* src/base/ftrfork.c (FT_Raccess_Get_DataOffsets): Check `count'.

Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=308

ChangeLog

@@ -1,3 +1,11 @@
+2016-12-22  Werner Lemberg  <wl@gnu.org>
+
+	* src/base/ftrfork.c (FT_Raccess_Get_DataOffsets): Check `count'.
+
+	Reported as
+
+	  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=308
+
 2016-12-22  Werner Lemberg  <wl@gnu.org>
 
 	[cff] Protect against invalid `vsindex' and `blend' values.

src/base/ftrfork.c

@@ -248,7 +248,9 @@
         *count = subcnt + 1;
         rpos  += map_offset;
 
-        if ( *count > 2727 )
+        /* a zero count might be valid in the resource specification, */
+        /* however, it is completely useless to us                    */
+        if ( *count < 1 || *count > 2727 )
           return FT_THROW( Invalid_Table );
 
         error = FT_Stream_Seek( stream, (FT_ULong)rpos );