[truetype] Restore behavior of ft_var_load_hvvar
* src/truetype/ttgcvar.c (ft_var_load_hvvar): restore previous behavior
In a previous change [0] the behavior of `ft_var_load_hvvar` was changed
to not load the item variation store if it was at offset 0, but not
return an error when this happened. This broke any users, like
`tt_hvadvance_adjust`, that rely on successful completion of
`ft_var_load_hvvar` to imply that returned table's `itemStore` had been
initialized. This lead such users to dereference NULL.
This change appears to have been unintentional and unrelated to the
actual avar2 changes. As a result, fix these NULL dereferences by
restoring the code to always attempt to initialize the `itemStore`.
[0] ae4eb996
"[truetype] Add support for `avar` table 2.0 format."
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53061
This commit is contained in:
parent
978fdb292a
commit
d38407f79e
|
@ -929,15 +929,12 @@
|
||||||
table = blend->hvar_table;
|
table = blend->hvar_table;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( store_offset )
|
error = tt_var_load_item_variation_store(
|
||||||
{
|
face,
|
||||||
error = tt_var_load_item_variation_store(
|
table_offset + store_offset,
|
||||||
face,
|
&table->itemStore );
|
||||||
table_offset + store_offset,
|
if ( error )
|
||||||
&table->itemStore );
|
goto Exit;
|
||||||
if ( error )
|
|
||||||
goto Exit;
|
|
||||||
}
|
|
||||||
|
|
||||||
if ( widthMap_offset )
|
if ( widthMap_offset )
|
||||||
{
|
{
|
||||||
|
|
Loading…
Reference in New Issue