Skip to content
Commit dd3c9c5f authored by Ben Wagner's avatar Ben Wagner
Browse files

[woff2] Clean up on large brotli expansion 

* src/sfnt/sfwoff2.c (woff2_open_font): set error and goto cleanup

Fixes: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=60711
parent 336503df
Pipeline #938663 passed with stage
in 6 minutes and 26 seconds
Hide whitespace changes
Inline Side-by-side
  • Ben Wagner @bungeman ·
    Developer

    I actually find these ad-hoc size checks rather unfortunate. If we're actually out of memory then malloc should just return NULL and everything should be fine. The fuzzer's AddressSanitizer really shouldn't be crashing just because malloc would return NULL. I've had this fight many times with the fuzzer people, unfortunately. In reality these checks and the fuzzer ending early is actually decreasing coverage of the failure paths.

  • Werner Lemberg @wl ·
    Owner

    Thanks for the fix! And: well... I guess we have to live with that.

0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment