commit | 7bffeacd7ef77d050e8bcbbc4e4ab761fa7861b9 | [log] [tgz] |
---|---|---|
author | Werner Lemberg <wl@gnu.org> | Wed Jun 07 17:08:01 2017 +0200 |
committer | Werner Lemberg <wl@gnu.org> | Wed Jun 07 17:08:01 2017 +0200 |
tree | b9784811ee86c423d20ed75577d6cc277cdf6dcc | |
parent | 24848a3d58cdd3ffd40ef3ddd68407d18f678b52 [diff] |
[cff, truetype] Integer overflows. Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2133 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2137 * src/cff/cf2hints.c (cf2_hint_init): Use OVERFLOW_SUB_INT32. * src/truetype/ttinterp.c (PROJECT, DUALPROJ): Use OVERFLOW_SUB_LONG.