$NetBSD: patch-am,v 1.1.2.2 2010/03/27 17:51:38 tron Exp $

Fix for CVE-2010-0421.

--- pango/opentype/hb-ot-layout.cc.orig	2009-11-26 00:44:17.000000000 +0000
+++ pango/opentype/hb-ot-layout.cc
@@ -44,6 +44,8 @@ _hb_ot_layout_init (hb_face_t *face)
 {
   hb_ot_layout_t *layout = &face->ot_layout;
 
+  memset (layout, 0, sizeof (*layout));
+
   layout->gdef_blob = Sanitizer<GDEF>::sanitize (hb_face_get_table (face, HB_OT_TAG_GDEF));
   layout->gdef = &Sanitizer<GDEF>::lock_instance (layout->gdef_blob);
 
@@ -293,7 +295,7 @@ hb_ot_layout_build_glyph_classes (hb_fac
     return;
 
   if (layout->new_gdef.len == 0) {
-    layout->new_gdef.klasses = (unsigned char *) calloc (num_total_glyphs, sizeof (unsigned char));
+    layout->new_gdef.klasses = (unsigned char *) calloc (count, sizeof (unsigned char));
     layout->new_gdef.len = count;
   }
 
