# erAck: resolves https://bugzilla.redhat.com/show_bug.cgi?id=1074549

# Based on http://hg.openjdk.java.net/jdk7u/jdk7u/jdk/rev/9d29c19f1de1

# where a/src/share/native/sun/font/layout/LookupProcessor.cpp is

# icu/source/layout/LookupProcessor.cpp

# Adapted to LayoutEngine "patch" and subsequent patches.

# Note that

#@@ -246,7 +249,7 @@

#-      featureReferences += SWAPW(featureTable->lookupCount);

#+      featureReferences += SWAPW(requiredFeatureTable->lookupCount);

# was already applied with icu.8800.freeserif.crash.patch that also added

#+      if (requiredFeatureTable.isValid()) {

# and is a slightly enhanced version of

# https://ssl.icu-project.org/trac/ticket/8800 and/or

# https://ssl.icu-project.org/trac/ticket/8320

--- prev.icu/source/layout/LookupProcessor.cpp	2014-03-11 20:46:53.288819882 +0100

+++ icu/source/layout/LookupProcessor.cpp	2014-03-11 20:54:43.153370234 +0100

@@ -113,7 +113,7 @@

 le_int32 LookupProcessor::selectLookups(const LEReferenceTo<FeatureTable> &featureTable, FeatureMask featureMask, le_int32 order, LEErrorCode &success)

 {

   le_uint16 lookupCount = featureTable.isValid()? SWAPW(featureTable->lookupCount) : 0;

-    le_int32  store = order;

+    le_uint32  store = (le_uint32)order;

     LEReferenceToArrayOf<le_uint16> lookupListIndexArray(featureTable, success, featureTable->lookupListIndexArray, lookupCount);

@@ -122,6 +122,9 @@

       if (lookupListIndex >= lookupSelectCount) {

         continue;

       }

+      if (store >= lookupOrderCount) {

+        continue;

+      }

       lookupSelectArray[lookupListIndex] |= featureMask;

       lookupOrderArray[store++] = lookupListIndex;