kc3-lang/freetype

Browse

Commit 0eae6eb0645264c98812f0095e0f5df4541830e6

Dave Arnold 2014-02-28T07:40:01

Fix Savannah bug #41697, part 1. * src/cff/cf2hints.c (cf2_hintmap_build): Return when `hintMask' is invalid. In this case, it is not safe to use the length of `hStemHintArray'; the exception has already been recorded in `hintMask'. 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30

diff --git a/ChangeLog b/ChangeLog
index 2010fda..1f48e24 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,12 @@
+2014-02-28  Dave Arnold  <darnold@adobe.com>
+
+	[cff] Fix Savannah bug #41697, part 1.
+
+	* src/cff/cf2hints.c (cf2_hintmap_build): Return when `hintMask' is
+	invalid.  In this case, it is not safe to use the length of
+	`hStemHintArray'; the exception has already been recorded in
+	`hintMask'.
+
 2014-02-26  Werner Lemberg  <wl@gnu.org>
 
 	[sfnt] Fix Savannah bug #41696.
diff --git a/src/cff/cf2hints.c b/src/cff/cf2hints.c
index 5f44161..79f84fc 100644
--- a/src/cff/cf2hints.c
+++ b/src/cff/cf2hints.c
@@ -781,6 +781,8 @@
       cf2_hintmask_setAll( hintMask,
                            cf2_arrstack_size( hStemHintArray ) +
                              cf2_arrstack_size( vStemHintArray ) );
+      if ( !cf2_hintmask_isValid( hintMask ) )
+          return;                   /* too many stem hints */
     }
 
     /* begin by clearing the map */
kmx.io     mail     discord kmxgit v0.4.0