mirrors/freetype
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

* src/truetype/ttgload.c (TT_Process_Simple_Glyph): Integer overflow.

Browse Source 
Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=46792
This commit is contained in:
Werner Lemberg 2022-04-19 09:28:21 +02:00
parent 978eefee54
commit 079a22da03
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/truetype/ttgload.c
View File

@ -1104,8 +1104,8 @@
for ( ; vec < limit; vec++, u++ )
{
vec->x = ( FT_MulFix( u->x, x_scale ) + 32 ) >> 6;
vec->y = ( FT_MulFix( u->y, y_scale ) + 32 ) >> 6;
vec->x = ADD_LONG( FT_MulFix( u->x, x_scale ), 32 ) >> 6;
vec->y = ADD_LONG( FT_MulFix( u->y, y_scale ), 32 ) >> 6;
}
}
else