commit | ed4c8d79153baab7f26562afb8930652dfbf853b | [log] [tgz] |
---|---|---|
author | Raph Levien <raph@google.com> | Mon Nov 30 15:04:59 2015 -0800 |
committer | The Android Automerger <android-build@google.com> | Thu Dec 10 16:41:09 2015 -0800 |
tree | 7bcf2ce6b7cd2cf91c8703780bfba13274f55b80 | |
parent | 253320d25fccbb49621926d49dcf5ef64cf529c6 [diff] |
Avoid integer overflows in parsing fonts A malformed TTF can cause size calculations to overflow. This patch checks the maximum reasonable value so that the total size fits in 32 bits. It also adds some explicit casting to avoid possible technical undefined behavior when parsing sized unsigned values. Bug: 25645298 Change-Id: Id4716132041a6f4f1fbb73ec4e445391cf7d9616 (cherry picked from commit 183c9ec2800baa2ce099ee260c6cbc6121cf1274)