summaryrefslogtreecommitdiffstats
path: root/third_party/harfbuzz/src
diff options
context:
space:
mode:
authormattm@chromium.org <mattm@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2009-10-15 02:22:46 +0000
committermattm@chromium.org <mattm@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>2009-10-15 02:22:46 +0000
commitf7f237cf58c1e7575f784d7f0aa829cb51fbb9f4 (patch)
tree51d13f1541996dfb5ab5e4c606d6f62d03a7d5e0 /third_party/harfbuzz/src
parent1f6536a58eced16d5a434d0f134047e78633c84c (diff)
downloadchromium_src-f7f237cf58c1e7575f784d7f0aa829cb51fbb9f4.zip
chromium_src-f7f237cf58c1e7575f784d7f0aa829cb51fbb9f4.tar.gz
chromium_src-f7f237cf58c1e7575f784d7f0aa829cb51fbb9f4.tar.bz2
Fix harfbuzz read past end of string on arabic text.
BUG=23450 TEST=valgrind_webkit_tests.sh LayoutTests/fast/text/drawBidiText.html Review URL: http://codereview.chromium.org/271098 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@29080 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'third_party/harfbuzz/src')
-rw-r--r--third_party/harfbuzz/src/harfbuzz-arabic.c4
1 files changed, 1 insertions, 3 deletions
diff --git a/third_party/harfbuzz/src/harfbuzz-arabic.c b/third_party/harfbuzz/src/harfbuzz-arabic.c
index 0609232..de3c1f4 100644
--- a/third_party/harfbuzz/src/harfbuzz-arabic.c
+++ b/third_party/harfbuzz/src/harfbuzz-arabic.c
@@ -1009,7 +1009,7 @@ static HB_Bool arabicSyriacOpenTypeShape(HB_ShaperItem *item, HB_Bool *ot_ok)
++l;
++properties;
}
- if (f + l < item->stringLength) {
+ if (f + l + item->item.pos < item->stringLength) {
++l;
}
getArabicProperties(uc+f, l, props);
@@ -1086,5 +1086,3 @@ HB_Bool HB_ArabicShape(HB_ShaperItem *item)
HB_HeuristicPosition(item);
return TRUE;
}
-
-
generated by cgit v1.1 at 2025-02-07 21:47:11 +0000