[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[freetype2] master ec7d2e5: * src/psaux/psintrp.c (cf2_doStems): Fix int
From: |
Werner LEMBERG |
Subject: |
[freetype2] master ec7d2e5: * src/psaux/psintrp.c (cf2_doStems): Fix integer overflow. |
Date: |
Thu, 28 Sep 2017 08:21:50 -0400 (EDT) |
branch: master
commit ec7d2e5f683dab0d1471cbc1f25d0e65aae63b5d
Author: Werner Lemberg <address@hidden>
Commit: Werner Lemberg <address@hidden>
* src/psaux/psintrp.c (cf2_doStems): Fix integer overflow.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3510
---
ChangeLog | 8 ++++++++
src/psaux/psintrp.c | 4 ++--
2 files changed, 10 insertions(+), 2 deletions(-)
diff --git a/ChangeLog b/ChangeLog
index 9d0bbbb..7a613b1 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,11 @@
+2017-09-28 Werner Lemberg <address@hidden>
+
+ * src/psaux/psintrp.c (cf2_doStems): Fix integer overflow.
+
+ Reported as
+
+ https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3510
+
2017-09-28 Ewald Hew <address@hidden>
* src/cid/cidgload.c (cid_slot_load_glyph): Fix memory leak.
diff --git a/src/psaux/psintrp.c b/src/psaux/psintrp.c
index 9e67187..ab6ed49 100644
--- a/src/psaux/psintrp.c
+++ b/src/psaux/psintrp.c
@@ -297,8 +297,8 @@
" No width. Use hsbw/sbw as first op\n" ));
}
if ( !font->isT1 && hasWidthArg && !*haveWidth )
- *width = cf2_stack_getReal( opStack, 0 ) +
- cf2_getNominalWidthX( font->decoder );
+ *width = ADD_INT32( cf2_stack_getReal( opStack, 0 ),
+ cf2_getNominalWidthX( font->decoder ) );
if ( font->decoder->width_only )
goto exit;
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [freetype2] master ec7d2e5: * src/psaux/psintrp.c (cf2_doStems): Fix integer overflow.,
Werner LEMBERG <=