* src/sfnt/sfwoff2.c (compute_ULong_sum): Fix undefined shift.

Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16933
author: Werner Lemberg <wl@gnu.org> 2019-09-03 21:10:20 +0200
committer: Werner Lemberg <wl@gnu.org> 2019-09-03 21:10:20 +0200
commit: 3fa35aa420ee88856c60d3c0b7fedd43801953cc (patch)
tree: 5eb5872b4f24cd10881644668212cd76311047d5
parent: 543a3b939df50e02e52b948f4c9c8ba63bf38059 (diff)
download: freetype2-3fa35aa420ee88856c60d3c0b7fedd43801953cc.tar.gz
2 files changed, 12 insertions, 4 deletions
diff --git a/ChangeLog b/ChangeLog
index a6d7cb432..55fc3aedc 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,11 @@
+2019-09-03  Werner Lemberg  <wl@gnu.org>
+
+	* src/sfnt/sfwoff2.c (compute_ULong_sum): Fix undefined shift.
+
+	Reported as
+
+	  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16933
+
 2019-09-01  Werner Lemberg  <wl@gnu.org>
 
 	* src/sfnt/sfwoff2.c (woff2_open_font): Add sanity check.
diff --git a/src/sfnt/sfwoff2.c b/src/sfnt/sfwoff2.c
index 6e2ff040f..9beb01f65 100644
--- a/src/sfnt/sfwoff2.c
+++ b/src/sfnt/sfwoff2.c
@@ -292,10 +292,10 @@
 
 
     for ( i = 0; i < aligned_size; i += 4 )
-      checksum += ( buf[i    ] << 24 ) |
-                  ( buf[i + 1] << 16 ) |
-                  ( buf[i + 2] <<  8 ) |
-                  ( buf[i + 3] <<  0 );
+      checksum += ( (FT_ULong)buf[i    ] << 24 ) |
+                  ( (FT_ULong)buf[i + 1] << 16 ) |
+                  ( (FT_ULong)buf[i + 2] <<  8 ) |
+                  ( (FT_ULong)buf[i + 3] <<  0 );
 
     /* If size is not aligned to 4, treat as if it is padded with 0s. */
     if ( size != aligned_size )
author	Werner Lemberg <wl@gnu.org>	2019-09-03 21:10:20 +0200
committer	Werner Lemberg <wl@gnu.org>	2019-09-03 21:10:20 +0200
commit	3fa35aa420ee88856c60d3c0b7fedd43801953cc (patch)
tree	5eb5872b4f24cd10881644668212cd76311047d5
parent	543a3b939df50e02e52b948f4c9c8ba63bf38059 (diff)
download	freetype2-3fa35aa420ee88856c60d3c0b7fedd43801953cc.tar.gz