[HarfBuzz] harfbuzz: Branch 'master' - 2 commits
Behdad Esfahbod
behdad at kemper.freedesktop.org
Sat Nov 3 19:15:33 UTC 2018
src/hb-ot-kern-table.hh | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
New commits:
commit 8d98c51d133b058a845ed7a84bfe8a43083bbb03
Author: Behdad Esfahbod <behdad at behdad.org>
Date: Sat Nov 3 15:14:57 2018 -0400
[kern] Third try fix access violation in Format3
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11245
diff --git a/src/hb-ot-kern-table.hh b/src/hb-ot-kern-table.hh
index b0ed4399..e361330b 100644
--- a/src/hb-ot-kern-table.hh
+++ b/src/hb-ot-kern-table.hh
@@ -441,7 +441,6 @@ struct KernSubTableFormat3
inline bool sanitize (hb_sanitize_context_t *c) const
{
TRACE_SANITIZE (this);
- return_trace (true); /* Disabled. See above. */
return_trace (c->check_struct (this) &&
c->check_range (kernValueZ,
kernValueCount * sizeof (FWORD) +
commit f074da8c2b6a7061c71d12213a6c494c119eb20e
Author: Behdad Esfahbod <behdad at behdad.org>
Date: Sat Nov 3 15:06:45 2018 -0400
[kern] Really fix access violation in Format3
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11245
diff --git a/src/hb-ot-kern-table.hh b/src/hb-ot-kern-table.hh
index 28ea9526..b0ed4399 100644
--- a/src/hb-ot-kern-table.hh
+++ b/src/hb-ot-kern-table.hh
@@ -444,7 +444,7 @@ struct KernSubTableFormat3
return_trace (true); /* Disabled. See above. */
return_trace (c->check_struct (this) &&
c->check_range (kernValueZ,
- kernValueCount +
+ kernValueCount * sizeof (FWORD) +
glyphCount * 2 +
leftClassCount * rightClassCount));
}
More information about the HarfBuzz
mailing list