AuroraMiddleware/harfbuzz
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

[subset] don't use pointers returned from push after array has resized in hb-subset-glyf.cc

Browse Source
This commit is contained in:
Garret Rieger 2018-03-20 16:55:42 -07:00
parent 3531efdb4c
commit 1396614040
2 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/hb-subset-glyf.cc
View File

@ -43,9 +43,14 @@ _calculate_glyf_and_loca_prime_size (const OT::glyf::accelerator_t &glyf,
for (unsigned int i = 0; i < glyph_ids.len; i++) for (unsigned int i = 0; i < glyph_ids.len; i++)
{ {
hb_codepoint_t next_glyph = glyph_ids[i]; hb_codepoint_t next_glyph = glyph_ids[i];
unsigned int *instruction_start = instruction_ranges->push(); if (!instruction_ranges->resize (instruction_ranges->len + 2))
unsigned int *instruction_end = instruction_ranges->push(); {
DEBUG_MSG(SUBSET, nullptr, "Failed to resize instruction_ranges.", next_glyph);
return false;
}
unsigned int *instruction_start = &(*instruction_ranges)[instruction_ranges->len - 2];
*instruction_start = 0; *instruction_start = 0;
unsigned int *instruction_end = &(*instruction_ranges)[instruction_ranges->len - 1];
*instruction_end = 0; *instruction_end = 0;
unsigned int start_offset, end_offset; unsigned int start_offset, end_offset;

BIN
test/api/fonts/crash-b577db318b30f2851828a4c9ef97cb30678b1b54 Normal file
View File

Binary file not shown.