Reject fonts with invalid ranges in cmap
A corrupt or malicious font may have a negative size in its cmap
range, which in turn could lead to memory corruption. This patch
detects the case and rejects the font, and also includes an assertion
in the sparse bit set implementation if we missed any such case.
(cherry picked from commit ca8ac8acdad662230ae37998c6c4091bb39402b6)
2 files changed