diff options
| author | Garret Rieger <grieger@google.com> | 2020-07-31 14:00:38 -0700 |
|---|---|---|
| committer | Ebrahim Byagowi <ebrahim@gnu.org> | 2020-08-01 09:20:52 +0430 |
| commit | fb1477795cb950b25472efa8d47febe81340a45b (patch) | |
| tree | 5c482ee3612007dc551daa16d563f6d64dc82f8f /src | |
| parent | 8586bad2bdadccecd830fb0a1c973423115240fb (diff) | |
| download | harfbuzz_ng-fb1477795cb950b25472efa8d47febe81340a45b.tar.gz | |
[ENOMEM] Check result of vector resize in CBDT subsetting.
Diffstat (limited to 'src')
| -rw-r--r-- | src/hb-ot-color-cbdt-table.hh | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/src/hb-ot-color-cbdt-table.hh b/src/hb-ot-color-cbdt-table.hh index 2500fbe3f..aaa1c37c6 100644 --- a/src/hb-ot-color-cbdt-table.hh +++ b/src/hb-ot-color-cbdt-table.hh @@ -455,7 +455,9 @@ struct IndexSubtableRecord unsigned int old_cbdt_prime_length = bitmap_size_context->cbdt_prime->length; // Set to invalid state to indicate filling glyphs is not yet started. - records->resize (records->length + 1); + if (unlikely (!records->resize (records->length + 1))) + return_trace (c->serializer->check_success (false)); + (*records)[records->length - 1].firstGlyphIndex = 1; (*records)[records->length - 1].lastGlyphIndex = 0; bitmap_size_context->size += IndexSubtableRecord::min_size; @@ -565,6 +567,8 @@ struct IndexSubtableArray hb_vector_t<hb_pair_t<hb_codepoint_t, const IndexSubtableRecord*>> lookup; build_lookup (c, bitmap_size_context, &lookup); + if (unlikely (lookup.in_error ())) + return c->serializer->check_success (false); bitmap_size_context->size = 0; bitmap_size_context->num_tables = 0; |