heap-buffer-overflow of fig2dev of gensvg.c in function gensvg_text

Hi
I found an overflow error.

issues: https://sourceforge.net/p/mcj/tickets/113/
commit:https://sourceforge.net/p/mcj/fig2dev/ci/f8ce1ff8837056b12c046f56e3b5248b2c8eeaa1/

System info：
Ubuntu 20.04 : clang 10.0.0 , gcc 9.3.0
fig2dev Version 3.2.8a

Verification steps：
1.Get the source code of fig2dev
2.Compile the fig2dev

$ cd fig2dev-3.2.8a
$ ./configure CC="clang -O2 -fno-omit-frame-pointer -g -fsanitize=address" CXX="clang++ -O2 -fno-omit-frame-pointer -g -fsanitize=address"
$ make

3.run fig2dev
$ ./fig2dev -L svg overflow_fig2dev_crash

asan info:
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<!-- Creator: fig2dev Version 3.2.8a -->
<!-- CreationDate: 2021-04-17 04:37:54 -->
<!-- Magnification: 1 -->
<svg xmlns="http://www.w3.org/2000/svg"
    xmlns:xlink="http://www.w3.org/1999/xlink"
    width="900pt" height="3600pt"
    viewBox="163 0 25 100">
<g fill="none">
<!-- Text -->
=================================================================
==3221214==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x602000000072 at pc 0x0000005888ef bp 0x7ffcc0226110 sp 0x7ffcc0226108
READ of size 1 at 0x602000000072 thread T0
    #0 0x5888ee in gensvg_text /home/hh/Downloads/fig2dev-3.2.8a/fig2dev/dev/gensvg.c:1006:42
    #1 0x4d0847 in gendev_objects /home/hh/Downloads/fig2dev-3.2.8a/fig2dev/fig2dev.c:1008:6
    #2 0x4d0847 in main /home/hh/Downloads/fig2dev-3.2.8a/fig2dev/fig2dev.c:485:11
    #3 0x7f03fc8940b2 in __libc_start_main /build/glibc-eX1tMB/glibc-2.31/csu/../csu/libc-start.c:308:16
    #4 0x41c71d in _start (/home/hh/Downloads/fig2dev-3.2.8a/fig2dev/fig2dev+0x41c71d)

0x602000000072 is located 0 bytes to the right of 2-byte region [0x602000000070,0x602000000072)
allocated by thread T0 here:
    #0 0x494fd2 in calloc (/home/hh/Downloads/fig2dev-3.2.8a/fig2dev/fig2dev+0x494fd2)
    #1 0x4d5951 in read_textobject /home/hh/Downloads/fig2dev-3.2.8a/fig2dev/read1_3.c:505:24
    #2 0x4d2b8b in read_1_3_objects /home/hh/Downloads/fig2dev-3.2.8a/fig2dev/read1_3.c:126:16
    #3 0x4d666f in readfp_fig /home/hh/Downloads/fig2dev-3.2.8a/fig2dev/read.c:154:12
    #4 0x4d6312 in read_fig /home/hh/Downloads/fig2dev-3.2.8a/fig2dev/read.c:124:10
    #5 0x4d04cb in main /home/hh/Downloads/fig2dev-3.2.8a/fig2dev/fig2dev.c:424:12
    #6 0x7f03fc8940b2 in __libc_start_main /build/glibc-eX1tMB/glibc-2.31/csu/../csu/libc-start.c:308:16

SUMMARY: AddressSanitizer: heap-buffer-overflow /home/hh/Downloads/fig2dev-3.2.8a/fig2dev/dev/gensvg.c:1006:42 in gensvg_text
Shadow bytes around the buggy address:
  0x0c047fff7fb0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c047fff7fc0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c047fff7fd0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c047fff7fe0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x0c047fff7ff0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
=>0x0c047fff8000: fa fa fd fa fa fa 00 04 fa fa 00 04 fa fa[02]fa
  0x0c047fff8010: fa fa 00 07 fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c047fff8020: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c047fff8030: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c047fff8040: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c047fff8050: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable: 00
  Partially addressable: 01 02 03 04 05 06 07
  Heap left redzone: fa
  Freed heap region: fd
  Stack left redzone: f1
  Stack mid redzone: f2
  Stack right redzone: f3
  Stack after return: f5
  Stack use after scope: f8
  Global redzone: f9
  Global init order: f6
  Poisoned by user: f7
  Container overflow: fc
  Array cookie: ac
  Intra object redzone: bb
  ASan internal: fe
  Left alloca redzone: ca
  Right alloca redzone: cb
  Shadow gap: cc
==3221214==ABORTING