Mercurial Mercurial > jdk-sandbox / changeset
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
8020293: JVM crash
authorjchen
Wed, 24 Jul 2013 12:03:57 -0700
changeset 20828 7d54086945dd
parent 20827 29e3da385ed2
child 20829 61b4adb0a695
child 20831 96cf18811858
8020293: JVM crash Reviewed-by: prr, jgodinez
jdk/src/share/classes/sun/font/GlyphLayout.java file | annotate | diff | comparison | revisions
jdk/src/share/native/sun/font/layout/SunLayoutEngine.cpp file | annotate | diff | comparison | revisions 
--- a/jdk/src/share/classes/sun/font/GlyphLayout.java	Wed Jul 17 18:46:00 2013 +0800
+++ b/jdk/src/share/classes/sun/font/GlyphLayout.java	Wed Jul 24 12:03:57 2013 -0700
@@ -468,9 +468,10 @@
                         _gvdata.grow();
                     }
                 }
-                if (_gvdata._count < 0) {
-                    break;
-                }
+            }
+            // Break out of the outer for loop if layout fails.
+            if (_gvdata._count < 0) {
+                break;
             }
         }
 
--- a/jdk/src/share/native/sun/font/layout/SunLayoutEngine.cpp	Wed Jul 17 18:46:00 2013 +0800
+++ b/jdk/src/share/native/sun/font/layout/SunLayoutEngine.cpp	Wed Jul 24 12:03:57 2013 -0700
@@ -104,6 +104,10 @@
 
 int putGV(JNIEnv* env, jint gmask, jint baseIndex, jobject gvdata, const LayoutEngine* engine, int glyphCount) {
     int count = env->GetIntField(gvdata, gvdCountFID);
+    if (count < 0) {
+      JNU_ThrowInternalError(env, "count negative");
+      return 0;
+    }
 
     jarray glyphArray = (jarray)env->GetObjectField(gvdata, gvdGlyphsFID);
     if (IS_NULL(glyphArray)) {
jdk-sandbox