diff options
| author | Dr.Smile <vabnick@gmail.com> | 2016-04-23 19:44:05 +0300 |
|---|---|---|
| committer | Dr.Smile <vabnick@gmail.com> | 2016-04-23 19:44:05 +0300 |
| commit | 6a61a7a96bd3ba1e7858c06f44d619f814af6b42 (patch) | |
| tree | 7c3ce5e37752c237eb946632b84881557e493374 /libass | |
| parent | 06d5dae1a50dbcc5086ed227d06d7694715caecd (diff) | |
| download | libass-6a61a7a96bd3ba1e7858c06f44d619f814af6b42.tar.bz2 libass-6a61a7a96bd3ba1e7858c06f44d619f814af6b42.tar.xz | |
rasterizer: drop outlines with points at too large coordinates
Such points can overflow internal calculations and usually produced
as a result of NaN to integer conversion.
Should fix #210.
Diffstat (limited to 'libass')
| -rw-r--r-- | libass/ass_rasterizer.c | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/libass/ass_rasterizer.c b/libass/ass_rasterizer.c index d8e86e8..dbad5a1 100644 --- a/libass/ass_rasterizer.c +++ b/libass/ass_rasterizer.c @@ -272,6 +272,11 @@ int rasterizer_set_outline(RasterizerData *rst, const ASS_Outline *path) if (j > last) return 0; + if (path->points[j].x < -(1 << 28) || path->points[j].x >= (1 << 28)) + return 0; + if (path->points[j].y <= -(1 << 28) || path->points[j].y > (1 << 28)) + return 0; + switch (FT_CURVE_TAG(path->tags[j])) { case FT_CURVE_TAG_ON: p[0].x = path->points[j].x; @@ -309,7 +314,12 @@ int rasterizer_set_outline(RasterizerData *rst, const ASS_Outline *path) return 0; } - for (j++; j <= last; ++j) + for (j++; j <= last; j++) { + if (path->points[j].x < -(1 << 28) || path->points[j].x >= (1 << 28)) + return 0; + if (path->points[j].y <= -(1 << 28) || path->points[j].y > (1 << 28)) + return 0; + switch (FT_CURVE_TAG(path->tags[j])) { case FT_CURVE_TAG_ON: switch (st) { @@ -390,6 +400,7 @@ int rasterizer_set_outline(RasterizerData *rst, const ASS_Outline *path) default: return 0; } + } if (process_end) switch (st) { |