Fix CVE-2017-8287:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8287
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=941

Patch copied from upstream source repository:
https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=3774fc08b502c3e685afca098b6e8a195aded6a0

From 3774fc08b502c3e685afca098b6e8a195aded6a0 Mon Sep 17 00:00:00 2001
From: Werner Lemberg <wl@gnu.org>
Date: Sun, 26 Mar 2017 08:32:09 +0200
Subject: [PATCH] * src/psaux/psobjs.c (t1_builder_close_contour): Add safety
 guard.

Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=941
---
 ChangeLog          | 8 ++++++++
 src/psaux/psobjs.c | 8 ++++++++
 2 files changed, 16 insertions(+)

diff --git a/src/psaux/psobjs.c b/src/psaux/psobjs.c
index d18e821a..0baf8368 100644
--- a/src/psaux/psobjs.c
+++ b/src/psaux/psobjs.c
@@ -1718,6 +1718,14 @@
     first = outline->n_contours <= 1
             ? 0 : outline->contours[outline->n_contours - 2] + 1;
 
+    /* in malformed fonts it can happen that a contour was started */
+    /* but no points were added                                    */
+    if ( outline->n_contours && first == outline->n_points )
+    {
+      outline->n_contours--;
+      return;
+    }
+
     /* We must not include the last point in the path if it */
     /* is located on the first point.                       */
     if ( outline->n_points > 1 )
-- 
2.12.2

92ae940434808560b3170107e4ce44855816c3'>diff</a></td><td class='form'><form class='right' method='get' action='/guix/log/tests/ui.scm'>
<input type='hidden' name='id' value='1192ae940434808560b3170107e4ce44855816c3'/><select name='qt'>
<option value='grep'>log msg</option>
<option value='author'>author</option>
<option value='committer'>committer</option>
<option value='range'>range</option>
</select>
<input class='txt' type='search' size='10' name='q' value=''/>
<input type='submit' value='search'/>
</form>
</td></tr></table>
<div class='path'>path: <a href='/guix/log/?id=1192ae940434808560b3170107e4ce44855816c3'>root</a>/<a href='/guix/log/tests?id=1192ae940434808560b3170107e4ce44855816c3'>tests</a>/<a href='/guix/log/tests/ui.scm?id=1192ae940434808560b3170107e4ce44855816c3'>ui.scm</a></div><div class='content'><table class='list nowrap'><tr class='nohover'><th class='left'>Age</th><th class='left'>Commit message (<a href='/guix/log/tests/ui.scm?id=1192ae940434808560b3170107e4ce44855816c3&amp;showmsg=1'>Expand</a>)</th><th class='left'>Author</th></tr>
<tr><td><span title='2020-03-25 16:02:53 +0100'>2020-03-25</span></td><td><a href='/guix/commit/tests/ui.scm?id=c136da3fbd92a5db1f889d37f0a7c938ccd63648'>tests: Adjust to 'show-manifest-transaction' changes.</a><span class='msg-avail'>...<span class='msg-tooltip'>This is a followup to 3e5ab0a7a9399bb098b9ced46bf3cbf4085c6bab.

* tests/ui.scm ("show-manifest-transaction"): Update regexp.
* tests/guix-package.sh: Adjust Emacs regexp in --with-source test.
</span></span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2020-02-23 12:47:13 +0100'>2020-02-23</span></td><td><a href='/guix/commit/tests/ui.scm?id=fa99c4bbc7acdb8def9ce14a05aacb73f99fe3b1'>ui: (size-&gt;number "1.M") is correctly parsed.</a><span class='msg-avail'>...<span class='msg-tooltip'>Reported by Pierre Neidhardt &lt;mail@ambrevar.xyz&gt;.

* guix/ui.scm (size-&gt;number)[unit-pos]: Add #\. to CHAR-SET:DIGIT.
* tests/ui.scm ("size-&gt;number, 1.M"): New test.
</span></span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2019-09-19 23:24:04 +0200'>2019-09-19</span></td><td><a href='/guix/commit/tests/ui.scm?id=d2cdef65605b9e14bfa02c3bf1612ab6b62f4a89'>ui: 'relevance' connects regexps with a logical and.</a><span class='msg-avail'>...<span class='msg-tooltip'>Fixes &lt;https://bugs.gnu.org/36763&gt;.
Previously, the logical and connecting the regexps did not output the expected
results (introduced in 8874faaaac665100a095ef25e39c9a389f5a397f).

* guix/ui.scm (relevance)
[score]: Change its arguments.
[regexp-&gt;score]: New procedure.
* tests/ui.scm ("package-relevance"): Add test.

Signed-off-by: Ludovic Courtès &lt;ludo@gnu.org&gt;
</span></span></td><td>zimoun</td></tr>
<tr><td><span title='2019-06-27 11:14:40 +0200'>2019-06-27</span></td><td><a href='/guix/commit/tests/ui.scm?id=8874faaaac665100a095ef25e39c9a389f5a397f'>ui: 'relevance' considers regexps connected with a logical and.</a><span class='msg-avail'>...<span class='msg-tooltip'>* guix/ui.scm (relevance)[score]: Change to return 0 when one of REGEXPS
doesn't match.
* tests/ui.scm ("package-relevance"): New test.
</span></span></td><td>Ludovic Courtès</td></tr>

Age	Commit message (Expand)	Author
2020-03-25	tests: Adjust to 'show-manifest-transaction' changes....This is a followup to 3e5ab0a7a9399bb098b9ced46bf3cbf4085c6bab. * tests/ui.scm ("show-manifest-transaction"): Update regexp. * tests/guix-package.sh: Adjust Emacs regexp in --with-source test.	Ludovic Courtès
2020-02-23	ui: (size->number "1.M") is correctly parsed....Reported by Pierre Neidhardt <mail@ambrevar.xyz>. * guix/ui.scm (size->number)[unit-pos]: Add #\. to CHAR-SET:DIGIT. * tests/ui.scm ("size->number, 1.M"): New test.	Ludovic Courtès
2019-09-19	ui: 'relevance' connects regexps with a logical and....Fixes <https://bugs.gnu.org/36763>. Previously, the logical and connecting the regexps did not output the expected results (introduced in 8874faaaac665100a095ef25e39c9a389f5a397f). * guix/ui.scm (relevance) [score]: Change its arguments. [regexp->score]: New procedure. * tests/ui.scm ("package-relevance"): Add test. Signed-off-by: Ludovic Courtès <ludo@gnu.org>	zimoun
2019-06-27	ui: 'relevance' considers regexps connected with a logical and....* guix/ui.scm (relevance)[score]: Change to return 0 when one of REGEXPS doesn't match. * tests/ui.scm ("package-relevance"): New test.	Ludovic Courtès