We don't check the return value of calloc [1], which can be NULL if the allocation fails.
This can lead to a Segmentation Fault when we later try to write to the result buffer [2].
[1]
|
char* output_data = (char*) calloc(max_output_length, 1); |
[2]
|
StoreU32(kWoff2Signature, &offset, result); |
We don't check the return value of
calloc[1], which can be NULL if the allocation fails.This can lead to a Segmentation Fault when we later try to write to the
resultbuffer [2].[1]
ttf2woff2/csrc/addon.cc
Line 27 in ceea281
[2]
ttf2woff2/csrc/woff2/woff2_enc.cc
Line 355 in ceea281