commit | 298e2ea5a6c2e3264f8abaa8b1d2371fb4c77f4d | [log] [tgz] |
---|---|---|
author | Werner Lemberg <wl@gnu.org> | Thu Jun 22 11:52:43 2017 +0200 |
committer | Werner Lemberg <wl@gnu.org> | Thu Jun 22 11:52:43 2017 +0200 |
tree | 43a02517f55de15a22f9937831709f3a9b834672 | |
parent | 75cb071b3fbfa2315c5d458fee2bb465a14568ae [diff] |
[cff, truetype] Integer overflows. Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2323 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2328 * src/cff/cf2blues.c (cf2_blues_capture): Use ADD_INT32 and SUB_INT32. * src/truetype/ttinterp.c (Ins_SDPVTL): Use SUB_LONG and NEG_LONG.