From 6e4c97a3285900ccc1d6be72e4861aef916dffb6 Mon Sep 17 00:00:00 2001
From: Tim Ledbetter <timledbetter@gmail.com>
Date: Wed, 25 Oct 2023 21:48:29 +0100
Subject: [PATCH] LibGfx/WOFF: Return error if `numTables` is 0

This is consistent with WOFF2.
---
 Userland/Libraries/LibGfx/Font/WOFF/Font.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Userland/Libraries/LibGfx/Font/WOFF/Font.cpp b/Userland/Libraries/LibGfx/Font/WOFF/Font.cpp
index f8d2e9489d..38a7e2c0e4 100644
--- a/Userland/Libraries/LibGfx/Font/WOFF/Font.cpp
+++ b/Userland/Libraries/LibGfx/Font/WOFF/Font.cpp
@@ -94,7 +94,7 @@ ErrorOr<NonnullRefPtr<Font>> Font::try_load_from_externally_owned_memory(Readonl
     auto expected_total_sfnt_size = sizeof(OpenType::TableDirectory) + header.num_tables * 16;
     if (header.length > buffer.size())
         return Error::from_string_literal("Invalid WOFF length");
-    if (header.num_tables > NumericLimits<u16>::max() / 16)
+    if (header.num_tables == 0 || header.num_tables > NumericLimits<u16>::max() / 16)
         return Error::from_string_literal("Invalid WOFF numTables");
     if (header.reserved != 0)
         return Error::from_string_literal("Invalid WOFF reserved field");