From 33af6236b89e2787d57b889b77c5efe59de60ec2 Mon Sep 17 00:00:00 2001
From: Jia-Hong Chen <jia-hong.chen@oracle.com>
Date: Tue, 19 Mar 2013 14:29:34 -0700
Subject: [PATCH] 8009013: Better handling of T2K glyphs

Reviewed-by: bae, mschoene, prr
---
 jdk/src/share/native/sun/font/freetypeScaler.c | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/jdk/src/share/native/sun/font/freetypeScaler.c b/jdk/src/share/native/sun/font/freetypeScaler.c
index 591bb382f9b..e84e77c4207 100644
--- a/jdk/src/share/native/sun/font/freetypeScaler.c
+++ b/jdk/src/share/native/sun/font/freetypeScaler.c
@@ -1351,17 +1351,22 @@ Java_sun_font_FreetypeFontScaler_getGlyphVectorOutlineNative(
     FTScalerInfo *scalerInfo =
              (FTScalerInfo*) jlong_to_ptr(pScaler);
 
-    glyphs = (jint*) malloc(numGlyphs*sizeof(jint));
+    glyphs = NULL;
+    if (numGlyphs > 0 && 0xffffffffu / sizeof(jint) >= numGlyphs) {
+        glyphs = (jint*) malloc(numGlyphs*sizeof(jint));
+    }
     if (glyphs == NULL) {
+        // We reach here if:
+        // 1. numGlyphs <= 0,
+        // 2. overflow check failed, or
+        // 3. malloc failed.
         gp = (*env)->NewObject(env, sunFontIDs.gpClass, sunFontIDs.gpCtrEmpty);
-        if (!isNullScalerContext(context) && scalerInfo != NULL) {
-            invalidateJavaScaler(env, scaler, scalerInfo);
-        }
         return gp;
     }
 
     (*env)->GetIntArrayRegion(env, glyphArray, 0, numGlyphs, glyphs);
 
+    gpdata.numCoords = 0;
     for (i=0; i<numGlyphs;i++) {
         if (glyphs[i] >= INVISIBLE_GLYPHS) {
             continue;