[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[freetype2] master 91fc3bd 2/3: * src/truetype/ttgxvar.c (TT_Get_MM_Var)
|
From: |
Werner LEMBERG |
|
Subject: |
[freetype2] master 91fc3bd 2/3: * src/truetype/ttgxvar.c (TT_Get_MM_Var): Check axis data. |
|
Date: |
Thu, 29 Dec 2016 20:45:05 +0000 (UTC) |
branch: master
commit 91fc3bd7c9ce3dadc5e62110f93328f8b4c8b781
Author: Werner Lemberg <address@hidden>
Commit: Werner Lemberg <address@hidden>
* src/truetype/ttgxvar.c (TT_Get_MM_Var): Check axis data.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=348
---
ChangeLog | 8 ++++++++
src/truetype/ttgxvar.c | 11 +++++++++++
2 files changed, 19 insertions(+)
diff --git a/ChangeLog b/ChangeLog
index 68940a2..d26fa3f 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,13 @@
2016-12-29 Werner Lemberg <address@hidden>
+ * src/truetype/ttgxvar.c (TT_Get_MM_Var): Check axis data.
+
+ Reported as
+
+ https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=348
+
+2016-12-29 Werner Lemberg <address@hidden>
+
[truetype] Tracing fixes.
* src/truetype/ttgxvar.c (tt_hadvance_adjust): Emit correct
diff --git a/src/truetype/ttgxvar.c b/src/truetype/ttgxvar.c
index ad662a4..cdf4183 100644
--- a/src/truetype/ttgxvar.c
+++ b/src/truetype/ttgxvar.c
@@ -1435,6 +1435,17 @@
a->name[3] = (FT_String)( ( a->tag ) & 0xFF );
a->name[4] = '\0';
+ if ( a->minimum > a->def ||
+ a->def > a->maximum )
+ {
+ FT_TRACE2(( "TT_Get_MM_Var:"
+ " invalid \"%s\" axis record; disabling\n",
+ a->name ));
+
+ a->minimum = a->def;
+ a->maximum = a->def;
+ }
+
FT_TRACE5(( " \"%s\": minimum=%.5f, default=%.5f, maximum=%.5f\n",
a->name,
a->minimum / 65536.0,
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [freetype2] master 91fc3bd 2/3: * src/truetype/ttgxvar.c (TT_Get_MM_Var): Check axis data.,
Werner LEMBERG <=