shithub: freetype+ttf2subf

Download patch

ref: 578bcf103a12fb742cdb314565819011d1ac12a7
parent: 00968d8fd62105061d92e69b5ccd44077a5a6a9f
author: Werner Lemberg <[email protected]>
date: Mon Jul 30 07:28:04 EDT 2018 

[cff] Fix typo.

Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9409

* src/cff/cffdrivr.c (cff_get_cid_from_glyph_index): Fix boundary
check.

git/fs: mount .git/fs: mount/attach disallowed 
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,14 @@
+2018-07-30  Werner Lemberg  <[email protected]>
+
+	[cff] Fix typo.
+
+	Reported as
+
+	  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9409
+
+	* src/cff/cffdrivr.c (cff_get_cid_from_glyph_index): Fix boundary
+	check.
+
 2018-07-29  Werner Lemberg  <[email protected]>
 
 	* src/pcf/pcfread.c (pcf_get_encodings): Another thinko.
--- a/src/cff/cffdrivr.c
+++ b/src/cff/cffdrivr.c
@@ -795,7 +795,7 @@
         goto Fail;
       }
 
-      if ( glyph_index > cff->num_glyphs )
+      if ( glyph_index >= cff->num_glyphs )
       {
         error = FT_THROW( Invalid_Argument );
         goto Fail;