ref: 3b8bc65c50b6d306239d461cf96f22f50fc2aed5
parent: 90a30f154a612693641e5366ea8d1d27ea2a4a99
author: Werner Lemberg <wl@gnu.org>
date: Tue Oct 22 04:07:05 EDT 2019
* src/sfnt/sfwoff2.c (woff2_open_font): Avoid undefined shift. Also improve tracing. Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18390
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,13 @@
+2019-10-22 Werner Lemberg <wl@gnu.org>
+
+ * src/sfnt/sfwoff2.c (woff2_open_font): Avoid undefined shift.
+
+ Also improve tracing.
+
+ Reported as
+
+ https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18390
+
2019-10-10 Alexei Podtelezhnikov <apodtele@gmail.com>
* src/sfnt/pngshim.c (premultiply_data): Optimize for __SSE__ only.
--- a/src/sfnt/sfwoff2.c
+++ b/src/sfnt/sfwoff2.c
@@ -1969,7 +1969,10 @@
FT_TRACE5(( "Number of tables in font %d: %ld\n",
nn, ttc_font->num_tables ));
- FT_TRACE6(( " Indices: " ));
+#ifdef FT_DEBUG_LEVEL_TRACE
+ if ( ttc_font->num_tables )
+ FT_TRACE6(( " Indices: " ));
+#endif
glyf_index = 0;
loca_index = 0;
@@ -2000,7 +2003,10 @@
glyf_index = table_index;
}
- FT_TRACE6(( "\n" ));
+#ifdef FT_DEBUG_LEVEL_TRACE
+ if ( ttc_font->num_tables )
+ FT_TRACE6(( "\n" ));
+#endif
/* glyf and loca must be consecutive */
if ( glyf_index > 0 || loca_index > 0 )
@@ -2137,6 +2143,9 @@
sfnt_header = sfnt;
+ WRITE_ULONG( sfnt_header, woff2.flavor );
+
+ if ( woff2.num_tables )
{FT_UInt searchRange, entrySelector, rangeShift, x;
@@ -2151,16 +2160,15 @@
entrySelector--;
searchRange = ( 1 << entrySelector ) * 16;
- rangeShift = ( woff2.num_tables * 16 ) - searchRange;
+ rangeShift = ( woff2.num_tables * 16 ) - searchRange;
- WRITE_ULONG ( sfnt_header, woff2.flavor );
WRITE_USHORT( sfnt_header, woff2.num_tables );
WRITE_USHORT( sfnt_header, searchRange );
WRITE_USHORT( sfnt_header, entrySelector );
WRITE_USHORT( sfnt_header, rangeShift );
-
- info.header_checksum = compute_ULong_sum( sfnt, 12 );
}
+
+ info.header_checksum = compute_ULong_sum( sfnt, 12 );
/* Sort tables by tag. */
ft_qsort( indices,