From e164d9c087e2e65878dbf6e3ec20f4c249c5ec96 Mon Sep 17 00:00:00 2001
From: Jonathan Kew <jkew@mozilla.com>
Date: Mon, 15 Jan 2018 16:36:47 +0000
Subject: [PATCH] Bug 1430552 - Handle possible freetype failures in
 gfxFT2FontBase::GetFTGlyphAdvance to avoid risk of crashes. r=lsalzman

---
 gfx/thebes/gfxFT2FontBase.cpp | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/gfx/thebes/gfxFT2FontBase.cpp b/gfx/thebes/gfxFT2FontBase.cpp
index 8cacd4260db7..ee4e9e2cbede 100644
--- a/gfx/thebes/gfxFT2FontBase.cpp
+++ b/gfx/thebes/gfxFT2FontBase.cpp
@@ -511,14 +511,22 @@ FT_Fixed
 gfxFT2FontBase::GetFTGlyphAdvance(uint16_t aGID)
 {
     gfxFT2LockedFace face(this);
+    MOZ_ASSERT(face.get());
+    if (!face.get()) {
+        // Failed to get the FT_Face? Give up already.
+        return 0;
+    }
     int32_t flags =
         gfxPlatform::GetPlatform()->FontHintingEnabled()
             ? FT_LOAD_ADVANCE_ONLY
             : FT_LOAD_ADVANCE_ONLY | FT_LOAD_NO_AUTOHINT | FT_LOAD_NO_HINTING;
-    FT_Fixed advance = 0;
-    mozilla::DebugOnly<FT_Error> ftError =
-        FT_Load_Glyph(face.get(), aGID, flags);
+    FT_Error ftError = FT_Load_Glyph(face.get(), aGID, flags);
     MOZ_ASSERT(!ftError);
+    if (ftError != FT_Err_Ok) {
+        // FT_Face was somehow broken/invalid? Don't try to access glyph slot.
+        return 0;
+    }
+    FT_Fixed advance = 0;
     if (face.get()->face_flags & FT_FACE_FLAG_SCALABLE) {
         advance = face.get()->glyph->linearHoriAdvance;
     } else {