Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=981
* include/freetype/fterrdef.h (FT_Err_DEF_In_Glyf_Bytecode): New
error code.
* src/truetype/ttinterp.c (Ins_FDEF, Ins_IDEF): Prohibit execution
of these two opcodes in `glyf' bytecode.
(TT_RunIns): Don't enforce reexecution of `fpgm' and `prep' bytecode
in case of error since function tables can no longer be modified
(due to the changes in `Ins_FDEF' and `Ins_IDEF'). This change can
enormously speed up handling of broken fonts.
This change is a result of a discussion thread on freetype-devel
http://lists.nongnu.org/archive/html/freetype-devel/2015-06/msg00041.html
Re-introduce the `freetype2' subdirectory for all FreeType header
files after installation, and rename the `freetype2' subdirectory in
the git repository to `freetype'.
* include/freetype2: Renamed to...
* include/freetype: This.
* CMakeLists.txt (PUBLIC_HEADERS, PUBLIC_CONFIG_HEADERS,
PRIVATE_HEADERS): Updated.
Update creation of `ftconfig.h'.
Install generated `ftconfig.h'.
* Jamfile (HDRMACRO, RefDoc), autogen.sh: Updated.
* builds/amiga/include/config/ftconfig.h, builds/freetype.mk
(PUBLIC_DIR), builds/symbian/bld.inf, builds/toplevel.mk (work),
builds/unix/freetype2.in: Updated.
* builds/unix/freetype-config.in: Updated.
* builds/unix/configure.raw: Don't check for `rmdir'.
* builds/unix/unix-def.in (DELDIR): Use `rm -rf', which is portable
according to the autoconf info manual.
* builds/unix/install.mk (install, uninstall,
distclean_project_unix): Update and simplify.
* builds/wince/*, builds/windows/*: Updated.
* devel/ft2build.h, include/ft2build.h: Updated.
* include/freetype2/config/ftheader.h,
include/freetype2/internal/ftserv.h,
include/freetype2/internal/internal.h: Update all header file
macros.
* src/tools/chktrcmp.py (TRACE_DEF_FILES): Updated.
* docs/*: Updated.
This large patch changes the header file directory layout from
`include/freetype/...' to `include/...', effectively removing one
level. Since the file `ft2build.h' is also located in `include'
(and it stays there even after installation), all FreeType header
files are now in a single directory.
Applications that use (a) `freetype-config' or FreeType's
`pkg-config' file to get the include directory for the compiler, and
(b) the documented way for header inclusion like
#include <ft2build.h>
#include FT_FREETYPE_H
...
don't need any change to the source code.
* include/freetype/*: Move up to...
* include/*: ... this directory.
* builds/amiga/include/freetype/*: Move up to...
* builds/amiga/include/*: ... this directory.
*/*: Essentially do `s@/freetype/@/@' where appropriate.
* CMakeList.txt: Simplify.
* builds/unix/freetype-config.in, builds/unix/freetype2.in: For
`--cflags', return a single directory.
* builds/unix/install.mk (install): No longer try to remove `cache'
and `internal' subdirectories; instead, remove the `freetype'
subdirectory.
This work, written by Dave Arnold <darnold@adobe.com> and fully
integrated into FreeType by me, is a donation by Adobe in
collaboration with Google. It is vastly superior to the old CFF
engine, and it will replace it soon. Right now, it is still off by
default, and you have to explicitly select it using the new
`hinting-engine' property of the cff driver.
For convenience, (most of) the new files are committed separately.
* include/freetype/config/ftheader.h (FT_CFF_DRIVER_H): New macro.
* include/freetype/ftcffdrv.h: New file to access CFF driver
properties.
* include/freetype/fterrdef.h (FT_Err_Glyph_Too_Big): New error
code.
* include/freetype/internal/fttrace.h: Add `cf2blues', `cf2hints',
and `cf2interp'.
* src/cff/cffgload.h (CFF_SubFont): New member `current_subfont'.
* src/cff/cffobjs.h (CFF_DriverRec): New members `hinting_engine'
and `no_stem_darkening'.
* src/cff/cfftypes.h (CFF_FontRec): New member `cf2_instance'.
* src/cff/cff.c: Include new files.
* src/cff/cffdrivr.c (cff_property_set, cff_property_get): Handle
`hinting-engine' and `no-stem-darkening' properties (only the Adobe
engine listens to them).
* src/cff/cffgload.c: Include `cf2ft.h'.
(cff_decoder_prepare): Initialize `current_subfont'.
(cff_build_add_point): Handle Adobe engine which uses 16.16
coordinates.
(cff_slot_load): Handle FT_LOAD_NO_SCALE and FT_LOAD_NO_HINTING
separately.
Choose rendering engine based on `hinting_engine' property.
* src/cff/cffload.c (cff_font_done): Call finalizer of the Adobe
engine.
* src/cff/cffobjs.c: Include FT_CFF_DRIVER_H.
(cff_driver_init): Set default property values.
* src/cff/rules.mk (CFF_DRV_SRC, CFF_DRV_H): Add new files.
* src/cff/cf2*.*: New files, containing the Adobe engine.
* include/freetype/fterrdef.h (FT_Err_Missing_Property): New error
code.
* include/freetype/ftmodapi.h (FT_Property_Set, FT_Property_Get):
New API.
* include/freetype/internal/services/svprop.h: New file.
* include/freetype/internal/ftserv.h (FT_SERVICE_PROPERTIES_H): New
macro.
* src/base/ftobjs.c: Include FT_SERVICE_PROPERTIES_H.
(ft_property_do, FT_Property_Set, FT_Property_Get): New functions.
Previously, FreeType misleadingly returned
FT_Err_Unknown_File_Format if a module was missing (or a test was
missing completely).
* include/freetype/fterrdef.h (FT_Err_Missing_Module): Define.
* src/cff/cffobjs.c (cff_face_init), src/cid/cidobjs.c
(cid_face_init), src/sfnt/sfobjs.c (sfnt_init_face),
src/truetype/ttobjs.c (tt_face_init), src/type1/t1objs.c
(T1_Face_Init), src/type42/t42objs.c (T42_Face_Init,
T42_Driver_Init): Updated.
* src/type1/t1afm.c (T1_Read_Metrics), src/type/t1objs.c
(T1_Face_Init), src/type42/t42objs.c (T42_Face_Init): Remove now
redundant test for `psaux'.
Too serious check of errors by `FT_CMap_New' since 2010-07-04
is fixed. Reported by Tor Andersson.
* include/freetype/fterrdef.h
(PSnames_Err_No_Unicode_Glyph_Name): New error code to
indicate the Unicode charmap synthesis failed because
no Unicode glyph name is found.
* src/psnames/psmodule.c (ps_unicodes_init): Return
PSnames_Err_No_Unicode_Glyph_Name when no Unicode glyph name
is found in the font.
* src/cff/cffcmap.c (cff_cmap_unicode_init): Return
CFF_Err_No_Unicode_Glyph_Name when no SID is available.
* src/type1/t1objs.c (T1_Face_Init): Proceed if `FT_CMap_New'
is failed by the lack of Unicode glyph name.
* src/type42/t42objs.c (T42_Face_Init): Ditto.
* src/cff/cffobjs.c (cff_face_init): Ditto.
* include/freetype/fterrdef.h
(BDF_Err_Missing_Fontboundingbox_Field): New error code.
* src/bdf/bdflib.c (_bdf_parse_start): Check for missing
`FONTBOUNDINGBOX' field.
Avoid memory leak if there are multiple `FONT' lines (which is
invalid but doesn't hurt).
include/freetype/internal/ftmemory.h, src/base/ftdbgmem.c,
src/base/ftutil.c: udpating the memory management functions and
macros to safely deal with array size buffer overflows, this
corresponds to attemps to allocate arrays that are too large. For
an example, consider the following code:
count = read_uint32_from_file();
array = malloc( sizeof(Item) * count );
for ( nn = 0; nn < count; nn++ )
array[nn] = read_item_from_file();
if 'count' is larger than FT_UINT_MAX/sizeof(Item), the multiplication
will overflow and the array allocated will be smaller than the data
read from the file. In this case, the heap will be trashed, and this
can be used as a denial-of-service, or make the engine crash later.
the FT_ARRAY_NEW and FT_ARRAY_RENEW macro now check that the new
count is no more than FT_INT_MAX/item_size, otherwise, a new error,
named 'FT_Err_Array_Too_Large' will be returned.
note that the memory debugger now works again when FT_DEBUG_MEMORY
is defined, and FT_STRICT_ALIASING has disappeared, the corresponding
code being now the default.
face->cid_stream so that we can deallocate it safely.
Make the PS parser more tolerant w.r.t. non-standard font data. In
general, an error is only reported in case of a syntax error; a
wrong type is now simply ignored (if possible). To be independent
of the order of various MM-specific keywords, the parse_shared_dict
routine has been removed -- the PS parser is now capable to skip
this data. It no longer fails on parsing e.g.
dup /WeightVector exch def
Since the token following /WeightVector isn't `[' (starting an
array) it is simply ignored.
* include/freetype/fterrdef.h: Define `FT_Err_Ignore' (0xA2) as a
new internal error value.
* src/type1/t1load.c (parse_blend_axis_types,
parse_blend_design_positions, parse_blend_design_map): Return
T1_Err_Ignore if no proper array is following the keyword.
(parse_weight_vector): Use T1_ToTokenArray, initializing `blend'
structure, if necessary.
Return T1_Err_Ignore if no proper array is following the keyword.
(parse_shared_dict): Removed.
(parse_encoding): Set parser->root.error to return T1_Err_Ignore
if no result can be obtained.
Check for errors before accessing `elements' array.
(t1_keywords): Remove /shareddict.
(parse_dict): Reset error if t1_load_keyword returns T1_Err_Ignore.
Set keyword_flag only in case of success.
Check error code if skipping an unrecognized token.
(T1_Open_Face) [!T1_CONFIG_OPTION_NO_MM_SUPPORT]: Call T1_Done_Blend
if blend commands haven't set up a proper MM font.
* src/psaux/psobjs.c (ps_parser_load_field_table): Remove special
code for synthetic fonts.
Return PSaux_Err_Ignore if no proper value has been found.
(parse_font_matrix): Remove unnecessary code.
(parse_sfnts): Initialize some variables.
(t42_driver_class) [TT_CONFIG_OPTION_BYTECODE_INTERPRETER]: Use
ft_module_driver_has_hinter conditionally.
Moved some type 42 specific structure definitions to...
* include/freetype/internal/t42types.h: New file.
* include/freetype/internal/internal.h (FT_INTERNAL_T42_TYPES_H):
New macro.
* include/freetype/cache/ftcsbits.h (FTC_SBit): Added a new field
`num_grays' for specifying the number of used gray levels.
* src/cache/ftcsbits.c (ftc_sbit_node_load): Initialize it.
Adding a driver for BDF fonts written by Francesco Zappa Nardelli
<Francesco.Zappa.Nardelli@ens.fr>. Heavily modified by me to
better adapt it to FreeType, removing unneeded stuff. Additionally,
it now supports Mark Leisher's BDF extension for anti-aliased
bitmap glyphs with 2 and 4 bpp.
* src/bdf/*: New driver.
* include/freetype/internal/bdftypes.h: New file.
* include/freetype/internal/fttrace.h: Added BDF driver components.
* include/freetype/fterrdef.h: Added error codes for BDF driver.
* include/freetype/config/ftmodule.h, src/Jamfile: Updated.
* include/freetype/internal/internal.h (FT_INTERNAL_BDF_TYPES_H):
New macro.
* include/freetype/config/ftstdlib.h (ft_sprintf): New alias for
sprintf.
* include/freetype/internal/fttrace.h: Added Type 42 driver
component.
* src/type42/t42drivr.c: Use it.
* include/freetype/internal/internal.h (FT_INTERNAL_PCF_TYPES_H):
New macro.
FT_LOCAL and FT_LOCAL_DEF, respectively, as with other ftconfig.h
files.
* builds/unix/ftconfig.in: Add argument to FT_LOCAL and
FT_LOCAL_DEF.
* src/truetype/ttinterp.c: s/FT_Assert/FT_ASSERT/.
* builds/unix/configure.ac: Temporarily deactivate creation of
../../Jamfile.
* builds/unix/configure: Updated.