From 64985519210a1b62fcfccf394e6ab0f7bfe9be09 Mon Sep 17 00:00:00 2001
From: Werner Lemberg <wl@gnu.org>
Date: Mon, 9 Oct 2017 07:45:03 +0200
Subject: [PATCH] * src/base/ftoutln.c (FT_Outline_Translate): Fix integer
 overflow.

Reported as

  https://bugs.chromium.org/p/chromium/issues/detail?id=772775
---
 ChangeLog          | 8 ++++++++
 src/base/ftoutln.c | 4 ++--
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 178ea064c..0c0650f2b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,11 @@
+2017-10-09  Werner Lemberg  <wl@gnu.org>
+
+	* src/base/ftoutln.c (FT_Outline_Translate): Fix integer overflow.
+
+	Reported as
+
+	  https://bugs.chromium.org/p/chromium/issues/detail?id=772775
+
 2017-10-08  Werner Lemberg  <wl@gnu.org>
 
 	* src/base/ftobjs.c (ft_glyphslot_preset_bitmap): Integer overflows.
diff --git a/src/base/ftoutln.c b/src/base/ftoutln.c
index 9ceb9cf1b..cbbcb859a 100644
--- a/src/base/ftoutln.c
+++ b/src/base/ftoutln.c
@@ -540,8 +540,8 @@
 
     for ( n = 0; n < outline->n_points; n++ )
     {
-      vec->x += xOffset;
-      vec->y += yOffset;
+      vec->x = ADD_LONG( vec->x, xOffset );
+      vec->y = ADD_LONG( vec->y, yOffset );
       vec++;
     }
   }