diff --git a/ChangeLog b/ChangeLog index a04539548..5031a00a1 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,11 @@ +2016-02-07 Werner Lemberg + + Fix runtime errors found by clang's sanitizer (#47082). + + * src/base/ftobjs.c (FT_Render_Glyph_Internal), src/base/ftoutln.c + (FT_Outline_Copy), src/cache/ftcsbits.c (ftc_sbit_copy_bitmap): + Properly handle empty input buffer. + 2016-02-07 Werner Lemberg [cff] Minor. @@ -76,7 +84,7 @@ (FT_Face_CheckTrueTypePatents, FT_Face_SetUnpatentedHinting): Replace code with dummies. - * src/truetype/ttobjs.c (tt_face_init): Remove now defunct code. + * src/truetype/ttobjs.c (tt_face_init): Remove now defunct code. * src/truetype/ttobjs.h (TT_GraphicsState): Remove `both_x_axis' field. diff --git a/src/base/ftobjs.c b/src/base/ftobjs.c index a68f21b29..fa053471b 100644 --- a/src/base/ftobjs.c +++ b/src/base/ftobjs.c @@ -4201,7 +4201,8 @@ MD5_Init( &ctx ); - MD5_Update( &ctx, bitmap.buffer, rows * pitch ); + if ( bitmap.buffer ) + MD5_Update( &ctx, bitmap.buffer, rows * pitch ); MD5_Final( md5, &ctx ); FT_TRACE3(( "MD5 checksum for %dx%d bitmap:\n" diff --git a/src/base/ftoutln.c b/src/base/ftoutln.c index 912dfd320..fa2d2cf65 100644 --- a/src/base/ftoutln.c +++ b/src/base/ftoutln.c @@ -415,11 +415,14 @@ if ( source == target ) return FT_Err_Ok; - FT_ARRAY_COPY( target->points, source->points, source->n_points ); + if ( source->n_points ) + { + FT_ARRAY_COPY( target->points, source->points, source->n_points ); + FT_ARRAY_COPY( target->tags, source->tags, source->n_points ); + } - FT_ARRAY_COPY( target->tags, source->tags, source->n_points ); - - FT_ARRAY_COPY( target->contours, source->contours, source->n_contours ); + if ( source->n_contours ) + FT_ARRAY_COPY( target->contours, source->contours, source->n_contours ); /* copy all flags, except the `FT_OUTLINE_OWNER' one */ is_owner = target->flags & FT_OUTLINE_OWNER; diff --git a/src/cache/ftcsbits.c b/src/cache/ftcsbits.c index e6b88654c..d6f1ddcd4 100644 --- a/src/cache/ftcsbits.c +++ b/src/cache/ftcsbits.c @@ -53,6 +53,8 @@ pitch = -pitch; size = (FT_ULong)pitch * bitmap->rows; + if ( !size ) + return FT_Err_Ok; if ( !FT_ALLOC( sbit->buffer, size ) ) FT_MEM_COPY( sbit->buffer, bitmap->buffer, size );