src/hb-ot-font.cc | 2 +- test/shaping/fonts/sha1sum/375d6ae32a3cbe52fbf81a4e5777e3377675d5a3.ttf |binary test/shaping/fonts/sha1sum/641bd9db850193064d17575053ae2bf8ec149ddc.ttf |binary test/shaping/fonts/sha1sum/MANIFEST | 2 ++ test/shaping/tests/fuzzed.tests | 2 ++ 5 files changed, 5 insertions(+), 1 deletion(-)
New commits: commit 338ffec9e4a5819f2be21c3a320a567378c977b1 Author: Behdad Esfahbod <[email protected]> Date: Thu Oct 15 12:55:57 2015 -0300 Add tests for a couple of fixed issues found by libFuzzer From: https://github.com/behdad/harfbuzz/issues/139#issuecomment-147616887 https://github.com/behdad/harfbuzz/issues/139#issuecomment-148289957 diff --git a/test/shaping/fonts/sha1sum/375d6ae32a3cbe52fbf81a4e5777e3377675d5a3.ttf b/test/shaping/fonts/sha1sum/375d6ae32a3cbe52fbf81a4e5777e3377675d5a3.ttf new file mode 100644 index 0000000..b284c98 Binary files /dev/null and b/test/shaping/fonts/sha1sum/375d6ae32a3cbe52fbf81a4e5777e3377675d5a3.ttf differ diff --git a/test/shaping/fonts/sha1sum/641bd9db850193064d17575053ae2bf8ec149ddc.ttf b/test/shaping/fonts/sha1sum/641bd9db850193064d17575053ae2bf8ec149ddc.ttf new file mode 100644 index 0000000..66cefd4 Binary files /dev/null and b/test/shaping/fonts/sha1sum/641bd9db850193064d17575053ae2bf8ec149ddc.ttf differ diff --git a/test/shaping/fonts/sha1sum/MANIFEST b/test/shaping/fonts/sha1sum/MANIFEST index 0d33229..902fa00 100644 --- a/test/shaping/fonts/sha1sum/MANIFEST +++ b/test/shaping/fonts/sha1sum/MANIFEST @@ -6,11 +6,13 @@ 270b89df543a7e48e206a2d830c0e10e5265c630.ttf 298c9e1d955f10f6f72c6915c3c6ff9bf9695cec.ttf 37033cc5cf37bb223d7355153016b6ccece93b28.ttf +375d6ae32a3cbe52fbf81a4e5777e3377675d5a3.ttf 43ef465752be9af900745f72fe29cb853a1401a5.ttf 4cce528e99f600ed9c25a2b69e32eb94a03b4ae8.ttf 5028afb650b1bb718ed2131e872fbcce57828fff.ttf 57a9d9f83020155cbb1d2be1f43d82388cbecc88.ttf 5a5daf5eb5a4db77a2baa3ad9c7a6ed6e0655fa8.ttf +641bd9db850193064d17575053ae2bf8ec149ddc.ttf 6466d38c62e73a39202435a4f73bf5d6acbb73c0.ttf 757ebd573617a24aa9dfbf0b885c54875c6fe06b.ttf 7e14e7883ed152baa158b80e207b66114c823a8b.ttf diff --git a/test/shaping/tests/fuzzed.tests b/test/shaping/tests/fuzzed.tests index 9f77155..5f64ccc 100644 --- a/test/shaping/tests/fuzzed.tests +++ b/test/shaping/tests/fuzzed.tests @@ -1,3 +1,5 @@ fonts/sha1sum/1a6f1687b7a221f9f2c834b0b360d3c8463b6daf.ttf::U+0041:[gid0=0+1000] fonts/sha1sum/5a5daf5eb5a4db77a2baa3ad9c7a6ed6e0655fa8.ttf::U+0041:[gid0=0+1000] fonts/sha1sum/0509e80afb379d16560e9e47bdd7d888bebdebc6.ttf::U+0041:[gid0=0+1000] +fonts/sha1sum/641bd9db850193064d17575053ae2bf8ec149ddc.ttf::U+0041:[gid0=0+1000] +fonts/sha1sum/375d6ae32a3cbe52fbf81a4e5777e3377675d5a3.ttf::U+0041:[gid0=0+2048] commit 63ef0b41dc48d6112d1918c1b1de9de8ea90adb5 Author: Behdad Esfahbod <[email protected]> Date: Thu Oct 15 12:47:22 2015 -0300 [ot-font] Fix hmtx wrong table length check Discovered by libFuzzer. Ouch! https://github.com/behdad/harfbuzz/issues/139#issuecomment-148289957 diff --git a/src/hb-ot-font.cc b/src/hb-ot-font.cc index 3102784..69d2503 100644 --- a/src/hb-ot-font.cc +++ b/src/hb-ot-font.cc @@ -59,7 +59,7 @@ struct hb_ot_face_metrics_accelerator_t this->blob = OT::Sanitizer<OT::_mtx>::sanitize (face->reference_table (_mtx_tag)); if (unlikely (!this->num_advances || - 2 * (this->num_advances + this->num_metrics) < hb_blob_get_length (this->blob))) + 2 * (this->num_advances + this->num_metrics) > hb_blob_get_length (this->blob))) { this->num_metrics = this->num_advances = 0; hb_blob_destroy (this->blob); _______________________________________________ HarfBuzz mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/harfbuzz
