!22 修复CVE-2022-27404与CVE-2022-27406漏洞

Merge pull request !22 from sunman4/OpenHarmony_1.0.1_release

src/base/ftobjs.c

@@ -3244,6 +3244,9 @@
     if ( !face )
       return FT_THROW( Invalid_Face_Handle );
 
+    if ( !face->size )
+      return FT_THROW( Invalid_Size_Handle );
+	
     if ( !req || req->width < 0 || req->height < 0 ||
          req->type >= FT_SIZE_REQUEST_TYPE_MAX )
       return FT_THROW( Invalid_Argument );

src/sfnt/sfobjs.c

@@ -528,7 +528,7 @@
     face_index = FT_ABS( face_instance_index ) & 0xFFFF;
 
     /* value -(N+1) requests information on index N */
-    if ( face_instance_index < 0 )
+    if ( face_instance_index < 0 && face_index > 0)
       face_index--;
 
     if ( face_index >= face->ttc_header.count )