Source code
Revision control
Copy as Markdown
Other Tools
From bb3017d3dd80db90edc7fbebc42944893e5f6e53 Mon Sep 17 00:00:00 2001
From: Jonathan Kew <jkew@mozilla.com>
Date: Sat, 25 Apr 2026 13:28:12 +0000
r=gfx-reviewers,lsalzman
---
src/cairo-cff-subset.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/src/cairo-cff-subset.c b/src/cairo-cff-subset.c
index ffa2eb6ad..6c01ed4ef 100644
--- a/src/cairo-cff-subset.c
+++ b/src/cairo-cff-subset.c
@@ -1423,7 +1423,11 @@ cairo_cff_font_subset_dict_string(cairo_cff_font_t *font,
if (sid < NUM_STD_STRINGS)
return CAIRO_STATUS_SUCCESS;
- element = _cairo_array_index (&font->strings_index, sid - NUM_STD_STRINGS);
+ sid -= NUM_STD_STRINGS;
+ if (sid >= (int)_cairo_array_num_elements (&font->strings_index))
+ return CAIRO_INT_STATUS_UNSUPPORTED;
+
+ element = _cairo_array_index (&font->strings_index, sid);
sid = NUM_STD_STRINGS + _cairo_array_num_elements (&font->strings_subset_index);
status = cff_index_append (&font->strings_subset_index, element->data, element->length);
if (unlikely (status))
--
2.53.0