diff options
author | Dominik Röttsches <drott@chromium.org> | 2019-12-30 11:22:04 +0200 |
---|---|---|
committer | Werner Lemberg <wl@gnu.org> | 2020-01-02 11:14:01 +0100 |
commit | 10d8de7541ab1f26f6f04b2118d13a92a7119102 (patch) | |
tree | 3df9f320570fe7705b0cea4acacdb282c7fbc54b | |
parent | a4df0373c71f426711fb77e3a21d4b58b7c42e66 (diff) | |
download | freetype2-10d8de7541ab1f26f6f04b2118d13a92a7119102.tar.gz |
[truetype] Fix UBSan warning on offset to nullptr (#57501).
* src/truetype/ttinterp.c (Ins_CALL): Fail if `exc->FDefs' is null.
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | src/truetype/ttinterp.c | 3 |
2 files changed, 9 insertions, 0 deletions
@@ -1,3 +1,9 @@ +2020-01-02 Dominik Röttsches <drott@chromium.org> + + [truetype] Fix UBSan warning on offset to nullptr (#57501). + + * src/truetype/ttinterp.c (Ins_CALL): Fail if `exc->FDefs' is null. + 2019-12-31 Nikhil Ramakrishnan <ramakrishnan.nikhil@gmail.com> [woff2] Allow bitmap-only fonts (#57394). diff --git a/src/truetype/ttinterp.c b/src/truetype/ttinterp.c index dca11d739..56cf53bde 100644 --- a/src/truetype/ttinterp.c +++ b/src/truetype/ttinterp.c @@ -3965,6 +3965,9 @@ if ( BOUNDSL( F, exc->maxFunc + 1 ) ) goto Fail; + if ( !exc->FDefs ) + goto Fail; + /* Except for some old Apple fonts, all functions in a TrueType */ /* font are defined in increasing order, starting from 0. This */ /* means that we normally have */ |