Another fix for handling invalid format 2 cmaps.
Sigh. Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8003 * src/sfnt/ttcmap.c (tt_cmap2_char_next): Adjust condition to avoid an endless loop.
This commit is contained in:
parent
2157d8fa6f
commit
ac97a29653
13
ChangeLog
13
ChangeLog
|
@ -1,3 +1,16 @@
|
|||
2018-04-26 Werner Lemberg <wl@gnu.org>
|
||||
|
||||
Another fix for handling invalid format 2 cmaps.
|
||||
|
||||
Sigh.
|
||||
|
||||
Reported as
|
||||
|
||||
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=8003
|
||||
|
||||
* src/sfnt/ttcmap.c (tt_cmap2_char_next): Adjust condition to avoid
|
||||
an endless loop.
|
||||
|
||||
2018-04-24 Ben Wagner <bungeman@google.com>
|
||||
|
||||
[base] Avoid undefined behaviour in lcd filtering code (#53727).
|
||||
|
|
|
@ -518,7 +518,7 @@
|
|||
FT_UInt pos, idx;
|
||||
|
||||
|
||||
if ( char_lo > start + count && charcode <= 0xFF )
|
||||
if ( char_lo >= start + count && charcode <= 0xFF )
|
||||
{
|
||||
/* this happens only for a malformed cmap */
|
||||
charcode = 0x100;
|
||||
|
|
Loading…
Reference in New Issue