[HarfBuzz] harfbuzz: Branch 'stable'

Simon Hausmann hausmann at kemper.freedesktop.org
Sun Aug 26 06:01:49 PDT 2007 

 src/harfbuzz-gpos.c |   15 ++++++++++-----
 src/harfbuzz-gsub.c |    2 +-
 2 files changed, 11 insertions(+), 6 deletions(-)

New commits:
diff-tree 8dd0a6c211b32705af991a93fe15803d5bd5d921 (from f2acc48e352c09c6c8f714c1e24ca5bc490da113)
Author: Behdad Esfahbod <behdad at behdad.org>
Date:   Sun Aug 26 14:43:27 2007 +0200

    [HarfBuzz] Another fix
    
    The actual fix for this bug now:
    
            http://bugzilla.gnome.org/show_bug.cgi?id=463430
    
    The bug was that an intermediate index variable was of type FT_UShort
    and overflowing with more than 65536 input glyphs.  Yikes!  Patch
    attached.

diff --git a/src/harfbuzz-gpos.c b/src/harfbuzz-gpos.c
index 513f3fb..6f0476a 100644
--- a/src/harfbuzz-gpos.c
+++ b/src/harfbuzz-gpos.c
@@ -1518,7 +1518,7 @@ static void  Free_PairPos( HB_GPOS_SubTa
 static FT_Error  Lookup_PairPos1( GPOS_Instance*       gpi,
 				  HB_PairPosFormat1*  ppf1,
 				  HB_Buffer           buffer,
-				  FT_UShort            first_pos,
+				  FT_ULong             first_pos,
 				  FT_UShort            index,
 				  FT_UShort            format1,
 				  FT_UShort            format2 )
@@ -1560,7 +1560,7 @@ static FT_Error  Lookup_PairPos1( GPOS_I
 static FT_Error  Lookup_PairPos2( GPOS_Instance*       gpi,
 				  HB_PairPosFormat2*  ppf2,
 				  HB_Buffer           buffer,
-				  FT_UShort            first_pos,
+				  FT_ULong             first_pos,
 				  FT_UShort            format1,
 				  FT_UShort            format2 )
 {
@@ -1600,7 +1600,8 @@ static FT_Error  Lookup_PairPos( GPOS_In
 				 int               nesting_level )
 {
   FT_Error         error;
-  FT_UShort        index, property, first_pos;
+  FT_UShort        index, property;
+  FT_ULong         first_pos;
   HB_GPOSHeader*  gpos = gpi->gpos;
   HB_PairPos*     pp = &st->pair;
 
@@ -1631,8 +1632,12 @@ static FT_Error  Lookup_PairPos( GPOS_In
       return error;
 
     if ( buffer->in_pos == buffer->in_length )
-      return HB_Err_Not_Covered;
+      {
+	buffer->in_pos = first_pos;
+        return HB_Err_Not_Covered;
+      }
     (buffer->in_pos)++;
+
   }
 
   switch ( pp->PosFormat )
@@ -3137,7 +3142,7 @@ static FT_Error  Do_ContextPos( GPOS_Ins
 				int                   nesting_level )
 {
   FT_Error  error;
-  FT_UShort i, old_pos;
+  FT_ULong i, old_pos;
 
 
   i = 0;
diff --git a/src/harfbuzz-gsub.c b/src/harfbuzz-gsub.c
index 00db6e8..23b87b8 100644
--- a/src/harfbuzz-gsub.c
+++ b/src/harfbuzz-gsub.c
@@ -1130,7 +1130,7 @@ static FT_Error  Do_ContextSubst( HB_GSU
 				  int                    nesting_level )
 {
   FT_Error  error;
-  FT_UShort i, old_pos;
+  FT_ULong i, old_pos;
 
 
   i = 0;

More information about the HarfBuzz mailing list