[HarfBuzz] harfbuzz: Branch 'master'
Behdad Esfahbod
behdad at kemper.freedesktop.org
Tue Nov 14 23:49:21 UTC 2017
src/hb-ot-layout-gsubgpos-private.hh | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
New commits:
commit e5930722d485207ca158612a2b08816337fed7e8
Author: Behdad Esfahbod <behdad at behdad.org>
Date: Tue Nov 14 15:47:55 2017 -0800
Fix invalid buffer access in OOM times
Hopefully fully fixes
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=1856
diff --git a/src/hb-ot-layout-gsubgpos-private.hh b/src/hb-ot-layout-gsubgpos-private.hh
index b0cffa3a..dcaa2617 100644
--- a/src/hb-ot-layout-gsubgpos-private.hh
+++ b/src/hb-ot-layout-gsubgpos-private.hh
@@ -1002,7 +1002,8 @@ static inline bool apply_lookup (hb_apply_context_t *c,
if (idx == 0 && lookupRecord[i].lookupListIndex == c->lookup_index)
continue;
- buffer->move_to (match_positions[idx]);
+ if (unlikely (!buffer->move_to (match_positions[idx])))
+ break;
unsigned int orig_len = buffer->backtrack_len () + buffer->lookahead_len ();
if (!c->recurse (lookupRecord[i].lookupListIndex))
More information about the HarfBuzz
mailing list