* src/truetype/ttgxvar.c (ft_var_to_normalized): Integer overflow.

Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=66543
10 months ago · 546237e1bb
parent 47574f7ea4
commit 546237e1bb
1 changed files with 1 additions and 1 deletions
--- a/src/truetype/ttgxvar.c
+++ b/src/truetype/ttgxvar.c
@ -2142,7 +2142,7 @@
                                         innerIndex );

          /* Convert to 16.16 format before adding. */
-	  v += delta * 4;
+	  v += MUL_INT( delta, 4 );

 	  /* Clamp value range. */
 	  v = v >=  0x10000L ?  0x10000 : v;