Prevent hinting if there are too many segments.

This speeds up handling of broken glyphs.

Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=35309

* src/autofit/aflatin.c (af_latin_hints_compute_segments): Implement
it.

1 files changed, 25 insertions, 0 deletions

diff --git a/src/autofit/aflatin.c b/src/autofit/aflatin.c
index ef90c93f6..8ca6ac29d 100644
--- a/src/autofit/aflatin.c
+++ b/src/autofit/aflatin.c
@@ -1847,6 +1847,31 @@
              ( FT_ABS( point->out_dir ) == major_dir ||
                point == point->prev                  ) )
         {
+          /*
+           * For efficiency, we restrict the number of segments to 1000,
+           * which is a heuristic value: it is very unlikely that a glyph
+           * with so many segments can be hinted in a sensible way.
+           * Reasons:
+           *
+           * - The glyph has really 1000 segments; this implies that it has
+           *   at least 2000 outline points.  Assuming 'normal' fonts that
+           *   have superfluous points optimized away, viewing such a glyph
+           *   only makes sense at large magnifications where hinting
+           *   isn't applied anyway.
+           *
+           * - We have a broken glyph.  Hinting doesn't make sense in this
+           *   case either.
+           */
+          if ( axis->num_segments > 1000 )
+          {
+            FT_TRACE0(( "af_latin_hints_compute_segments:"
+                        " more than 1000 segments in this glyph;\n" ));
+            FT_TRACE0(( "                                "
+                        " hinting is suppressed\n" ));
+            axis->num_segments = 0;
+            return FT_Err_Ok;
+          }
+
           /* this is the start of a new segment! */
           segment_dir = (AF_Direction)point->out_dir;