Commit Graph

5607 Commits

Author SHA1 Message Date
Werner Lemberg 4908c1e84d * src/cid/cidgload.c (cid_load_glyph): Fix compiler warnings. 2023-04-28 06:54:25 +02:00
Werner Lemberg 13df1c7d29 Minor documentation updates. 2023-04-28 06:39:32 +02:00
Werner Lemberg 9a3d05d980 * src/ttgxvar.c: Minor changes.
(TT_Get_MM_Var): Improve tracing messages.
(tt_set_mm_blend): Minor speed-up.
2023-04-27 06:24:48 +02:00
Werner Lemberg cfe54d6ac3 s/this is,/that is,/ 2023-04-27 06:24:48 +02:00
Alexei Podtelezhnikov 7ab541a28b [bdf] Clean up the atom property parsing.
* src/bdflib.c (bdf_is_atom_): Refactor code with fewer checks.
(bdf_list_join_): Return NULL.
(bdf_add_comment_): Use const argument.
(bdf_get_property): Ditto, ditto, make the function static.
* src/bdf.h (bdf_get_property): Remove prototype.
2023-04-26 23:15:24 -04:00
Werner Lemberg 0a3836c97d Improve/add source comments and documentation. 2023-04-25 11:47:18 +02:00
Werner Lemberg 40676afc4c [sfnt] Fix handling of PS names for Variation Fonts.
* src/sfnt/sfdriver.c (get_win_string, get_apple_string): Continue
construction of string if an invalid character is encountered.

Fixes #1218.
2023-04-25 11:47:18 +02:00
suzuki toshiya f312b3402a [t1cid] Change the trace messages of the charstrings retrieval errors.
The t1cid driver catches 3 types of errors in
the charstrings retrieval;
A) The invalid FD number, there are 2 subtypes;
  A-1) FD number is the maximum number fitting to FDBytes.
  A-2) FD number is greater than num_dicts.
B) Declared length is overrunning.
C) Declared length is invalid (its end is before its head).

Considering that some widely distributed fonts
(e.g., "CJKV" book by O'Reilly) have A-1 errors
in the unimplemented glyphs, the trace level for
A-1 is calmed to level 1.

The errors A-2, B, and C would be irregular;
their trace levels are kept at level 0, but
the updated trace messages include the CID number.
2023-04-24 14:06:09 +09:00
suzuki toshiya 9806414c15 [truetype] Fix `make multi'.
* src/truetype/ttgxvar.c: Include freetype/internal/services/svmetric.h
for the FT_Service_MetricsVariations type definition.
2023-04-24 13:36:30 +09:00
Ben Wagner c4fe77c3f0 [truetype] tt_size_reset_height to take FT_Size
The `MetricsVariations` `FT_Size_Reset_Func` is defined to take an
`FT_Size`. Because `tt_size_reset_height` is to be used as such a
function, it must also take an `FT_Size` instead of a `TT_Size`. Even
though the pointers passed will be the same at runtime, calling a
function through a pointer of a different type from the original
function pointer type is undefined behavior. This may be caught at
runtime by Control Flow Integrity with something like clang's
`cfi-icall`.

Issue: https://crbug.com/1433651

* src/truetype/ttobjs.h (tt_size_reset_height): take `FT_Size`

* src/truetype/ttobjs.c (tt_size_reset_height): take `FT_Size` and
update documentation
2023-04-17 12:32:04 -04:00
Werner Lemberg ea9fca0add * src/truetype/ttinterp.c: Remove outdated comments. 2023-04-13 06:34:32 +02:00
Ben Wagner e78e2d29a9 [sfnt, truetype] Add `size_reset` to `MetricsVariations`.
This is a generalization of commit

```
commit e6699596af
Author: Werner Lemberg <wl@gnu.org>
Date:   Thu Feb 2 11:38:04 2017 +0100

    [truetype] Fix MVAR post-action handling.
```

It is also possible for plain `CFF ` style fonts to contain an `fvar` and
`MVAR` table and use `cff_metrics_adjust`.  `tt_size_reset` should only be
called with `TT_Size` and never with `CFF_Size`.

Allow the "metrics-variations" service to specify the correct function (if
any) to reset `FT_Size`s after adjusting metrics.

* src/truetype/ttobjs.c (tt_size_reset): Split off some functionality
into...
(tt_size_reset_height): ... this new function.

* src/truetype/ttdriver.c (tt_service_metrics_variations): Add
`size_reset`.
(tt_size_select, tt_size_request): Updated.

* src/truetype/ttobjs.h: Updated.

* include/freetype/internal/services/svmetric.h (MetricsVariations): Add
`size_reset`.
(FT_DEFINE_SERVICE_METRICSVARIATIONSREC): Updated.

* include/freetype/internal/tttypes.h (TT_FaceRec_): Rename `var` to
`tt_var` and add `face_var`.

* src/cff/cffdrivr.c (cff_service_metrics_variations): Add `size_reset`.
(cff_hadvance_adjust, cff_metrics_adjust): Updated.

* src/cff/cffobjs.c (cff_face_init): Use `face_var`.

* src/sfnt/sfobjs.c (sfnt_init_face): Initialize `face_var`.

* src/sfnt/ttmtx.c (tt_face_get_metrics): Use `tt_var`.

* src/truetype/ttgxvar.c (tt_size_reset_iterator): Renamed to...
(ft_size_reset_iterator): ... this new function.
Call `size_reset`.
(tt_apply_mvar): Pass `size_reset` to `ft_size_reset_iterator`.

Fixes #1211
2023-04-11 10:20:58 +02:00
Alexei Podtelezhnikov e77d8ba87c * src/cff/cffcmap.c (cff_cmap_encoding_char_next): Abbreviate. 2023-04-10 15:17:17 -04:00
Alexei Podtelezhnikov 1a4c18f7cb Align `char_next` return types.
This is mostly cosmetic because FT_UInt and FT_UInt32 are likely identical.

* src/sfnt/ttcmap.c, src/cff/cffcmap.c, src/psaux/t1cmap.c,
src/psnames/psmodule.c, include/freetype/internal/service/svpcsmap.h,
src/pfr/pfrcmap.c, src/winfonts/winfnt.c (*_char_next): return FT_UInt.
2023-04-10 15:30:43 +00:00
Alexei Podtelezhnikov d25444333c [sfnt] Clean up CMAP{4,12,13} handling.
This moves the charcode overflow checks upstream and turns some
while-loops into the do-while ones to avoid the uninitialized warnings.
This should slightly reduce the number of checks and jumps.

* src/sfnt/ttcmap.c (tt_cmap{4,12,13}_next,
tt_cmap{4.12.13}_char_map_linear): Remove the charcode overflow check.
(tt_cmap{4,12,13}_char_map_binary): Ditto and use do-while.
(tt_cmap{12,13}_char_next): Add the overflow check.
2023-04-08 23:15:41 -04:00
Alexei Podtelezhnikov b0a4f99278 * src/sfnt/ttpost.c (load_format_25): Do not abort frame reading. 2023-04-02 22:45:48 -04:00
Alexei Podtelezhnikov 340767bf85 * src/sfnt/ttpost.c (load_format_*): Streamline frame reading. 2023-04-02 22:00:59 -04:00
Alexei Podtelezhnikov 311b78fa12 * src/sfnt/ttpost.c: Formatting and comments. 2023-04-02 09:24:16 -04:00
Alexei Podtelezhnikov 8f7b145524 [sfnt] Consolidate POST version 2.0 and 2.5 (pt 2).
* src/sfnt/ttpost.c (load_format_20, load_format_25): Update arguments
and move shared calls and checks upstream to...
(load_post_names): ... this function.
(tt_face_free_ps_names, tt_face_get_ps_name): Updated.
2023-04-01 23:37:51 -04:00
Alexei Podtelezhnikov 9597a62bac [sfnt] Consolidate POST version 2.0 and 2.5 (pt 1).
The deprecated POST version 2.5 can be handled using the data
structures of version 2.0.  The goal is to reduce the footprint.

* include/freetype/internal/tttypes.h (TT_Post_Names): Absorb and...
(TT_Post_20, TT_Post_25): ... remove these structures.
src/sfnt/ttpost.c (load_post_names, tt_face_get_ps_name,
tt_face_free_ps_names, load_format_20): Updated accordingly.
(load_format_25): ditto and convert offsets to glyph indices.
2023-04-01 22:34:30 -04:00
Alexei Podtelezhnikov 6d7b8b22c4 [sfnt] Miscellaneous POST clean-ups.
* src/sfnt/ttpost.c (load_format_20): Decrease casts.
(load_format_25): Check the table length and impose a theoretical
glyph number limit usable with 8-bit offset.  Decrease casts.
(load_post_names): Pass the mapping data length without 2 bytes.
2023-03-31 23:17:46 -04:00
Alexei Podtelezhnikov 0db6997026 * src/sfnt/ttpost.c (load_format_20): Simplify comutations. 2023-03-30 09:06:35 -04:00
Alexei Podtelezhnikov 4679fcb666 [sfnt] Streamline POST format 2.0 handing (cont'd).
* src/sfnt/ttpost.c (load_format_20): Co-allocate the string data and
their pointers, which makes it easier to handle and free them.
(tt_face_free_ps_names): Updated.
* include/freetype/internal/tttypes.h (TT_Post_20): Update type.
2023-03-29 00:21:00 -04:00
Alexei Podtelezhnikov 4d8db130ea [cff] Simplify `t2_strings` management in the old engine.
* src/cff/cffparse.c (cff_parser_run): Allocate the charstring buffers
and the list nodes together so that they can be freed at once.
(finalize_t2_strings): Removed as no longer needed.
(cff_parser_done): Updated.
2023-03-20 16:53:51 -04:00
Alexei Podtelezhnikov 4f0a55d15e [cff] Rework the stream limit checks.
The old stream limit checks, before 6986ddac1e, were good but
pointless for the crafted t2_strings.  Checking limits there is
not necessary as they are created to hold all data.  By using two
conditions, we can detect the actual crossing of the stream boundary
as appropriate for the stream pointer only.  The t2_strings parsing
will not be triggering these checks.

* src/cff/cffparse.c (cff_parser_within_limits): Removed.
(cff_parse_real, cff_parse_integer): Redesign the stream limit check.
(cff_parse_num, do fixed, cff_parse_fixed_dynamic): Update callers.
2023-03-19 10:13:52 -04:00
Alexei Podtelezhnikov 8fc6df1028 * src/truetype/ttgload.c (TT_Load_Simple_Glyph): Use for-loop.
Even though we never call `TT_Load_Simple_Glyph` with zero contours,
out of abundance of precaution, let's handle this case properly.
2023-03-17 23:35:10 -04:00
Alexei Podtelezhnikov ef63669652 [truetype] Clean up zeroing and local variables.
* src/truetype/ttgload.c (TT_Process_Simple_Glyph): Avoid zeroing.
(load_truetype_glyph): Avoid zeroing and clean local variables.
2023-03-17 23:25:45 -04:00
Alexei Podtelezhnikov dd78d4a774 * src/base/ftsynth.c (FT_GlyphSlot_AdjustWeight): New API. 2023-03-16 03:28:59 +00:00
Alexei Podtelezhnikov 764bc8e41c [truetype] Clean up glyph loading.
* src/truetype/ttgload.c (TT_Load_Simple_Glyph): Clean space checking.
(TT_Hint_Glyph): Don't copy the outline structure.
(TT_Process_Simple_Glyph): Cosmetic update.
2023-03-15 23:18:18 -04:00
Alexei Podtelezhnikov e71647621c * src/truetype/ttgload.c (TT_Load_Simple_Glyph): Clean up. 2023-03-15 18:48:27 +00:00
Alexei Podtelezhnikov b9376065d6 [truetype] Fix recent fallout in memory management.
* src/truetype/ttgload.c (TT_Process_Composite_Glyph,
TT_Load_Simple_Glyph): Clean up old instructions regardless of
new ones, postpone setting `control_len` and `control_data` until...
(TT_Load_Glyph): ... the exit from this function.
2023-03-10 23:41:39 -05:00
Alexei Podtelezhnikov 49c74ac021 * src/truetype/ttgload.c (TT_Hint_Glyph): Mostly cosmetic update.
The number of instructions is now taken from the executed context.
Technically, this means that `control_len` and `control_data`
values are no longer _used_ internally but only expose them.
2023-03-09 22:37:03 -05:00
Werner Lemberg bd6208b712 apinames.c: Add comment. 2023-03-08 10:49:42 +01:00
Werner Lemberg d5c6b948ac [gzip] File `infback.c` is not needed.
* src/gzip/infback.c: Remove.
* src/gzip/rules.mk (GZIP_DRV_SRCS): Updated.
2023-03-07 08:55:58 +01:00
Werner Lemberg 092f9d9874 [apinames] Fix VMS handling of overly long function names.
Based on ideas from Jouk Jansen <joukj@hrem.nano.tudelft.nl>.

* src/tools/vms_shorten_symbol.c: New file, taken from

  https://sourceforge.net/p/vms-ports/vmsshortsym/ci/default/tree/vms_shorten_symbol.c

with some minor edits to allow compilation with C++ and being included in
another source code file.

* src/tools/apinames.c: Include `vms_shorten_symbol.c`.
(PROGRAM_VERSION): Set to '0.5'.
(names_dump) [OUTPUT_VMS_OPT]: Call `vms_shorten_symbol` to get unique function
identifiers not longer than 31 characters.
2023-03-07 07:28:32 +01:00
Werner Lemberg 72a8d65218 * src/tools/apinames.c (panic): Accept variable number of arguments. 2023-03-07 07:16:59 +01:00
Alexei Podtelezhnikov b3250f367a * src/truetype/ttgload.c (TT_Process_Composite_Glyph): Fix leak too. 2023-03-06 23:53:42 -05:00
Alexei Podtelezhnikov b36193d025 * src/truetype/ttgload.c (TT_Load_Simple_Glyph): Triage memory leak.
This leak has been introduced in the previous commit and immediately
detected:
  https://chromium-review.googlesource.com/c/chromium/src/+/4313202
2023-03-06 22:48:21 -05:00
Alexei Podtelezhnikov de94e2cbfb [truetype] Simplify memory management.
Instead of using `Update_Max`, switch to regular FreeType memory
allocation macros, stop pre-allocating the glyph instruction arrays.

* src/truetype/ttgload.c (TT_Load_Simple_Glyph,
TT_Process_Composite_Glyph): Switch to regular memory allocation.
* src/truetype/ttinterp.c (Update_Max): Removed.
(TT_Load_Context): Reallocate stack and free old instructions.
(Modify_CVT_Check, Ins_WS): Switch to regular memory allocation.
* src/truetype/ttinterp.h (Update_Max): Removed.
2023-03-06 16:23:14 -05:00
Alexei Podtelezhnikov fc01e7dd67 Fix a couple of MSVC warnings.
* src/base/ftcalc.c (FT_MulAddFix): Add cast.
* src/sfnt/ttcolr.c (tt_face_get_colorline_stops, read_paint): Ditto.
2023-03-05 22:05:24 -05:00
Alexei Podtelezhnikov c4b5127b74 * src/cff/cffparse.c (cff_parser_run): Thinko. 2023-03-05 00:31:58 -05:00
Alexei Podtelezhnikov de6002203b [cff] Clean up CharString number encoding.
* src/cff/cffparser.c (cff_parser_run): Work with signed numbers.
2023-03-04 23:49:49 -05:00
Alexei Podtelezhnikov 51c1705477 * src/cff/cffparse.c (cff_parser_run): Fix variable type. 2023-03-04 23:32:50 -05:00
Alexei Podtelezhnikov a2b8937d47 [cff] Clean up memory management in the old engine.
* src/cff/cffparse.c (finalize_t2_strings): Fix NULL-dereferencing
in the out-of-memory situation, use `FT_FREE`.
(cff_parser_run): Use FreeType memory allocation macros and avoid
uninitialized pointers.
2023-03-04 14:00:52 -05:00
Alexei Podtelezhnikov 29578f75c3 * src/cff/cffobjs.c (cff_size_init): Synonymous change. 2023-03-04 13:39:27 +00:00
Alexei Podtelezhnikov 7ae20e55c9 * src/sfnt/sfobjs.c (sfnt_load_face): Shorten de-referencing. 2023-03-03 22:41:09 -05:00
Alexei Podtelezhnikov 49eac0da0c [pfr] Shorten de-referencing.
* src/pfr/pfrobjs.c (pfr_face_done, pfr_face_init): Use closer `memory`.
* src/pfr/pfrgload.c (pfr_glyph_load_compound): Remove `loader`.
2023-03-03 22:10:50 -05:00
Alexei Podtelezhnikov 2adef94f43 * src/cff/cffobjs.c (cff_size_get_globals_funcs): Shorten de-referencing. 2023-03-03 18:40:48 +00:00
Alexei Podtelezhnikov 5ac6276af1 [cff,cid,type1] Shorten de-referencing.
* src/cff/cffobjs.c (cff_clot_init): Use immediate library reference.
* src/cid/cidobjs.c (cid_slot_init): Ditto.
* src/type1/t1objs.c (T1_GlyphSlot_Init): Ditto.
2023-03-03 17:21:10 +00:00
Ben Wagner 09b326fa2b Avoid strtol on non-null-terminated data.
Technically, `strtol` can only be used with C strings terminated with
`\0`.  CID data is not generally null-terminated and often does not
contain a `\0` if it is hex-encoded.  AddressSanitizer with `ASAN_OPTIONS`
containing `strict_string_checks=1` verifies this by using an adversarial
`strtol` that always reads to the terminating `\0`.

To avoid undefined behavior from `strtol` in `cid_parser_new`, use the
parser to parse the tokens instead of attempting to parse them ad-hoc.
This will internally use `PS_Conv_Strtol` to parse the integer, which
respects the parser's limits and directly implements the PostScript
parsing rules for integers.

* src/cid/cidparse.c (cid_parser_new): Use the parser to parse the
tokens.

Fixes: https://bugs.chromium.org/p/chromium/issues/detail?id=1420329
2023-03-02 20:56:41 +01:00