Disallow null-enabled offsets to unsized structures... ...like UnsizedArrayOf<>. This fixes a class of crasher bugs, mostly with color and AAT tables. We cannot use nullable offsets to varsized data that does not declare min_size, because it's nost safe to use our fixed-size null pool for types that have their size external. So, use non_null'able offsets for these. A further enhancement would be to make use of min_size in Null<> itself. Will try that after.

commit: 10642b3fbfbc1776e784b190c43a9e0693dd423a [log] [tgz]
author: Behdad Esfahbod <behdad@behdad.org> Sat Sep 15 19:43:33 2018 +0200
committer: Behdad Esfahbod <behdad@behdad.org> Sat Sep 15 19:43:33 2018 +0200
tree: 85c76ac20f354e48d53bbf814d11b79416e438e5
parent: 9ff76c6025b55d184c96b193f23aa935ab32f1fc [diff] [blame]
diff --git a/src/hb-aat-layout-feat-table.hh b/src/hb-aat-layout-feat-table.hh
index b700763..b670caa 100644
--- a/src/hb-aat-layout-feat-table.hh
+++ b/src/hb-aat-layout-feat-table.hh

@@ -78,7 +78,7 @@
   protected:
   HBUINT16	feature;	/* Feature type. */
   HBUINT16	nSettings;	/* The number of records in the setting name array. */
-  LOffsetTo<UnsizedArrayOf<SettingName> >
+  LOffsetTo<UnsizedArrayOf<SettingName>, false>
 		settingTable;	/* Offset in bytes from the beginning of this table to
 				 * this feature's setting name array. The actual type of
 				 * record this offset refers to will depend on the
commit	10642b3fbfbc1776e784b190c43a9e0693dd423a	[log] [tgz]
author	Behdad Esfahbod <behdad@behdad.org>	Sat Sep 15 19:43:33 2018 +0200
committer	Behdad Esfahbod <behdad@behdad.org>	Sat Sep 15 19:43:33 2018 +0200
tree	85c76ac20f354e48d53bbf814d11b79416e438e5
parent	9ff76c6025b55d184c96b193f23aa935ab32f1fc [diff] [blame]