]> granicus.if.org Git - libass/commitdiff
Fix line wrapping mode 0/3 bugs
authorGrigori Goronzy <greg@chown.ath.cx>
Tue, 4 Oct 2016 19:25:41 +0000 (21:25 +0200)
committerGrigori Goronzy <greg@chown.ath.cx>
Tue, 4 Oct 2016 22:38:35 +0000 (00:38 +0200)
This fixes two separate bugs:

a) Don't move a linebreak into the first symbol. This results in a empty
   line at the front, which does not help to equalize line lengths at all.
   Instead, merge line with the second one.
b) When moving a linebreak into a symbol that already is a break, the
   number of lines must be decremented. Otherwise, uninitialized memory
   is possibly used for later layout operations.

Found by fuzzer test case
id:000085,sig:11,src:003377+003350,op:splice,rep:8.

This might also affect and hopefully fix libass#229.

v2: change semantics according to review

libass/ass_render.c

index 8790408d51004f22e30ec1551a648cf6d594d486..1d3c0c56b85255b74542a6f8e490bc1dcd54e2ee 100644 (file)
@@ -1608,7 +1608,10 @@ wrap_lines_smart(ASS_Renderer *render_priv, double max_text_width)
                         (w->bbox.xMin + w->pos.x));
 
                     if (DIFF(l1_new, l2_new) < DIFF(l1, l2)) {
-                        w->linebreak = 1;
+                        if (w->linebreak || w == text_info->glyphs)
+                            text_info->n_lines--;
+                        if (w != text_info->glyphs)
+                            w->linebreak = 1;
                         s2->linebreak = 0;
                         exit = 0;
                     }