kc3-lang/freetype

Browse

Commit 8d435c463d22f6de35015b244d6f9bb433beb7e6

Werner Lemberg 2017-06-01T07:09:44

* src/truetype/ttinterp.c (TT_RunIns): Adjust loop counter again. Problem reported by Marek Kašík <mkasik@redhat.com>. The problematic font that exceeds the old limit is Padauk-Bold, version 3.002, containing bytecode generated by a buggy version of ttfautohint. 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32

diff --git a/ChangeLog b/ChangeLog
index c38b5af..a044712 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,13 @@
+2017-06-01  Werner Lemberg  <wl@gnu.org>
+
+	* src/truetype/ttinterp.c (TT_RunIns): Adjust loop counter again.
+
+	Problem reported by Marek Kašík <mkasik@redhat.com>.
+
+	The problematic font that exceeds the old limit is Padauk-Bold,
+	version 3.002, containing bytecode generated by a buggy version of
+	ttfautohint.
+
 2017-05-31  Werner Lemberg  <wl@gnu.org>
 
 	[cff] 32bit integer overflow run-time errors 2/2 (#46149).
diff --git a/src/truetype/ttinterp.c b/src/truetype/ttinterp.c
index 0c48c25..775d110 100644
--- a/src/truetype/ttinterp.c
+++ b/src/truetype/ttinterp.c
@@ -7649,8 +7649,7 @@
                                   FT_MAX( 50,
                                           exc->cvtSize / 10 );
     else
-      exc->loopcall_counter_max = FT_MAX( 100,
-                                          10 * exc->cvtSize );
+      exc->loopcall_counter_max = 300 + 8 * exc->cvtSize;
 
     /* as a protection against an unreasonable number of CVT entries  */
     /* we assume at most 100 control values per glyph for the counter */
kmx.io     mail     discord kmxgit v0.4.0