Fix accessing tables from NULL pointer

b435ab7e · Behdad Esfahbod · dacebcad · b435ab7e · b435ab7e · b435ab7e
显示空白变更内容
内联并排

Showing with 9 addition and 4 deletion

src/hb-font.cc src/hb-font.cc +1 -1

src/hb-open-type-private.hh src/hb-open-type-private.hh +5 -0

src/hb-ot-layout.cc src/hb-ot-layout.cc +3 -3

未找到文件。
--- a/src/hb-font.cc
+++ b/src/hb-font.cc
@@ -297,7 +297,7 @@ _hb_face_for_data_get_table (hb_tag_t tag, void *user_data)
 {
  hb_face_for_data_closure_t *data = (hb_face_for_data_closure_t *) user_data;
-  const OpenTypeFontFile &ot_file = *CastP<OpenTypeFontFile> (hb_blob_lock (data->blob));
+  const OpenTypeFontFile &ot_file = *Sanitizer<OpenTypeFontFile>::lock_instance (data->blob);
  const OpenTypeFontFace &ot_face = ot_file.get_face (data->index);
  const OpenTypeTable &table = ot_face.get_table_by_tag (tag);

--- a/src/hb-open-type-private.hh
+++ b/src/hb-open-type-private.hh
@@ -330,6 +330,11 @@ struct Sanitizer
      return hb_blob_create_empty ();
    }
  }
+  static const Type* lock_instance (hb_blob_t *blob) {
+    const char *base = hb_blob_lock (blob);
+    return unlikely (!base) ? &Null(Type) : CastP<Type> (base);
+  }
 };

--- a/src/hb-ot-layout.cc
+++ b/src/hb-ot-layout.cc
@@ -47,13 +47,13 @@ _hb_ot_layout_init (hb_face_t *face)
  memset (layout, 0, sizeof (*layout));
  layout->gdef_blob = Sanitizer<GDEF>::sanitize (hb_face_get_table (face, HB_OT_TAG_GDEF));
-  layout->gdef = CastP<GDEF> (hb_blob_lock (layout->gdef_blob));
+  layout->gdef = Sanitizer<GDEF>::lock_instance (layout->gdef_blob);
  layout->gsub_blob = Sanitizer<GSUB>::sanitize (hb_face_get_table (face, HB_OT_TAG_GSUB));
-  layout->gsub = CastP<GSUB> (hb_blob_lock (layout->gsub_blob));
+  layout->gsub = Sanitizer<GSUB>::lock_instance (layout->gsub_blob);
  layout->gpos_blob = Sanitizer<GPOS>::sanitize (hb_face_get_table (face, HB_OT_TAG_GPOS));
-  layout->gpos = CastP<GPOS> (hb_blob_lock (layout->gpos_blob));
+  layout->gpos = Sanitizer<GPOS>::lock_instance (layout->gpos_blob);
 }
 void