[cairo] Guard hb_cairo_glyphs_from_buffer() against bad UTF-8

Previously it was assuming valid UTF-8.
3 months ago · 1767f99e2e
parent 6898a6048c
commit 1767f99e2e
2 changed files with 6 additions and 2 deletions
--- a/src/hb-cairo.cc
+++ b/src/hb-cairo.cc
@ -1000,6 +1000,7 @@ hb_cairo_glyphs_from_buffer (hb_buffer_t *buffer,
 	    end = start + hb_glyph[i].cluster - hb_glyph[i+1].cluster;
 	  else
 	    end = (const char *) hb_utf_offset_to_pointer<hb_utf8_t> ((const uint8_t *) start,
+								      (const uint8_t *) utf8, utf8_len,
 								      (signed) (hb_glyph[i].cluster - hb_glyph[i+1].cluster));
 	  (*clusters)[cluster].num_bytes = end - start;
 	  start = end;
@ -1020,6 +1021,7 @@ hb_cairo_glyphs_from_buffer (hb_buffer_t *buffer,
 	    end = start + hb_glyph[i].cluster - hb_glyph[i-1].cluster;
 	  else
 	    end = (const char *) hb_utf_offset_to_pointer<hb_utf8_t> ((const uint8_t *) start,
+								      (const uint8_t *) utf8, utf8_len,
 								      (signed) (hb_glyph[i].cluster - hb_glyph[i-1].cluster));
 	  (*clusters)[cluster].num_bytes = end - start;
 	  start = end;
--- a/src/hb-utf.hh
+++ b/src/hb-utf.hh
@ -458,19 +458,21 @@ struct hb_ascii_t
 template <typename utf_t>
 static inline const typename utf_t::codepoint_t *
 hb_utf_offset_to_pointer (const typename utf_t::codepoint_t *start,
+			  const typename utf_t::codepoint_t *text,
+			  unsigned text_len,
 			  signed offset)
 {
  hb_codepoint_t unicode;

  while (offset-- > 0)
    start = utf_t::next (start,
-			 start + utf_t::max_len,
+			 text + text_len,
 			 &unicode,
 			 HB_BUFFER_REPLACEMENT_CODEPOINT_DEFAULT);

  while (offset++ < 0)
    start = utf_t::prev (start,
-			 start - utf_t::max_len,
+			 text,
 			 &unicode,
 			 HB_BUFFER_REPLACEMENT_CODEPOINT_DEFAULT);