Blame SOURCES/freetype-2.8-getvariation.patch

b3c194
From 29c759284e305ec428703c9a5831d0b1fc3497ef Mon Sep 17 00:00:00 2001
b3c194
From: Werner Lemberg <wl@gnu.org>
b3c194
Date: Sat, 27 Jan 2018 14:43:43 +0100
b3c194
Subject: [PATCH] * src/truetype/ttinterp.c (Ins_GETVARIATION): Avoid NULL
b3c194
 reference.
b3c194
b3c194
Reported as
b3c194
b3c194
  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5736
b3c194
---
b3c194
 src/truetype/ttinterp.c | 12 ++++++++++--
b3c194
 1 files changed, 10 insertions(+), 2 deletions(-)
b3c194
b3c194
diff --git a/src/truetype/ttinterp.c b/src/truetype/ttinterp.c
b3c194
index d855aaaa9..551f14a2e 100644
b3c194
--- a/src/truetype/ttinterp.c
b3c194
+++ b/src/truetype/ttinterp.c
b3c194
@@ -7470,8 +7470,16 @@
b3c194
       return;
b3c194
     }
b3c194
 
b3c194
-    for ( i = 0; i < num_axes; i++ )
b3c194
-      args[i] = coords[i] >> 2; /* convert 16.16 to 2.14 format */
b3c194
+    if ( coords )
b3c194
+    {
b3c194
+      for ( i = 0; i < num_axes; i++ )
b3c194
+        args[i] = coords[i] >> 2; /* convert 16.16 to 2.14 format */
b3c194
+    }
b3c194
+    else
b3c194
+    {
b3c194
+      for ( i = 0; i < num_axes; i++ )
b3c194
+        args[i] = 0;
b3c194
+    }
b3c194
   }
b3c194
 
b3c194
 
b3c194
-- 
b3c194
2.14.3
b3c194