Commit 3cb7b3f7cb35fe403195e5e5dd76c1a8fce2e59a
2019-11-23T10:54:51
[sfnt] Avoid sanitizer warning (#57286). * src/sfnt/ttcmap.c (tt_face_build_cmaps): Avoid possible `NULL + offset' computation. Tag `table' as `const'.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49
diff --git a/ChangeLog b/ChangeLog
index 7019ab1..6a2743c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,11 @@
+2019-11-23 Ben Wagner <bungeman@google.com>
+
+ [sfnt] Avoid sanitizer warning (#57286).
+
+ * src/sfnt/ttcmap.c (tt_face_build_cmaps): Avoid possible `NULL +
+ offset' computation.
+ Tag `table' as `const'.
+
2019-11-23 John Stracke <jstracke@Google.com>
Werner Lemberg <wl@gnu.org>
diff --git a/src/sfnt/ttcmap.c b/src/sfnt/ttcmap.c
index 683f3b1..a3acf78 100644
--- a/src/sfnt/ttcmap.c
+++ b/src/sfnt/ttcmap.c
@@ -3764,16 +3764,16 @@
FT_LOCAL_DEF( FT_Error )
tt_face_build_cmaps( TT_Face face )
{
- FT_Byte* table = face->cmap_table;
- FT_Byte* limit = table + face->cmap_size;
+ FT_Byte* const table = face->cmap_table;
+ FT_Byte* limit;
FT_UInt volatile num_cmaps;
- FT_Byte* volatile p = table;
+ FT_Byte* volatile p = table;
FT_Library library = FT_FACE_LIBRARY( face );
FT_UNUSED( library );
- if ( !p || p + 4 > limit )
+ if ( !p || face->cmap_size < 4 )
return FT_THROW( Invalid_Table );
/* only recognize format 0 */
@@ -3786,6 +3786,7 @@
}
num_cmaps = TT_NEXT_USHORT( p );
+ limit = table + face->cmap_size;
for ( ; num_cmaps > 0 && p + 8 <= limit; num_cmaps-- )
{