organicmaps/harfbuzz
13
Fork 0
mirror of https://github.com/harfbuzz/harfbuzz.git synced 2025-04-08 22:54:36 +00:00
Code Issues 1 Projects Releases Wiki Activity Actions 7

[repacker] fix fuzzer found memory leak.

Browse source 
Fixes https://oss-fuzz.com/testcase-detail/5196242811748352
This commit is contained in:
Garret Rieger 2023-04-27 22:13:30 +00:00 committed by Behdad Esfahbod
parent 247ffe389f
commit b3fed4fa64
2 changed files with 4 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
src/graph/markbasepos-graph.hh
View file

@ -319,7 +319,8 @@ struct MarkBasePosFormat1 : public OT::Layout::GPOS_impl::MarkBasePosFormat1_2<S
hb_vector_t<class_info_t> class_to_info;
unsigned class_count= classCount;
class_to_info.resize (class_count);
if (!class_to_info.resize (class_count))
return hb_vector_t<class_info_t>();
auto mark_array = c.graph.as_table<MarkArray> (this_index, &markArray);
if (!mark_array) return hb_vector_t<class_info_t> ();
@ -327,6 +328,7 @@ struct MarkBasePosFormat1 : public OT::Layout::GPOS_impl::MarkBasePosFormat1_2<S
for (unsigned mark = 0; mark < mark_count; mark++)
{
unsigned klass = (*mark_array.table)[mark].get_class ();
if (klass >= class_count) continue;
class_to_info[klass].marks.add (mark);
}
@ -335,6 +337,7 @@ struct MarkBasePosFormat1 : public OT::Layout::GPOS_impl::MarkBasePosFormat1_2<S
unsigned mark = (link.position - 2) /
OT::Layout::GPOS_impl::MarkRecord::static_size;
unsigned klass = (*mark_array.table)[mark].get_class ();
if (klass >= class_count) continue;
class_to_info[klass].child_indices.push (link.objidx);
}

BIN
test/fuzzing/graphs/clusterfuzz-testcase-minimized-hb-repacker-fuzzer-5196242811748352 Normal file
View file

Binary file not shown.