Merge 84890 - harfbuzz: Add Behdad's patch to fix Thai crashes on Linux.

This appears to prevent some renderer crashes that are
fairly easy to trigger with Thai pages on Chrome OS.

BUG=chromium:75210,chromium-os:15103
TEST=manual: built chromeos-chrome and checked that http://www.pungame.com/sale.html and http://happy.teenee.com/game/ no longer cause crashes

Review URL: http://codereview.chromium.org/7000012

TBR=derat@chromium.org
Review URL: http://codereview.chromium.org/7000017

git-svn-id: svn://svn.chromium.org/chrome/branches/742/src@84891 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 14 insertions, 0 deletions

diff --git a/third_party/harfbuzz/chromium.patch b/third_party/harfbuzz/chromium.patch
index 0f20dfd1..0705356 100644
--- a/third_party/harfbuzz/chromium.patch
+++ b/third_party/harfbuzz/chromium.patch
@@ -35,3 +35,17 @@ index f3ec8e1..2b0dfde 100644
  
      // first char in a run is never (treated as) a mark
      int cStart = 0;
+diff --git a/src/harfbuzz-gpos.c b/src/harfbuzz-gpos.c
+index 356dc01..db5ea0a 100644
+--- a/src/harfbuzz-gpos.c
++++ b/src/harfbuzz-gpos.c
+@@ -2976,6 +2976,9 @@ static HB_Error  Lookup_MarkMarkPos( GPOS_Instance*    gpi,
+     j--;
+   }
+ 
++  if ( i > buffer->in_pos )
++    return HB_Err_Not_Covered;
++
+   error = _HB_OPEN_Coverage_Index( &mmp->Mark2Coverage, IN_GLYPH( j ),
+                          &mark2_index );
+   if ( error )