Commit Graph

4742 Commits

Author SHA1 Message Date
Werner Lemberg ba62f9d8f5 [cff] Fix numeric overflow.
Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10988

* src/cff/cffparse.c (cff_parser_run)
[CFF_CONFIG_OPTION_OLD_ENGINE]: Use `NEG_LONG'.
2018-10-29 21:11:36 +01:00
Alexei Podtelezhnikov 3e8ec291ff [sfnt] Make `head' timestamps unsigned.
It's been more than 2^31 seconds since 1904.

* include/freetype/tttables.h (TT_Header): Change field types.
* src/sfnt/ttload.c (tt_face_load_generic_header): Updated.
2018-10-26 23:23:48 -04:00
Alexei Podtelezhnikov d71f2bc159 Revert "Align FreeType with standard C memory management."
This reverts commit 877aa1b2cc.
2018-10-26 22:52:25 -04:00
Werner Lemberg bfe5329475 [psaux] Fix numeric overflow.
Triggered by

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11157

* src/psaux/cffdecode.c (cff_decoder_parse_charstrings) <cff_op_blend>
[CFF_CONFIG_OPTION_OLD_ENGINE]: Fix integer overflow.
2018-10-27 00:07:53 +02:00
Werner Lemberg f56830ed40 Avoid endless loop while tracing (#54858).
* src/type1/t1load.c (parse_buildchar): Guard tracing stuff with
FT_DEBUG_LEVEL_TRACE.
2018-10-20 07:27:47 +02:00
Werner Lemberg 912e174c66 A missing Unicode cmap is not a fatal error.
This is a follow-up to the previous commit.

* src/cff/cffobjs.c (cff_face_init), src/sfnt/sfobjs.c
(sfnt_load_face), src/type1/t1objs.c (T1_Face_Init),
src/type42/t42objs.c (T42_Face_Init): Implement it.
2018-10-07 09:28:52 +02:00
Werner Lemberg 885f5b0b4e Fix handling of FT_CONFIG_OPTION_ADOBE_GLYPH_LIST (#54794).
* src/cff/cffcmap.c (cff_cmap_unicode_init), src/psaux/t1cmap.c
(t1_cmap_unicode_init), src/sfnt/ttcmap.c (tt_cmap_unicode_init):
Check `unicodes_init' field.
2018-10-07 09:03:05 +02:00
Werner Lemberg 0a178144e8 Whitespace. 2018-10-07 08:59:56 +02:00
Werner Lemberg f262d15d0a Minor comment improvement. 2018-10-07 07:40:37 +02:00
Werner Lemberg 9817571cc9 [ftgrays] Fix typo in stand-alone mode (#54771).
* src/smooth/ftgrays.c (FT_THROW) [STANDALONE_ &&
FT_DEBUG_LEVEL_TRACE]: Fix call to `FT_ERR_CAT'.
2018-10-03 08:04:55 +02:00
Werner Lemberg d280ae1e8c [psaux] Fix segfault.
Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10768

* src/psaux/cffdecode.c (cff_decoder_parse_charstrings)
<cff_op_callothersubr> [CFF_CONFIG_OPTION_OLD_ENGINE]: Check
argument.
2018-10-02 20:45:16 +02:00
Werner Lemberg 6b660f1215 [psaux] Fix numeric overflow.
Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10768

* src/psaux/cffdecode.c (cff_decoder_parse_charstrings) <cff_op_roll>
[CFF_CONFIG_OPTION_OLD_ENGINE]: Use NEG_INT.
2018-10-02 16:48:59 +02:00
Werner Lemberg 83fc524dfc [pshinter] Handle numeric overflow.
Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10550

* src/pshinter/pshglob.c (psh_blues_snap_stem): Mask numeric
overflow.
2018-10-02 16:36:49 +02:00
Alexei Podtelezhnikov 877aa1b2cc Align FreeType with standard C memory management.
* include/freetype/ftsystem.h: Include FT_TYPES_H.
(*FT_Alloc_Func, *FT_Realloc_Func): Use size_t for the size arguments.
* src/raster/ftmisc.h: Ditto.

* builds/amiga/src/base/ftsystem.c, builds/unix/ftsystem.c,
* builds/vms/ftsystem.c, src/base/ftsystem.c (ft_alloc, ft_realloc):
Use size_t for the size arguments.

* src/base/ftdbgmem.c (ft_mem_debug_alloc, ft_mem_debug_realloc): Use
FT_Offset, aka size_t, for the size arguments.
2018-09-27 21:17:36 -04:00
Alexei Podtelezhnikov 4500c701c2 Typo. 2018-09-26 22:04:50 -04:00
Werner Lemberg a9af691481 Fix handing of `FT_Bool'.
Before this commit we had code like

  (FT_Bool)( globals->glyph_styles[gindex] & 0x8000)

Since `FT_Bool' is defined to be an `unsigned char', the code
evaluated to something like

  (unsigned char)( 0x8532 & 0x8000)

which in turn expanded to

  (unsigned char)( 0x8000)

and finally yielded 0x00 – i.e., false – not as expected.

Problem reported and analyzed by Tony Smith <tony.smith@macro4.com>.

* include/freetype/fttypes.h (FT_BOOL): Add a comparison against
zero so that we always have a Boolean expression.

*/*: Replace castings to `FT_Bool' with calls to `FT_BOOL' where
possible.
2018-09-25 09:10:09 +02:00
Alexei Podtelezhnikov 0f122fef34 [bdf] Speed up charmap access.
This makes FT_Get_Char_Index and FT_Get_Next_Char 4-5 times faster.

* src/bdf/bdfdrivr.c (bdf_cmap_char_{index,next}): Help binary search
with continuous prediction.
2018-09-23 21:46:26 -04:00
Alexei Podtelezhnikov 793a9ff9f5 * src/base/ftobjs.c (ft_glyphslot_reset_bimap): Another tweak.
This one should be clearer. When the rounded monochrome bbox collapses
we add a pixel that covers most if not all original cbox.
2018-09-22 14:38:00 -04:00
Alexei Podtelezhnikov f26d57753f * src/base/ftobjs.c (ft_glyphslot_reset_bimap): Further tweak. 2018-09-21 20:34:58 -04:00
Ben Wagner 335528e11e Improve auto-hinter handling of bitmap fonts (#54681).
For bitmap fonts, `FT_Load_Glyph' should either return an error or
not set the format to `FT_GLYPH_FORMAT_OUTLINE'.  However, in this
case `FT_Load_Glyph' calls into the auto-hinter which calls back
into `FT_Load_Glyph' with `FT_LOAD_NO_SCALE' in the flags, which
marks the glyph as `FT_GLYPH_FORMAT_OUTLINE' with an empty path
(even though it doesn't have any path).  It appears that the
auto-hinter should not be called when the face doesn't have
outlines.  The current test for using the auto-hinter in
`FT_Load_Glyph' checks if the driver supports scalable outlines, but
not if the face supports scalable outlines.

* src/base/ftobjs.c (FT_Load_Glyph): Directly check whether we have
scalable outlines.
2018-09-21 11:27:50 +02:00
Werner Lemberg c168cc3b1b [raster] Fix disappearing vertical lines (#54589).
* src/raster/ftraster.c (Vertical_Sweep_Span): Handle special case
where both left and right outline exactly pass pixel centers.
2018-09-21 11:09:27 +02:00
Werner Lemberg 493aa68f5c [base] Some comments. 2018-09-21 08:32:22 +02:00
Alexei Podtelezhnikov 2a9850c4fc * src/base/ftobjs.c (ft_glyphslot_reset_bimap): Tiny rounding tweak.
This adds pixels in case a contour goes through the center
and they need to be turned on in the b/w rasterizer.
2018-09-20 22:40:32 -04:00
Alexei Podtelezhnikov c1b21f47b4 [pcf] Replace charmap implementation.
PCF comes with charmap lookup table, aka PCF encodings.  Using it
directly makes FT_Get_Char_Index and FT_Get_Next_Char 4-5 times
faster than the original BDF-like binary searches.

* src/pcf/pcf.h (PCF_EncodingRec): Removed.
(PCF_FaceRec): Remove `nencodings' and `encodings'.
* src/pcf/pcfdrivr.c (pcf_cmap_char_{index,next}): Replaced.
* src/pcf/pcfread.c (pcf_get_encodings): Store data differently.
2018-09-20 22:14:46 -04:00
Werner Lemberg 8e95068053 [base] Remove unused function `FT_GlyphLoader_CopyPoints'.
* include/freetype/internal/ftgloadr.h, src/base/ftgloadr.c
(FT_GlyphLoader_CopyPoints): Do it.
2018-09-20 06:26:34 +02:00
Alexei Podtelezhnikov 7f93c977e7 [pcf] Prepare to replace charmap implementation.
* src/pcf/pcf.h (PCF_Face): Updated to include...
(PCF_EncRec): ... this new structure to store charmap geometry.

* src/pcf/pcfread.c (pcf_get_encodings): Store charmap geometry.
2018-09-19 22:45:45 -04:00
Alexei Podtelezhnikov d629c2ba24 Remove unused fields.
* src/pcf.h (PCF_FaceRec): Remove `charmap' and `charmap_handle'.
* src/bdfdrvr.h (BDF_FaceRec): Ditto.
* src/winfonts/winfnt.h (FNT_FaceRec): Ditto.
2018-09-18 17:11:48 -04:00
Werner Lemberg dfddc2d975 [pshinter] Handle numeric overflow.
Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10396

* src/pshinter/pshglob.c: Include FT_INTERNAL_CALC_H.
(psh_blues_snap_stems): Mask numeric overflow.
2018-09-17 08:03:57 +02:00
Werner Lemberg de0aabcd0d [sfnt] Comment fix. 2018-09-15 06:14:18 +02:00
Werner Lemberg 10e54d04b9 [truetype] Some fixes for VF checks.
Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10317

* src/truetype/ttgxvar.c (ft_var_load_gvar): Properly exit memory
frame if we have invalid glyph variation data offsets.
(tt_face_vary_cvt): Protect against missing `tuplecoords' array.
Fix typo.
2018-09-13 21:47:35 +02:00
Werner Lemberg 7665914ccd * src/sfnt/sfdriver.c (sfnt_get_var_ps_name): Fix last commit. 2018-09-13 08:58:49 +02:00
Werner Lemberg a5818ed1e1 * src/sfnt/sfdriver.c (sfnt_get_var_ps_name): Check `result'.
Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10316
2018-09-13 08:46:44 +02:00
John Tytgat 6b53300b01 [sfnt] Better PS name handling (#54629).
* src/sfnt/sfdriver (IS_WIN, IS_APPLE): Omit language ID checks.
(get_win_string, get_apple_string): Return NULL when the PostScript
font name characters is not according to specification.
(get_win_string): Make trace output work if the high byte if
non-zero.
(sfnt_get_var_ps_name, sfnt_get_ps_name): Previously we preferred
Win PS name (when there is also an Apple PS name); change this into
a fallback to Apple PS name in case the Win PS name is invalid.
2018-09-12 08:08:09 +02:00
Werner Lemberg 65681e6dc1 [truetype] Improve VF check.
Triggered by

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10255

* src/truetype/ttgxvar.c (ft_var_load_gvar): Use better limit check
for `tupleCount'.
2018-09-12 07:40:49 +02:00
Werner Lemberg 53c5e4bd87 * src/truetype/ttgxvar.c (ft_var_load_gvar): Check `glyphoffsets'. 2018-09-12 07:27:30 +02:00
Armin Hasitzka 7b855ed9cf * src/pshinter/pshrec.c (t2_hints_stems): Mask numeric overflow.
Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10215
2018-09-10 23:41:04 +01:00
Werner Lemberg fea435fbf8 [sfnt] Comment improvement. 2018-09-09 09:46:29 +02:00
Werner Lemberg 1c04eed76f [truetype] Fix assertion failure.
Triggered by

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10212

* src/truetype/ttgload.c (load_truetype_glyph): Reintroduce
`opened_frame' (removed in a change from 2018-08-26) to handle
dealloation of the second frame.
2018-09-07 06:40:55 +02:00
Werner Lemberg 76a52465c1 */*: s/PSNames/psnames/.
Only tracing messages are affected.
2018-09-03 09:08:47 +02:00
Werner Lemberg 475f6d25cb [sfnt] Fix heap buffer overflow in CPAL handling.
* src/sfnt/ttcpal.c (tt_face_palette_set): Fix boundary test.
(tt_face_load_cpal): Updated.
2018-09-03 09:00:58 +02:00
Werner Lemberg 9be656bb0c Remove `FT_Outline_{New,Done}_Internal'.
These public API functions(!) were always undocumented and have
escaped all clean-up efforts until now.

* include/freetype/ftoutln.h (FT_Outline_New_Internal,
FT_Outline_Done_Internal): Removed.

* src/base/ftoutln.h (FT_Outline_New_Internal,
FT_Outline_Done_Internal): Merge into...
(FT_Outline_New, FT_Outline_Done): ... these functions.

* docs/README: Updated.
2018-09-01 11:04:58 +02:00
Alexei Podtelezhnikov 809d5125af * src/base/ftobjs.c (ft_glyphslot_preset_bitmap): Check glyph format. 2018-08-31 22:49:19 -04:00
Werner Lemberg c6df41e319 Whitespace. 2018-08-31 20:10:38 +02:00
Werner Lemberg 9a323e4762 * src/base/ftdebug.c (FT_Throw): Restore missing `FT_UNUSED' calls. 2018-08-31 20:09:21 +02:00
Werner Lemberg aff04e91f6 * src/base/ftdebug.c (FT_Throw): Reduce chattiness. 2018-08-31 14:57:36 +02:00
Werner Lemberg 83525bdd10 Minor comments. 2018-08-31 07:37:15 +02:00
Werner Lemberg 0d4ca13865 * src/autofit/afhints.c (af_glyph_hints_reload): Add initialization. 2018-08-31 06:53:52 +02:00
Alexei Podtelezhnikov 1dacbd893d Consolidate bitmap presetting and size assessment.
* include/freetype/internal/ftobjs.h (ft_glyphslot_preset_bitmap):
Change return type.
* src/base/ftobjs.c (ft_glyphslot_preset_bitmap): Return the bitmap
size assessment.

* src/raster/ftrend1.c (ft_raster1_render): Use it to refuse the
rendering of enourmous or far-fetched outlines.
* src/smooth/ftsmooth.c (ft_smooth_render_generic): Ditto.
2018-08-30 23:28:30 -04:00
Alexei Podtelezhnikov ca980b4cf1 * src/base/ftobjs.c (ft_glyphslot_preset_bitmap): Correct mono. 2018-08-30 21:51:18 -04:00
Armin Hasitzka d20dc3928b [errors] Introduce `FT_Error_String'.
* include/freetype/fterrors.h (FT_Error_String),
src/base/fterrors.c (FT_Error_String): Implement `FT_Error_String'.

* src/base/ftbase.c, src/base/Jamfile (_source),
src/base/rules.mk (BASE_SRC): Add `fterrors.c' to the build logic.

* src/base/ftdebug.c (FT_Throw): Use `FT_Error_String'.
2018-08-30 14:09:04 +02:00
Werner Lemberg c0ccf75012 [autofit] Trace `before' and `after' edges of strong points.
* src/autofit/afhints.h (AF_PointRec) [FT_DEBUG_AUTOFIT]: New arrays
`before' and `after'.

* src/autofit/afhints.c (af_get_strong_edge_index): New auxiliary
function.
(af_glyph_hints_dump_points): Trace `before' and `after' edges.
(af_glyph_hints_align_strong_points) [FT_DEBUG_AUTOFIT]: Set
`before' and `after' information.
2018-08-30 09:56:09 +02:00
Werner Lemberg 21c2b3905c Minor. 2018-08-30 09:52:08 +02:00
Alexei Podtelezhnikov 5d93a3fc8d [base] Overflow-resistant bitmap presetting.
* src/base/ftobjs.c (ft_glyphslot_preset_bitmap): Implement it.
2018-08-30 01:12:22 -04:00
Armin Hasitzka 934a6159ba Fix numeric overflows.
* src/pshint/pshalgo.c (psh_hint_align, psh_hint_align_light,
psh_hint_table_find_strong_points): Fix numeric overflows.

Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10083
2018-08-29 15:28:21 +02:00
Werner Lemberg 3915a18b8c [cff] Fix handling of `roll' op in old engine.
Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10080

* src/psaux/cffdecode.c (cff_decoder_parse_charstrings) <cff_op_roll>
[CFF_CONFIG_OPTION_OLD_ENGINE]: Use modulo for loop count, as
documented in the specification.
2018-08-29 06:53:54 +02:00
Werner Lemberg ae3afbc471 * src/truetype/ttobjs.c (tt_size_read_bytecode): Trace CVT values. 2018-08-26 15:40:16 +02:00
Werner Lemberg 13034e54aa * src/pshint/pshalgo.c (psh_hint_overlap): Fix numeric overflow.
Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10057
2018-08-26 12:22:51 +02:00
Werner Lemberg 4738dcc4df Minor tracing adjustments.
* src/base/ftstream.c (FT_Stream_EnterFrame, FT_Stream_ExitFrame):
Trace.

* src/truetype/ttgload.c (TT_Access_Glyph_Frame): Remove tracing.
2018-08-26 12:03:33 +02:00
Werner Lemberg 6e339b8d8e [truetype] Avoid nested frames.
Triggered by

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10054

* src/truetype/ttgload.c (load_truetype_glyph): Don't use variable
`opened_frame' to trace whether a frame must be closed at the end of
function: This fails because `TT_Vary_Apply_Glyph_Deltas' (which
gets called for space glyphs) uses a frame by itself.  Instead,
close the frame after loading the header, then use another frame for
the remaining part of the glyph later on.

Also avoid calling `tt_get_metrics' twice under some circumstances.
2018-08-26 12:01:14 +02:00
Werner Lemberg b287c80b6a Various minor clean-ups.
* src/base/ftapi.c: Remove.  Unused.
* src/base/Jamfile (_sources): Updated.

* src/base/ftstream.c (FT_Stream_ReleaseFrame): Remove redundant
code.
2018-08-26 06:39:43 +02:00
Nikhil Ramakrishnan 195728d5ba * src/tools/docmaker: Remove `docmaker'.
`Docmaker' has now upgraded to `docwriter', a pip package available at

  https://pypi.org/project/docwriter/
2018-08-25 16:18:21 +05:30
Werner Lemberg 77f0814a31 Add macros for handling over-/underflowing `FT_Int64' values.
* include/freetype/internal/ftcalc.h (ADD_INT64, SUB_INT64,
MUL_INT64, DIV_INT64) [FT_LONG64]: New macros.

* src/base/ftcalc.c (ft_corner_orientation) [FT_LONG64]: Use
`SUB_INT64' and `MUL_INT64'.

Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10028
2018-08-23 17:53:54 +02:00
Werner Lemberg 45524679c6 [truetype] Improve legibility of `glyf' parsing.
* src/truetype/ttgload.c (ON_CURVE_POINT, X_SHORT_VECTOR,
Y_SHORT_VECTOR, REPEAT_FLAG, X_POSITIVE, SAME_X, Y_POSITIVE, SAME_Y,
OVERLAP_SIMPLE): New macros.
(TT_Load_Simple_Glyph): Use new macros to make code more readable.
Remove useless adjustment of `outline->tags' elements.
2018-08-22 10:31:05 +02:00
Werner Lemberg a3e842f9c6 Minor formatting and documentation fixes. 2018-08-22 10:30:08 +02:00
Werner Lemberg 0a33b44e6e * src/sfnt/ttcpal.c (tt_face_load_cpal): Add missing safety check.
Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9981
2018-08-21 10:52:14 +02:00
Werner Lemberg 4dc0d48f7b [psaux] Avoid slow PS font parsing in case of error.
Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9955

* src/psaux/psobjs.c (ps_parser_to_bytes): Set `parser->cursor' even
in case of error to avoid potential re-scanning.
2018-08-18 14:39:20 +02:00
Werner Lemberg 2550fc75a5 [cff] Fix heap buffer overflow in old engine.
Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9967

* src/psaux/cffdecode.c (cff_decoder_parse_charstrings)
<cff_op_blend> [CFF_CONFIG_OPTION_OLD_ENGINE]: `num_designs' must be
non-zero.
2018-08-18 13:38:48 +02:00
Alexei Podtelezhnikov efa2a3babf Revert BDF copyright years. 2018-08-15 23:49:07 -04:00
Alexei Podtelezhnikov af9662e60b Ouch. BDF copyright year. 2018-08-15 22:58:11 -04:00
Alexei Podtelezhnikov 923fcbcdd8 [bdf] Don't track duplicate encodings.
There is no harm except some umbiguity in broken fonts with duplicate
encodings.

* src/bdf/bdflib.c (_bdf_parse_glyphs): Remove duplicate tracking.
(_bdf_parse_t): Remove large `have' bitfield.
2018-08-15 22:50:06 -04:00
Werner Lemberg a0dd16fb3d Don't use `trace_' prefix for FT_COMPONENT arguments.
* include/freetype/internal/ftdebug.h (FT_TRACE_COMP,
FT_TRACE_COMP_): New auxiliary macros to add `trace_' prefix.
(FT_TRACE): Use `FT_TRACE_COMP'.

*/* (FT_COMPONENT): Updated.
2018-08-15 18:13:17 +02:00
Werner Lemberg 1d7b034cd8 Use formatting string in FT_TRACEX calls for non-simple arguments.
* src/psaux/cffdecode.c (cff_decoder_parse_charstrings)
<cff_op_hstem, cff_op_hintmask, cff_op_hlineto, cff_op_vhcurveto>:
Do it.

* src/psaux/pshints.c (cf2_hintmap_build): Ditto.

* src/psaux/psintrp.c (cf2_interpT2CharString) <cf2_cmdHSTEM,
cf2_cmdVSTEM, cf2_cmdHLINETO, cf2_cmdRRCURVETO, cf2_cmdCALLSUBR,
cf2_escHSTEM3, cf2_cmdHINTMASK, cf2_cmdHVCURVETO>: Ditto.

* src/truetype/ttinterp.c (TT_RunIns): Ditto.
2018-08-14 15:56:28 +02:00
Alexei Podtelezhnikov e001a17d73 [bdf] Remove unused fields.
* src/bdf/bdf.h (bdf_font_t): Remove `nmod', `umod', and `modified',
which were set but never used.
* src/bdf/bdflib.c (_bdf_parse_{glyphs,properties}, bdf_load_font):
Updated accordingly.
2018-08-14 07:10:57 -04:00
Werner Lemberg 44db1addd8 [cff] Fix another segv in old engine.
Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9872

* src/psaux/cffdecode.c (cff_decoder_parse_charstrings)
[CFF_CONFIG_OPTION_OLD_ENGINE]: Disallow invalid T1 opcodes in
dictionaries.
2018-08-14 10:01:00 +02:00
Werner Lemberg 1937b55734 [cff] Fix missing error handling.
Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9865

* src/psaux/cffparse.c (cff_parser_run)
[CFF_CONFIG_OPTION_OLD_ENGINE]: Don't ignore return value of
`parse_charstrings_old'.
2018-08-14 07:54:25 +02:00
Alexei Podtelezhnikov ac2ea865f3 [bdf] Remove unused overflow storage.
* src/bdf/bdf.h (bdf_glyphlist_t): Remove this type.
(bdf_font_t): Remove `overflow' field.
* src/bdf/bdflib.c (bdf_free_font): Remove `overflow' freeing.
2018-08-13 21:33:24 -04:00
Werner Lemberg 757bdf1aef [cff] Fix segv.
Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9864

* src/psaux/cffdecode.c (cff_decoder_parse_charstrings)
<cff_op_random> [CFF_CONFIG_OPTION_OLD_ENGINE]: Use top dict's
`random' field directly if parsing dictionaries.
2018-08-14 02:02:26 +02:00
Alexei Podtelezhnikov f5fe6e2f17 [bdf] Use unsigned types.
* src/bdf/bdf.h (bdf_glyph_t): Unsign `encoding'.
(bdf_font_t): Unsign `default_char'.
* src/bdf/bdfdrivr.h (BDF_encoding_el): Unsign `enc'.

* src/bdf/bdflib.c (_bdf_add_property, _bdf_parse_glyphs,
_bdf_parse_start): Updated accordingly.
* src/bdf/bdfdrivr.c (bdf_cmap_char_{index,next}): Ditto.
2018-08-13 09:01:53 -04:00
Werner Lemberg 50486df1e6 * src/type42/t42parse.c (t42_parse_sfnts): One more format check.
Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9832
2018-08-13 08:46:53 +02:00
Werner Lemberg 5b904409fc * src/base/ftcalc.c (FT_Matrix_Check): Fix integer overflow.
Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9811
2018-08-11 06:41:35 +02:00
Alexei Podtelezhnikov 88c0e12109 * src/sfnt/ttsbit.c (tt_sbit_decoder_load_compound): Follow specs. 2018-08-10 21:24:40 -04:00
Ben Wagner 96b5e50090 * src/sfnt/sfobjs.c (sfnt_done_face): Fix memory leak (#54435). 2018-08-10 22:24:26 +02:00
Werner Lemberg 1aa73fa83d * src/base/ftobjs.c (FT_Render_Glyph_Internal): Improve tracing. 2018-08-10 05:41:32 +02:00
Werner Lemberg c8ef0fd07c Fix clang warnings.
* src/base/ftdebug.c (ft_trace_level_enabled,
ft_trace_level_disabled): Add `static' keyword.
2018-08-10 04:44:22 +02:00
Alexei Podtelezhnikov e16bfbec4c [raster, smooth] Reinstate bitmap size limits.
This again moves outline and bitmap size checks one level up.

* src/base/ftoutln.c (FT_Outline_Render): Explicitly reject enormous
outlines.
* src/raster/ftrend1.c (ft_raster1_render): Reject enormous bitmaps
and, therefore, outlines that require them.
* src/smooth/ftsmooth.c (ft_smooth_render_generic): Ditto.

* src/raster/ftraster.c (ft_black_render): Remove outline size checks.
* src/smooth/ftgrays.c (gray_raster_render): Ditto.
[STANDALONE]: Remove `FT_Outline_Get_CBox' copy.
2018-08-09 22:18:00 -04:00
Alexei Podtelezhnikov 6a97c95800 [pcf] Revert massive unsigning. 2018-08-08 22:17:35 -04:00
Werner Lemberg f60c98feaf [smooth] Improve tracing.
* src/smooth/ftgrays.c (gray_convert_glyph_inner): Only use tracing
if called the first time.
(gray_convert_glyph): Updated.
2018-08-08 18:15:53 +02:00
Werner Lemberg c9bbc2419a Add internal functions `FT_Trace_Disable' and `FT_Trace_Enable'.
It sometimes makes sense to suppress tracing informations, for
example, if it outputs identical messages again and again.

* include/freetype/internal/ftdebug.h: Make `ft_trace_levels' a
pointer.
(FT_Trace_Disable, FT_Trace_Enable): New declarations.

* src/base/ftdebug.c (ft_trace_levels): Rename to...
(ft_trace_levels_enabled): ... this.
(ft_trace_levels_disabled): New array.
(ft_trace_levels): New pointer.
(FT_Trace_Disable, FT_Trace_Enable): Implement.
(ft_debug_init): Updated.
2018-08-08 18:12:31 +02:00
Werner Lemberg 2e3dec5509 Debugging improvements.
* src/base/ftobjs.c (pixel_modes): Move this array to top level
from ...
(FT_Load_Glyph): ... here.
(FT_Render_Glyph_Internal): Use `width' x `height' in trace message.
Use `pixel_modes'.
2018-08-08 13:51:18 +02:00
Alexei Podtelezhnikov c633378a5e [pcf] Massive unsigning (part 2).
Treat all size related properties as unsigned values.

* src/pcf/pcf.h (PCF_ParsePropertyRec): Use unsigned `name' and
`value'.
* src/pcf/pcfread.c (pcf_get_propeerties, pcf_load_font): Updated
parsing code and handling of AVERAGE_WIDTH, POINT_SIZE, PIXEL_SIZE,
RESOLUTION_X and RESOLUTION_Y.
2018-08-08 01:21:54 -04:00
Alexei Podtelezhnikov 3d4ab6bac1 [pcf] Massive unsigning (part 1).
Unofficial specifications hesitate to use unsigned 32-bit integers.
Negative values caused a lot of trouble in the past and it is safer
and easier to treat some properties as unsigned.

* src/pcf/pcf.h (PCF_AccelRec): Use unsigned values for `fontAscent',
`fontDescent', and `maxOverlap'.
* src/pcf/pcfread.c (pcf_load_font, pcf_get_accel): Updated.
* src/pcf/pcfdrivr.c (PCF_Glyph_Load, PCF_Size_Select,
PCF_Size_Request): Updated.
2018-08-08 00:09:16 -04:00
Alexei Podtelezhnikov 705bac50d3 * src/pcf/pcfread.c (pcf_get_bitmaps): Unsign `offsets' and `bitmapSizes'. 2018-08-07 22:49:55 -04:00
Alexei Podtelezhnikov f24dbb2811 [pcf] Use unsigned types.
* src/pcf/pcf.h (PCF_Encoding): Use unsigned `enc'.
* src/pcf/pcfdrivr.c (pcf_cmap_char_{index,next}): Ditto.
* src/pcf/pcfread.c (pcf_get_encodings): Use unsigned types.
2018-08-06 04:58:18 -04:00
Werner Lemberg 720ae67f35 * src/truetype/ttgload.c (compute_glyph_metrics): Fix overflow.
Reported as

  https://bugs.chromium.org/p/chromium/issues/detail?id=777151
2018-08-05 07:21:10 +02:00
Werner Lemberg ced9c311f6 Ditto. 2018-08-04 07:03:57 +02:00
Werner Lemberg be81acc4bf * src/truetype/ttinterp.c (opcode_name): Fix typos. 2018-08-04 07:01:04 +02:00
Werner Lemberg 799d27b0b6 Fix clang warnings.
* src/base/ftoutln.c (FT_Outline_EmboldenXY): Fix type of
`orientation'.

* src/gxvalid/gxvcommn.c (gx_lookup_value_read): Fix signature.

* src/pcf/pcfread.c (pcf_get_encodings): Fix type of some variables.
Add cast.

* src/type1/t1load.c (parse_weight_vector): Fix cast.
2018-08-04 06:39:11 +02:00
Werner Lemberg 1897186fb7 * src/cid/cidtoken.h: Handle `XUID' keyword. 2018-07-31 10:48:07 +02:00
Werner Lemberg 8e57746c4b [cid] Trace PostScript dictionaries.
* src/cid/cidload.c: Include FT_INTERNAL_POSTSCRIPT_AUX_H
(cid_load_keyword, cid_parse_font_matrix, parse_fd_array,
parse_expansion_factor, cid_parse_dict): Add tracing calls.
(parse_font_name): New function to trace `/FontName' keywords in
/FDArray dict.
(cid_field_records): Register `parse_font_name'.
2018-07-31 10:46:57 +02:00
Werner Lemberg 578bcf103a [cff] Fix typo.
Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9409

* src/cff/cffdrivr.c (cff_get_cid_from_glyph_index): Fix boundary
check.
2018-07-30 11:28:04 +02:00