[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[freetype2] master e662a95: [sfnt] Return in 'COLR' v1 when layer pointe
|
From: |
Werner Lemberg |
|
Subject: |
[freetype2] master e662a95: [sfnt] Return in 'COLR' v1 when layer pointer outside table |
|
Date: |
Mon, 19 Apr 2021 06:25:59 -0400 (EDT) |
branch: master
commit e662a9500f826a7f534170e981da4987ca8d83f3
Author: Dominik Röttsches <drott@chromium.org>
Commit: Dominik Röttsches <drott@chromium.org>
[sfnt] Return in 'COLR' v1 when layer pointer outside table
* src/sfnt/ttcolr.c (tt_face_get_paint_layers): Add missing return
when paint pointer outside table.
(read_paint): Add missing return when paint pointer outside table.
---
ChangeLog | 8 ++++++++
src/sfnt/ttcolr.c | 2 ++
2 files changed, 10 insertions(+)
diff --git a/ChangeLog b/ChangeLog
index 4b41688..9bd9553 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,11 @@
+2021-04-19 Dominik Röttsches <drott@chromium.org>
+
+ [sfnt] Return in 'COLR' v1 when layer pointer outside table
+
+ * src/sfnt/ttcolr.c (tt_face_get_paint_layers): Add missing return
+ when paint pointer outside table.
+ (read_paint): Add missing return when paint pointer outside table.
+
2021-04-18 Alexei Podtelezhnikov <apodtele@gmail.com>
[cache] Switch to lazy SBit setting.
diff --git a/src/sfnt/ttcolr.c b/src/sfnt/ttcolr.c
index 617ba93..f3f396a 100644
--- a/src/sfnt/ttcolr.c
+++ b/src/sfnt/ttcolr.c
@@ -390,6 +390,7 @@
if ( p < colr->base_glyphs_v1 ||
p >= ( (FT_Byte*)colr->table + colr->table_size ) )
+ return 0;
apaint->format = FT_NEXT_BYTE( p );
@@ -725,6 +726,7 @@
if ( p_paint < colr->base_glyphs_v1 ||
p_paint >= ( (FT_Byte*)colr->table + colr->table_size ) )
+ return 0;
opaque_paint->p = p_paint;
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [freetype2] master e662a95: [sfnt] Return in 'COLR' v1 when layer pointer outside table,
Werner Lemberg <=