File harfbuzz-crash.diff of Package libqt4-devel-doc.import5129

commit 9ae6f2f9a57f0c3096d5785913e437953fa6775c
Author: Jiang Jiang <jiang.jiang@nokia.com>
Date:   Mon Jul 18 08:49:32 2011 +0200

    Check for buffer overflow in Lookup_MarkMarkPos
    
    That may cause crash in this function with certain fonts.
    
    Task-number: QTBUG-17238
    Done-by: Alberto Garcia <agarcia@igalia.com>
    Reviewed-by: Jiang Jiang

--- src/3rdparty/harfbuzz/src/harfbuzz-gpos.c
+++ src/3rdparty/harfbuzz/src/harfbuzz-gpos.c
@@ -3012,6 +3012,9 @@ static HB_Error  Lookup_MarkMarkPos( GPOS_Instance*    gpi,
     j--;
   }
 
+  if ( i > buffer->in_pos )
+    return HB_Err_Not_Covered;
+
   error = _HB_OPEN_Coverage_Index( &mmp->Mark2Coverage, IN_GLYPH( j ),
 			  &mark2_index );
   if ( error )