commit | 5c402d97afcc98cbb8d8e049409533f747c4c514 | [log] [tgz] |
---|---|---|
author | Werner Lemberg <wl@gnu.org> | Tue Jun 13 06:56:48 2017 +0200 |
committer | Werner Lemberg <wl@gnu.org> | Tue Jun 13 06:56:48 2017 +0200 |
tree | cd55a8ab4ed8b0f489ebaae6c60017562ecbf514 | |
parent | 3ed3a96181625286f5899118f884fb4b125ebda2 [diff] |
[cff, truetype] Integer overflows. Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2216 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2218 * src/cff/cf2fixed.h (cf2_fixedAbs): Use NEG_INT32. * src/truetype/ttinterp.c (Ins_IP): Use SUB_LONG.