shithub: freetype+ttf2subf

Download patch

ref: 5e3a38b194f3a68e9a5a03a1bd0c6bb2eb3dec1f
parent: a346abc0934de411f26f8472ffbc6c4e0a8f95c7
author: Armin Hasitzka <[email protected]>
date: Thu Feb 21 05:04:28 EST 2019 

[psaux] Mask numeric overflow.

* src/psaux/cffdecode.c (cff_decoder_parse_charstrings): Mask numeric
overflow.

Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=13041

git/fs: mount .git/fs: mount/attach disallowed 
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,14 @@
+2019-02-21  Armin Hasitzka  <[email protected]>
+
+	[psaux] Mask numeric overflow.
+
+	* src/psaux/cffdecode.c (cff_decoder_parse_charstrings): Mask numeric
+	overflow.
+
+	Reported as
+
+	  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=13041
+
 2019-02-16  Wink Saville  <[email protected]>
 
 	* src/autofit/afwarp.h (af_warper_compute): Fix declaration.
--- a/src/psaux/cffdecode.c
+++ b/src/psaux/cffdecode.c
@@ -1556,9 +1556,9 @@
             }
 
             if ( dx < 0 )
-              dx = -dx;
+              dx = NEG_LONG( dx );
             if ( dy < 0 )
-              dy = -dy;
+              dy = NEG_LONG( dy );
 
             /* strange test, but here it is... */
             horizontal = ( dx > dy );