Commit d9ff6f20ad3e5101dbed0164cbed10e0d0c26792
2017-03-16T20:20:51
* src/truetype/ttgxvar.c (tt_done_blend): Free `vvar_table'. Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=883
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37
diff --git a/ChangeLog b/ChangeLog
index 5bbf50a..7dac7a2 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,11 @@
+2017-03-16 Werner Lemberg <wl@gnu.org>
+
+ * src/truetype/ttgxvar.c (tt_done_blend): Free `vvar_table'.
+
+ Reported as
+
+ https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=883
+
2017-03-15 Werner Lemberg <wl@gnu.org>
Remove clang compiler warnings (#50548).
diff --git a/src/truetype/ttgxvar.c b/src/truetype/ttgxvar.c
index 4ceee00..59615e2 100644
--- a/src/truetype/ttgxvar.c
+++ b/src/truetype/ttgxvar.c
@@ -3696,6 +3696,16 @@
FT_FREE( blend->hvar_table );
}
+ if ( blend->vvar_table )
+ {
+ ft_var_done_item_variation_store( face,
+ &blend->vvar_table->itemStore );
+
+ FT_FREE( blend->vvar_table->widthMap.innerIndex );
+ FT_FREE( blend->vvar_table->widthMap.outerIndex );
+ FT_FREE( blend->vvar_table );
+ }
+
if ( blend->mvar_table )
{
ft_var_done_item_variation_store( face,