From 079a22da037835daf5be2bd9eccf7bc1eaa2e783 Mon Sep 17 00:00:00 2001
From: Werner Lemberg <wl@gnu.org>
Date: Tue, 19 Apr 2022 09:28:21 +0200
Subject: [PATCH] * src/truetype/ttgload.c (TT_Process_Simple_Glyph): Integer
 overflow.

Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46792
---
 src/truetype/ttgload.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/truetype/ttgload.c b/src/truetype/ttgload.c
index 0ecde22b7..2ca63d65a 100644
--- a/src/truetype/ttgload.c
+++ b/src/truetype/ttgload.c
@@ -1104,8 +1104,8 @@
 
           for ( ; vec < limit; vec++, u++ )
           {
-            vec->x = ( FT_MulFix( u->x, x_scale ) + 32 ) >> 6;
-            vec->y = ( FT_MulFix( u->y, y_scale ) + 32 ) >> 6;
+            vec->x = ADD_LONG( FT_MulFix( u->x, x_scale ), 32 ) >> 6;
+            vec->y = ADD_LONG( FT_MulFix( u->y, y_scale ), 32 ) >> 6;
           }
         }
         else