* src/truetype/ttgxvar.c (tt_set_mm_blend): Fix off-by-one error.
Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9412
This commit is contained in:
parent
9f15370e56
commit
839cb404cf
|
@ -1,3 +1,11 @@
|
||||||
|
2018-07-16 Werner Lemberg <wl@gnu.org>
|
||||||
|
|
||||||
|
* src/truetype/ttgxvar.c (tt_set_mm_blend): Fix off-by-one error.
|
||||||
|
|
||||||
|
Reported as
|
||||||
|
|
||||||
|
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9412
|
||||||
|
|
||||||
2018-07-12 Werner Lemberg <wl@gnu.org>
|
2018-07-12 Werner Lemberg <wl@gnu.org>
|
||||||
|
|
||||||
* src/base/ftoutln.c (FT_Outline_Get_Orientation): Init `cbox'.
|
* src/base/ftoutln.c (FT_Outline_Get_Orientation): Init `cbox'.
|
||||||
|
|
|
@ -2533,11 +2533,14 @@
|
||||||
|
|
||||||
if ( FT_IS_NAMED_INSTANCE( FT_FACE( face ) ) )
|
if ( FT_IS_NAMED_INSTANCE( FT_FACE( face ) ) )
|
||||||
{
|
{
|
||||||
FT_UInt idx = (FT_UInt)face->root.face_index >> 16;
|
FT_UInt instance_index = (FT_UInt)face->root.face_index >> 16;
|
||||||
|
|
||||||
|
|
||||||
c = blend->normalizedcoords + i;
|
c = blend->normalizedcoords + i;
|
||||||
n = blend->normalized_stylecoords + idx * mmvar->num_axis + i;
|
n = blend->normalized_stylecoords +
|
||||||
|
( instance_index - 1 ) * mmvar->num_axis +
|
||||||
|
i;
|
||||||
|
|
||||||
for ( j = i; j < mmvar->num_axis; j++, n++, c++ )
|
for ( j = i; j < mmvar->num_axis; j++, n++, c++ )
|
||||||
if ( *c != *n )
|
if ( *c != *n )
|
||||||
have_diff = 1;
|
have_diff = 1;
|
||||||
|
|
Loading…
Reference in New Issue