Fix another memory access issue discovered by libFuzzer

Fixes https://github.com/behdad/harfbuzz/issues/139#issuecomment-146984679

Fix another memory access issue discovered by libFuzzer
Fixes https://github.com/behdad/harfbuzz/issues/139#issuecomment-146984679
f9666497 · Behdad Esfahbod · c1a5dc46 · f9666497
隐藏空白更改
内联并排

Showing with 3 addition and 1 deletion

src/hb-ot-layout-gpos-table.hh src/hb-ot-layout-gpos-table.hh +3 -1

未找到文件。
--- a/src/hb-ot-layout-gpos-table.hh
+++ b/src/hb-ot-layout-gpos-table.hh
@@ -704,6 +704,8 @@ struct PairPosFormat1
  {
    TRACE_SANITIZE (this);

+    if (!c->check_struct (this)) return_trace (false);
+
    unsigned int len1 = valueFormat1.get_len ();
    unsigned int len2 = valueFormat2.get_len ();
    PairSet::sanitize_closure_t closure = {
@@ -713,7 +715,7 @@ struct PairPosFormat1
      1 + len1 + len2
    };

-    return_trace (c->check_struct (this) && coverage.sanitize (c, this) && pairSet.sanitize (c, this, &closure));
+    return_trace (coverage.sanitize (c, this) && pairSet.sanitize (c, this, &closure));
  }

  protected: