[HarfBuzz] harfbuzz: Branch 'master'
Behdad Esfahbod
behdad at kemper.freedesktop.org
Mon Oct 12 21:31:28 PDT 2015
src/hb-ot-layout-gpos-table.hh | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
New commits:
commit f96664974774bfeb237a7274f512f64aaafb201e
Author: Behdad Esfahbod <behdad at behdad.org>
Date: Tue Oct 13 00:30:50 2015 -0400
Fix another memory access issue discovered by libFuzzer
Fixes https://github.com/behdad/harfbuzz/issues/139#issuecomment-146984679
diff --git a/src/hb-ot-layout-gpos-table.hh b/src/hb-ot-layout-gpos-table.hh
index ca98cb7..568b5f6 100644
--- a/src/hb-ot-layout-gpos-table.hh
+++ b/src/hb-ot-layout-gpos-table.hh
@@ -704,6 +704,8 @@ struct PairPosFormat1
{
TRACE_SANITIZE (this);
+ if (!c->check_struct (this)) return_trace (false);
+
unsigned int len1 = valueFormat1.get_len ();
unsigned int len2 = valueFormat2.get_len ();
PairSet::sanitize_closure_t closure = {
@@ -713,7 +715,7 @@ struct PairPosFormat1
1 + len1 + len2
};
- return_trace (c->check_struct (this) && coverage.sanitize (c, this) && pairSet.sanitize (c, this, &closure));
+ return_trace (coverage.sanitize (c, this) && pairSet.sanitize (c, this, &closure));
}
protected:
More information about the HarfBuzz
mailing list