Commit c3083e459584d0e8481fa2401232c8a3145fae4b
2017-10-05T14:32:24
* src/base/ftobjs.c (ft_glyphslot_preset_bitmap): Fix integer overflow. Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3539
diff --git a/ChangeLog b/ChangeLog
index 1890cbf..f131f2f 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,14 @@
2017-10-05 Werner Lemberg <wl@gnu.org>
+ * src/base/ftobjs.c (ft_glyphslot_preset_bitmap): Fix integer
+ overflow.
+
+ Reported as
+
+ https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3539
+
+2017-10-05 Werner Lemberg <wl@gnu.org>
+
Fix compiler warnings.
* src/cff/cffdrivr.c (cff_ps_get_font_extra): Avoid code that relies
diff --git a/src/base/ftobjs.c b/src/base/ftobjs.c
index 79e7511..2258a31 100644
--- a/src/base/ftobjs.c
+++ b/src/base/ftobjs.c
@@ -419,8 +419,8 @@
cbox.yMax = FT_PIX_CEIL( cbox.yMax );
}
- x_shift -= cbox.xMin;
- y_shift -= cbox.yMin;
+ x_shift = SUB_LONG( x_shift, cbox.xMin );
+ y_shift = SUB_LONG( y_shift, cbox.yMin );
x_left = cbox.xMin >> 6;
y_top = cbox.yMax >> 6;