 @@
+2018-07-30  Werner Lemberg  <wl@gnu.org>
+
+	[cff] Fix typo.
+
+	Reported as
+
+	  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9409
+
+	* src/cff/cffdrivr.c (cff_get_cid_from_glyph_index): Fix boundary
+	check.
+
 2018-07-29  Werner Lemberg  <wl@gnu.org>
 
 	* src/pcf/pcfread.c (pcf_get_encodings): Another thinko.
diff --git a/src/cff/cffdrivr.c b/src/cff/cffdrivr.c
index 298d935bc..997a734fb 100644
--- a/src/cff/cffdrivr.c
+++ b/src/cff/cffdrivr.c
@@ -795,7 +795,7 @@
         goto Fail;
       }
 
-      if ( glyph_index > cff->num_glyphs )
+      if ( glyph_index >= cff->num_glyphs )
       {
         error = FT_THROW( Invalid_Argument );
         goto Fail;