From 7a9d643c297990f9889a2f7b4a470ef933bac131 Mon Sep 17 00:00:00 2001
From: Ebrahim Byagowi <ebrahim@gnu.org>
Date: Thu, 11 Jul 2019 01:35:06 +0430
Subject: [PATCH] Fix unintialized memory read in cmap subset (#1826)

---
 src/hb-ot-cmap-table.hh | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/src/hb-ot-cmap-table.hh b/src/hb-ot-cmap-table.hh
index ac75bd9..d79b549 100644
--- a/src/hb-ot-cmap-table.hh
+++ b/src/hb-ot-cmap-table.hh
@@ -878,7 +878,7 @@ struct cmap
     cmap_plan->has_ms_bmp = find_subtable (3, 1);
     cmap_plan->has_ms_ucs4 = find_subtable (3, 10);
     cmap_plan->num_enc_records = cmap_plan->has_unicode_bmp + cmap_plan->has_unicode_ucs4 + cmap_plan->has_ms_bmp + cmap_plan->has_ms_ucs4;
-  
+
     if (unlikely (!CmapSubtableFormat4::create_sub_table_plan (plan, &cmap_plan->format4_segments)))
       return false;
 
@@ -979,6 +979,14 @@ struct cmap
       if (unlikely (!format12.serialize (&c, cmap_subset_plan.format12_groups)))
 	return false;
     }
+    else
+    {
+      // FIXME: Merge this with above or, remove and tweak #final_size
+      // and rebase all the tests expectations
+      HBUINT32 empty;
+      empty = 0;
+      for (unsigned int i = 0; i < 4; ++i) c.copy (empty);
+    }
 
     c.end_serialize ();
 
-- 
2.7.4