[subset] limit the max codepoint value to the unicode limit.

When collecting all codepoints in the cmap avoid using large amount of memory for fonts that declare coverage over all 32 bit integers.

diff --git a/src/hb-ot-cmap-table.hh b/src/hb-ot-cmap-table.hh
index 00f8352..67a9c7d 100644 (file)
--- a/src/hb-ot-cmap-table.hh
+++ b/src/hb-ot-cmap-table.hh
@@ -37,6 +37,9 @@
  */
 #define HB_OT_TAG_cmap HB_TAG('c','m','a','p')
 
+#ifndef HB_MAX_UNICODE_CODEPOINT_VALUE
+#define HB_MAX_UNICODE_CODEPOINT_VALUE 0x10FFFF
+#endif
 
 namespace OT {
 
@@ -437,8 +440,10 @@ struct CmapSubtableLongSegmented
   {
     for (unsigned int i = 0; i < this->groups.len; i++) {
       hb_set_add_range (out,
-                       this->groups[i].startCharCode,
-                       this->groups[i].endCharCode);
+                       MIN ((unsigned int) this->groups[i].startCharCode,
+                            (unsigned int) HB_MAX_UNICODE_CODEPOINT_VALUE),
+                       MIN ((unsigned int) this->groups[i].endCharCode,
+                            (unsigned int) HB_MAX_UNICODE_CODEPOINT_VALUE));
     }
   }
 

diff --git a/test/api/fonts/clusterfuzz-testcase-minimized-hb-subset-get-codepoints-fuzzer-5973295416475648 b/test/api/fonts/clusterfuzz-testcase-minimized-hb-subset-get-codepoints-fuzzer-5973295416475648
new file mode 100644 (file)
index 0000000..b506d2a
Binary files /dev/null and b/test/api/fonts/clusterfuzz-testcase-minimized-hb-subset-get-codepoints-fuzzer-5973295416475648 differ