Chiebot-Mirror
/
harfbuzz
mirror of https://github.com/harfbuzz/harfbuzz.git
8
0
Fork 0
Code Issues Projects Releases Wiki Activity

[subset] fail reference blob in face builder if allocation for table sorting fails.

Browse Source 
Fixes https://oss-fuzz.com/testcase-detail/5041767803125760
pull/3126/head
Garret Rieger 4 years ago
parent e5bfd49ae5
commit 8c0c217b5a
2 changed files with 6 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 6
      src/hb-face.cc
  2. BIN
      test/fuzzing/fonts/clusterfuzz-testcase-minimized-hb-subset-fuzzer-5041767803125760

6
src/hb-face.cc
Unescape View File

@ -690,6 +690,12 @@ _hb_face_builder_data_reference_blob (hb_face_builder_data_t *data)
// Sort the tags so that produced face is deterministic.
hb_vector_t<hb_pair_t <hb_tag_t, hb_blob_t*>> sorted_entries;
data->tables.iter () | hb_sink (sorted_entries);
if (unlikely (sorted_entries.in_error ()))
{
hb_free (buf);
return nullptr;
}
sorted_entries.qsort (compare_entries);
bool ret = f->serialize_single (&c, sfnt_tag, + sorted_entries.iter());

BIN
test/fuzzing/fonts/clusterfuzz-testcase-minimized-hb-subset-fuzzer-5041767803125760
View File

Binary file not shown.
Write Preview
Loading…
Cancel
Save