From 1167bff3e9a6302687667c6134673e4b3fd13636 Mon Sep 17 00:00:00 2001 From: Werner Lemberg Date: Sun, 6 Oct 2019 23:22:34 +0200 Subject: [PATCH] * src/sfnt/sfwoff2 (reconstruct_glyf): Fix reallocation. Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18046 --- ChangeLog | 8 ++++++++ src/sfnt/sfwoff2.c | 3 +++ 2 files changed, 11 insertions(+) diff --git a/ChangeLog b/ChangeLog index 75363837f..e6a4528d3 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,11 @@ +2019-10-06 Werner Lemberg + + * src/sfnt/sfwoff2 (reconstruct_glyf): Fix reallocation. + + Reported as + + https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18046 + 2019-10-06 Werner Lemberg Improve memory debugging. diff --git a/src/sfnt/sfwoff2.c b/src/sfnt/sfwoff2.c index 32a797b79..246842516 100644 --- a/src/sfnt/sfwoff2.c +++ b/src/sfnt/sfwoff2.c @@ -1235,6 +1235,9 @@ if ( !error ) error = FT_THROW( Invalid_Table ); + /* Set pointer `sfnt_bytes' to its correct value. */ + *sfnt_bytes = sfnt; + FT_FREE( substreams ); FT_FREE( loca_values ); FT_FREE( n_points_arr );