From 26b2057908044f1b599845d52998d40163737557 Mon Sep 17 00:00:00 2001
From: swx1094762 <shiqichang@huawei.com>
Date: Wed, 19 Apr 2023 10:34:29 +0800
Subject: [PATCH] fixed aa4deb4 from
 https://gitee.com/shi-qichang/third_party_freetype/pulls/50
 Description:CVE-2023-2004 issuesno:I6VUAP Sig:SIG_ApplicationFramework
 Feature or Bugfix:Feature Binary Source:NO

Signed-off-by: swx1094762 <shiqichang@huawei.com>
---
 src/truetype/ttgxvar.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/truetype/ttgxvar.c b/src/truetype/ttgxvar.c
index b462263..082bcc0 100644
--- a/src/truetype/ttgxvar.c
+++ b/src/truetype/ttgxvar.c
@@ -42,6 +42,7 @@
 #include <ft2build.h>
 #include <freetype/internal/ftdebug.h>
 #include FT_CONFIG_CONFIG_H
+#include <freetype/internal/ftcalc.h>
 #include <freetype/internal/ftstream.h>
 #include <freetype/internal/sfnt.h>
 #include <freetype/tttags.h>
@@ -1065,7 +1066,7 @@
                 delta == 1 ? "" : "s",
                 vertical ? "VVAR" : "HVAR" ));
 
-    *avalue += delta;
+    *avalue = ADD_INT( *avalue, delta );
 
   Exit:
     return error;
-- 
Gitee