# HG changeset patch
# User vadim
# Date 1429172843 -10800
# Node ID 1a0b3be534c2c7c7e1fcdab1946d7147bf59a560
# Parent  2e939bf6c09bb180271483bf21e712f152a102ed
8077520: Morph tables into improved form
Reviewed-by: prr, srl, mschoene

diff -r 2e939bf6c09b -r 1a0b3be534c2 src/share/native/sun/font/layout/Features.cpp
--- a/src/share/native/sun/font/layout/Features.cpp	Tue May 12 17:22:22 2015 +0100
+++ b/src/share/native/sun/font/layout/Features.cpp	Thu Apr 16 11:27:23 2015 +0300
@@ -41,7 +41,7 @@
 LEReferenceTo<FeatureTable> FeatureListTable::getFeatureTable(const LETableReference &base, le_uint16 featureIndex, LETag *featureTag, LEErrorCode &success) const
 {
     LEReferenceToArrayOf<FeatureRecord>
-        featureRecordArrayRef(base, success, featureRecordArray, featureIndex);
+        featureRecordArrayRef(base, success, featureRecordArray, featureIndex+1);
 
   if (featureIndex >= SWAPW(featureCount) || LE_FAILURE(success)) {
     return LEReferenceTo<FeatureTable>();
diff -r 2e939bf6c09b -r 1a0b3be534c2 src/share/native/sun/font/layout/LETableReference.h
--- a/src/share/native/sun/font/layout/LETableReference.h	Tue May 12 17:22:22 2015 +0100
+++ b/src/share/native/sun/font/layout/LETableReference.h	Thu Apr 16 11:27:23 2015 +0300
@@ -241,6 +241,18 @@
   }
 
   /**
+  * Throw an error if size*count overflows
+  */
+  size_t verifyLength(size_t offset, size_t size, le_uint32 count, LEErrorCode &success) {
+    if(count!=0 && size>LE_UINT32_MAX/count) {
+      LE_DEBUG_TR3("verifyLength failed size=%u, count=%u", size, count);
+      success = LE_INDEX_OUT_OF_BOUNDS_ERROR;
+      return 0;
+    }
+    return verifyLength(offset, size*count, success);
+  }
+
+  /**
    * Change parent link to another
    */
   LETableReference &reparent(const LETableReference &base) {
@@ -425,7 +437,7 @@
       if(fCount == LE_UNBOUNDED_ARRAY) { // not a known length
         fCount = getLength()/LETableVarSizer<T>::getSize(); // fit to max size
       }
-      LETableReference::verifyLength(0, LETableVarSizer<T>::getSize()*fCount, success);
+      LETableReference::verifyLength(0, LETableVarSizer<T>::getSize(), fCount, success);
     }
     if(LE_FAILURE(success)) {
       fCount=0;
@@ -440,7 +452,7 @@
       if(fCount == LE_UNBOUNDED_ARRAY) { // not a known length
         fCount = getLength()/LETableVarSizer<T>::getSize(); // fit to max size
       }
-      LETableReference::verifyLength(0, LETableVarSizer<T>::getSize()*fCount, success);
+      LETableReference::verifyLength(0, LETableVarSizer<T>::getSize(), fCount, success);
     }
     if(LE_FAILURE(success)) clear();
   }
@@ -451,7 +463,7 @@
       if(fCount == LE_UNBOUNDED_ARRAY) { // not a known length
         fCount = getLength()/LETableVarSizer<T>::getSize(); // fit to max size
       }
-      LETableReference::verifyLength(0, LETableVarSizer<T>::getSize()*fCount, success);
+      LETableReference::verifyLength(0, LETableVarSizer<T>::getSize(), fCount, success);
     }
     if(LE_FAILURE(success)) clear();
   }