fix CVE-2022-33068.patch

(cherry picked from commit 6418ce21b4585623c2ab6f75b102274ab34c9330)

backport-CVE-2022-33068.patch

@@ -0,0 +1,29 @@
+From 62e803b36173fd096d7ad460dd1d1db9be542593 Mon Sep 17 00:00:00 2001
+From: Behdad Esfahbod <behdad@behdad.org>
+Date: Wed, 1 Jun 2022 07:38:21 -0600
+Subject: [PATCH] [sbix] Limit glyph extents
+
+Fixes https://github.com/harfbuzz/harfbuzz/issues/3557
+---
+ src/hb-ot-color-sbix-table.hh       |   6 ++++++
+ test/fuzzing/fonts/sbix-extents.ttf | Bin 0 -> 582 bytes
+ 2 files changed, 6 insertions(+)
+ create mode 100644 test/fuzzing/fonts/sbix-extents.ttf
+
+diff --git a/src/hb-ot-color-sbix-table.hh b/src/hb-ot-color-sbix-table.hh
+index 9741ebd450..6efae43cda 100644
+--- a/src/hb-ot-color-sbix-table.hh
++++ b/src/hb-ot-color-sbix-table.hh
+@@ -298,6 +298,12 @@ struct sbix
+ 
+       const PNGHeader &png = *blob->as<PNGHeader>();
+ 
++      if (png.IHDR.height >= 65536 | png.IHDR.width >= 65536)
++      {
++	hb_blob_destroy (blob);
++	return false;
++      }
++
+       extents->x_bearing = x_offset;
+       extents->y_bearing = png.IHDR.height + y_offset;
+       extents->width     = png.IHDR.width;

harfbuzz.spec

@@ -1,12 +1,14 @@
 Name:           harfbuzz
 Version:        2.8.2
-Release:        2
+Release:        3
 Summary:        A text shaping engine
 
 License:        MIT
 URL:            https://harfbuzz.github.io/what-is-harfbuzz.html
 Source0:        https://github.com/harfbuzz/harfbuzz/releases/download/2.8.2/%{name}-%{version}.tar.xz
 
+Patch0001:	backport-CVE-2022-33068.patch
+
 BuildRequires:  gcc-c++ freetype-devel cairo-devel glib2-devel graphite2-devel
 BuildRequires:  gtk-doc libicu-devel gobject-introspection-devel
 Provides:       harfbuzz-icu
@@ -69,6 +71,9 @@ make install DESTDIR=$RPM_BUILD_ROOT INSTALL="install -p"
 %{_datadir}/gtk-doc/html/harfbuzz/*
 
 %changelog
+* Thu Jul 14 2022 zhouwenpei <zhouwenpei1@h-partners.com> - 2.8.2-3
+- fix CVE-2022-33068
+
 * Tue May 24 2022 loong_C <loong_c@yeah.net> - 2.8.2-2
 - fix spec changelog date