Commit 730b6d7468327f918472b7780c159d688c68590c
2015-09-19T12:41:12
[sfnt] Improve handling of invalid SFNT table entries (#45987). This patch fixes weaknesses in function `tt_face_load_font_dir'. - It incorrectly assumed that valid tables are always at the beginning. As a consequence, some valid tables after invalid entries (which are ignored) were never seen. - Duplicate table entries (this is, having the same tag) were not rejected. - The number of valid tables was sometimes too large, leading to access of invalid tables. * src/sfnt/ttload.c (check_table_dir): Add argument to return number of valid tables. Add another tracing message. (tt_face_load_font_dir): Only allocate table array for valid entries as returned by `check_table_dir'. Reject duplicate tables and adjust number of valid tables accordingly.