commit | 24848a3d58cdd3ffd40ef3ddd68407d18f678b52 | [log] [tgz] |
---|---|---|
author | Werner Lemberg <wl@gnu.org> | Tue Jun 06 12:05:04 2017 +0200 |
committer | Werner Lemberg <wl@gnu.org> | Tue Jun 06 12:05:04 2017 +0200 |
tree | d75cb3f4051b3a81caf5b97c087f2ef2b57cf9ab | |
parent | 8667042997cb9095d3c925417b29f5a3163ab352 [diff] |
[cff] Integer overflow. Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2109 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2110 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2122 * src/cff/cf2blues.c (cf2_blues_init): Use OVERFLOW_SUB_INT32. * src/cff/cf2hints.c (cf2_hintmap_map): Synchronize if-else branches.