Fix CVE-2018-6942: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6942 https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-6942.html Copied from upstream (ChangeLog section removed): https://git.savannah.gnu.org/cgit/freetype/freetype2.git/commit/?id=29c759284e305ec428703c9a5831d0b1fc3497ef diff --git a/src/truetype/ttinterp.c b/src/truetype/ttinterp.c index d855aaa..551f14a 100644 --- a/src/truetype/ttinterp.c +++ b/src/truetype/ttinterp.c @@ -7532,8 +7532,16 @@ return; } - for ( i = 0; i < num_axes; i++ ) - args[i] = coords[i] >> 2; /* convert 16.16 to 2.14 format */ + if ( coords ) + { + for ( i = 0; i < num_axes; i++ ) + args[i] = coords[i] >> 2; /* convert 16.16 to 2.14 format */ + } + else + { + for ( i = 0; i < num_axes; i++ ) + args[i] = 0; + } }