From 30bd3d34d32cebeb7b1af6b9e77f617ef1d2bb9a Mon Sep 17 00:00:00 2001
From: Oleg Oshmyan <chortos@inbox.lv>
Date: Mon, 19 Oct 2020 13:38:10 +0300
Subject: ass_shaper_find_runs: don't decrement pointer beyond array start

That triggers undefined behavior.
---
 libass/ass_shaper.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/libass/ass_shaper.c b/libass/ass_shaper.c
index b608b17..19cafaf 100644
--- a/libass/ass_shaper.c
+++ b/libass/ass_shaper.c
@@ -785,19 +785,21 @@ void ass_shaper_find_runs(ASS_Shaper *shaper, ASS_Renderer *render_priv,
 
     // find appropriate fonts for the shape runs
     for (i = 0; i < len; i++) {
-        GlyphInfo *last = glyphs + i - 1;
         GlyphInfo *info = glyphs + i;
         if (!info->drawing_text) {
             // set size and get glyph index
             ass_font_get_index(render_priv->fontselect, info->font,
                     info->symbol, &info->face_index, &info->glyph_index);
         }
-        if (i > 0 && (last->font != info->font ||
+        if (i > 0) {
+            GlyphInfo *last = glyphs + i - 1;
+            if ((last->font != info->font ||
                     last->face_index != info->face_index ||
                     last->script != info->script ||
                     info->starts_new_run ||
                     last->flags != info->flags))
-            shape_run++;
+                shape_run++;
+        }
         info->shape_run_id = shape_run;
     }
 }
-- 
cgit v1.2.3