From 35da42b681ba883de7852ecde8bd55f0adc61708 Mon Sep 17 00:00:00 2001
From: iasunsea <iasunsea@sina.com>
Date: Sat, 22 Jul 2023 00:50:27 +0800
Subject: [PATCH] fix SEGV in cairo_type1_font functioons

---
 src/cairo-type1-subset.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/cairo-type1-subset.c b/src/cairo-type1-subset.c
index 735c59e72..0388f374e 100644
--- a/src/cairo-type1-subset.c
+++ b/src/cairo-type1-subset.c
@@ -1085,6 +1085,9 @@ cairo_type1_font_for_each_subr (cairo_type1_font_subset_t  *font,
 
 	/* Skip binary data and | or NP token. */
 	p = skip_token (subr_string + subr_length, cleartext_end);
+        if (p == NULL)
+            return CAIRO_INT_STATUS_UNSUPPORTED;
+
 	while (p < cleartext_end && _cairo_isspace(*p))
 	    p++;
 
@@ -1248,6 +1251,9 @@ cairo_type1_font_subset_for_each_glyph (cairo_type1_font_subset_t *font,
 
 	/* Skip binary data and |- or ND token. */
 	p = skip_token (charstring + charstring_length, dict_end);
+        if (p == NULL)
+            return CAIRO_INT_STATUS_UNSUPPORTED;
+
 	while (p < dict_end && _cairo_isspace(*p))
 	    p++;