From c13635ee4bf34e621816cd09d7f2baf918e20af8 Mon Sep 17 00:00:00 2001
From: Werner Lemberg <wl@gnu.org>
Date: Mon, 29 Oct 2018 21:25:10 +0100
Subject: [PATCH] [base] Fix numeric overflow.

Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11080

* src/base/ftoutln.c (FT_Outline_Get_Orientation): Use `MUL_LONG'.
---
 ChangeLog          | 10 ++++++++++
 src/base/ftoutln.c |  3 ++-
 2 files changed, 12 insertions(+), 1 deletion(-)

diff --git a/ChangeLog b/ChangeLog
index 7854293d1..94879e578 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,13 @@
+2018-10-29  Werner Lemberg  <wl@gnu.org>
+
+	[base] Fix numeric overflow.
+
+	Reported as
+
+	  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11080
+
+	* src/base/ftoutln.c (FT_Outline_Get_Orientation): Use `MUL_LONG'.
+
 2018-10-29  Werner Lemberg  <wl@gnu.org>
 
 	[cff] Fix numeric overflow.
diff --git a/src/base/ftoutln.c b/src/base/ftoutln.c
index 85a469737..f54ebdf5c 100644
--- a/src/base/ftoutln.c
+++ b/src/base/ftoutln.c
@@ -1076,7 +1076,8 @@
         v_cur.y = points[n].y >> yshift;
 
         area = ADD_LONG( area,
-                         ( v_cur.y - v_prev.y ) * ( v_cur.x + v_prev.x ) );
+                         MUL_LONG( v_cur.y - v_prev.y,
+                                   v_cur.x + v_prev.x ) );
 
         v_prev = v_cur;
       }