19 lines
629 B
Diff
19 lines
629 B
Diff
diff --git a/src/truetype/ttgload.c b/src/truetype/ttgload.c
|
|
index 39d9c3f..259bb2e 100644
|
|
--- a/src/truetype/ttgload.c
|
|
+++ b/src/truetype/ttgload.c
|
|
@@ -1848,6 +1848,13 @@
|
|
|
|
limit = (short)gloader->current.num_subglyphs;
|
|
|
|
+ /* make sure this isn't negative as we're going to add 4 later */
|
|
+ if ( limit < 0 )
|
|
+ {
|
|
+ error = FT_THROW( Invalid_Argument );
|
|
+ goto Exit;
|
|
+ }
|
|
+
|
|
/* construct an outline structure for */
|
|
/* communication with `TT_Vary_Apply_Glyph_Deltas' */
|
|
outline.n_points = (short)( gloader->current.num_subglyphs + 4 );
|