[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[freetype2] master 6b660f1: [psaux] Fix numeric overflow.
|
From: |
Werner LEMBERG |
|
Subject: |
[freetype2] master 6b660f1: [psaux] Fix numeric overflow. |
|
Date: |
Tue, 2 Oct 2018 10:49:22 -0400 (EDT) |
branch: master
commit 6b660f12151c7f333f8be6d84df916db210d3742
Author: Werner Lemberg <address@hidden>
Commit: Werner Lemberg <address@hidden>
[psaux] Fix numeric overflow.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10768
* src/psaux/cffdecode.c (cff_decoder_parse_charstrings) <cff_op_roll>
[CFF_CONFIG_OPTION_OLD_ENGINE]: Use NEG_INT.
---
ChangeLog | 11 +++++++++++
src/psaux/cffdecode.c | 2 +-
2 files changed, 12 insertions(+), 1 deletion(-)
diff --git a/ChangeLog b/ChangeLog
index 8a308a6..123cc51 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,16 @@
2018-10-02 Werner Lemberg <address@hidden>
+ [psaux] Fix numeric overflow.
+
+ Reported as
+
+ https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10768
+
+ * src/psaux/cffdecode.c (cff_decoder_parse_charstrings) <cff_op_roll>
+ [CFF_CONFIG_OPTION_OLD_ENGINE]: Use NEG_INT.
+
+2018-10-02 Werner Lemberg <address@hidden>
+
[pshinter] Handle numeric overflow.
Reported as
diff --git a/src/psaux/cffdecode.c b/src/psaux/cffdecode.c
index 0576ca6..b90a828 100644
--- a/src/psaux/cffdecode.c
+++ b/src/psaux/cffdecode.c
@@ -1839,7 +1839,7 @@
/* before C99 it is implementation-defined whether */
/* the result of `%' is negative if the first operand */
/* is negative */
- idx = -( ( -idx ) % count );
+ idx = -( NEG_INT( idx ) % count );
while ( idx < 0 )
{
FT_Fixed tmp = args[0];
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [freetype2] master 6b660f1: [psaux] Fix numeric overflow.,
Werner LEMBERG <=