From a15133e6efc10f5342dedf5dfca9070c8bcc49ca Mon Sep 17 00:00:00 2001
From: Jonathan Kew <jfkthame@gmail.com>
Date: Tue, 6 Sep 2016 06:33:36 +0200
Subject: [PATCH] [cff] Fix uninitialized memory.

Problem reported as

  https://bugzilla.mozilla.org/show_bug.cgi?id=1270288

* src/cff/cf2interp.c (cf2_interpT2CharString): Initialize `storage'
array to handle a `get' opcode without a previous `put'.
---
 ChangeLog          | 11 +++++++++++
 src/cff/cf2intrp.c |  2 ++
 2 files changed, 13 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index 239874e87..904fd8e90 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,14 @@
+2016-09-06  Jonathan Kew  <jfkthame@gmail.com>
+
+	[cff] Fix uninitialized memory.
+
+	Problem reported as
+
+	  https://bugzilla.mozilla.org/show_bug.cgi?id=1270288
+
+	* src/cff/cf2interp.c (cf2_interpT2CharString): Initialize `storage'
+	array to handle a `get' opcode without a previous `put'.
+
 2016-09-05  Alexei Podtelezhnikov  <apodtele@gmail.com>
 
 	* src/smooth/ftgrays.c (gray_move_to, gray_start_cell): Revert.
diff --git a/src/cff/cf2intrp.c b/src/cff/cf2intrp.c
index 7d663dd0e..10e7b4b64 100644
--- a/src/cff/cf2intrp.c
+++ b/src/cff/cf2intrp.c
@@ -469,6 +469,8 @@
     CF2_GlyphPathRec  glyphPath;
 
 
+    FT_ZERO( &storage );
+
     /* initialize the remaining objects */
     cf2_arrstack_init( &subrStack,
                        memory,