[HarfBuzz] harfbuzz-ng: Branch 'master'
Behdad Esfahbod
behdad at kemper.freedesktop.org
Wed Jul 21 13:37:45 PDT 2010
src/hb-open-type-private.hh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
New commits:
commit 4f801bd6586defdbf70162e0c7f8968d2b476df2
Author: Behdad Esfahbod <behdad at behdad.org>
Date: Wed Jul 21 16:37:01 2010 -0400
Mozilla bug 580233 - check for zero-length record in hb sanitizer.
Patch / report by Jonathan Kew.
diff --git a/src/hb-open-type-private.hh b/src/hb-open-type-private.hh
index 34d6cb0..cde6414 100644
--- a/src/hb-open-type-private.hh
+++ b/src/hb-open-type-private.hh
@@ -229,7 +229,7 @@ struct hb_sanitize_context_t
inline bool check_array (const void *base, unsigned int record_size, unsigned int len) const
{
const char *p = (const char *) base;
- bool overflows = len >= ((unsigned int) -1) / record_size;
+ bool overflows = record_size > 0 && len >= ((unsigned int) -1) / record_size;
if (HB_DEBUG_SANITIZE && (int) this->debug_depth < (int) HB_DEBUG_SANITIZE)
fprintf (stderr, "SANITIZE(%p) %-*d-> array [%p..%p] (%d*%d=%ld bytes) in [%p..%p] -> %s\n", \
More information about the HarfBuzz
mailing list