On Fri, 2007-08-17 at 08:56, Werner LEMBERG wrote: > > > Applied. However, I think there is a mistake for the > > > SingleSubstFormat1 case: > > > > > > idx = otv_Coverage_get_first( Coverage ) + DeltaGlyphID; > > > if ( idx < 0 || > > > idx + DeltaGlyphID < 0 || > > > (FT_UInt)idx + DeltaGlyphID >= valid->glyph_count ) > > > FT_INVALID_GLYPH_ID; > > > > > > The code adds DeltaGlyphID to idx, and then you are checking > > > whether `idx + DeltaGlyphID < 0'... This looks wrong to me. I > > > don't have time currently to verify this. Please post a patch if > > > necessary. > > > > DeltaGlyphID can be a negative value, so I think it's a reasonable > > check. > > Well, yes, but I would expect this code: I beg your pardon, you are quite right. That entire patch chunk was wrong (and unneeded in the first place). This should back it out.
--- otvgsub.c~ 2007-08-10 16:27:31.000000000 -0700 +++ otvgsub.c 2007-08-10 16:27:31.000000000 -0700 @@ -71,16 +71,12 @@ otv_Coverage_validate( Coverage, valid, -1 ); idx = otv_Coverage_get_first( Coverage ) + DeltaGlyphID; - if ( idx < 0 || - idx + DeltaGlyphID < 0 || - (FT_UInt)idx + DeltaGlyphID >= valid->glyph_count ) - FT_INVALID_GLYPH_ID; + if ( idx < 0 ) + FT_INVALID_DATA; idx = otv_Coverage_get_last( Coverage ) + DeltaGlyphID; - if ( (FT_UInt)idx >= valid->glyph_count || - idx + DeltaGlyphID < 0 || - (FT_UInt)idx + DeltaGlyphID >= valid->glyph_count ) - FT_INVALID_GLYPH_ID; + if ( (FT_UInt)idx >= valid->glyph_count ) + FT_INVALID_DATA; } break;
_______________________________________________ Freetype-devel mailing list Freetype-devel@nongnu.org http://lists.nongnu.org/mailman/listinfo/freetype-devel