Commit Graph

7640 Commits

Author SHA1 Message Date
Ben Wagner 9154707f6b [truetype] Check avar_segment before access
* src/truetype/ttgxvar.c (tt_done_blend): check `avar_segment` before
accessing to free its `correspondence`.

Reported as:

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53062
2022-11-09 19:15:26 +00:00
Ben Wagner d38407f79e [truetype] Restore behavior of ft_var_load_hvvar
* src/truetype/ttgcvar.c (ft_var_load_hvvar): restore previous behavior

In a previous change [0] the behavior of `ft_var_load_hvvar` was changed
to not load the item variation store if it was at offset 0, but not
return an error when this happened. This broke any users, like
`tt_hvadvance_adjust`, that rely on successful completion of
`ft_var_load_hvvar` to imply that returned table's `itemStore` had been
initialized. This lead such users to dereference NULL.

This change appears to have been unintentional and unrelated to the
actual avar2 changes. As a result, fix these NULL dereferences by
restoring the code to always attempt to initialize the `itemStore`.

[0] ae4eb996 "[truetype] Add support for `avar` table 2.0 format."

Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53061
2022-11-09 19:02:22 +00:00
Werner Lemberg 978fdb292a docs/CHANGES: Updated. 2022-11-08 08:27:52 +01:00
suzuki toshiya bccf1cd6b4 [build] use AC_CHECK_PROG() macro for libpng-config detection
* builds/unix/configure.raw: use AC_CHECK_PROG() instead of `which` to find `libpng-config`.
2022-11-08 14:31:23 +09:00
suzuki toshiya 32cfab4be7 [build] fix for make multi
Fix "make multi" by MR !223

* include/freetype/internal/services/svmm.h: include ftmm.h to define FT_Get_MM_Func.
* src/truetype/ttgxvar.h: include ftmmtypes.h to use GX_AVarTable properly.
* src/base/ftmac.c: include ftdebug.h to use FT_THROW() properly.
2022-11-08 14:23:37 +09:00
Alexei Podtelezhnikov e00afdb35b * src/pfr/pfrsbit.c (pfr_lookup_bitmap_data): Accelerate the search.
This is mostly for consistency because PFR fonts with bitmap strikes
do not seem to exist.
2022-11-07 21:36:32 -05:00
Alexei Podtelezhnikov 6139f2b647 [bdf, pfr, psnames] Accelarate charmap searches.
The binary searches within charmaps can be accelerated because they
often contain dense continuous blocks of character codes. Within such
blocks, you can predict matches based on misses.  This method has been
deployed in `bdf` since 0f122fef34; we only refactor it there.  We now
use it in `pfr` and `psnames`, which speeds up the unicode charmap
access by about 50% in PFR and Type 1 fonts.

* src/bdf/bdfdrivr.c (bdf_cmap_char_{index,next}): Refactor.
* src/pfr/pfrcmap.c (pfr_cmap_char_{index,next}): Predict `mid` based
on the mismatch distance.
* src/psnames/psmodule.c (ps_unicodes_char_{index,next}): Ditto.
2022-11-06 13:12:47 -05:00
Behdad Esfahbod ae4eb996ab [truetype] Add support for `avar` table 2.0 format.
See

  https://github.com/harfbuzz/boring-expansion-spec/blob/main/avar2.md

for the specification.

Currently, this is implemented only in most recent OS versions on Apple
platforms and in the HarfBuzz library, but it is expected to be added to the
OpenType standard soon.

* src/truetype/ttgxvar.h (GX_AVarTableRec): New structure.
(GX_BlendRec): Use it to replace `avar_segment` with `avar_table`.

* src/truetype/ttgxvar.c (ft_var_load_avar): Load new table version.
(ft_var_to_normalized, tt_done_blend): Extend for new format.
(ft_var_load_hvvar, ft_var_to_design): Updated.
2022-11-04 19:44:36 +01:00
Werner Lemberg dea2e6358b Replace '1/64th' (and similar entries) with '1/64' in docs and comments. 2022-10-24 07:01:21 +02:00
Ivan Panchenko 05e1b37e3d * include/freetype/*: Fix documentation typos. 2022-10-24 06:52:06 +02:00
Alexei Podtelezhnikov ffbbf3df3e * src/truetype/ttgload.c: Cosmetic changes. 2022-10-21 15:55:30 +00:00
Alexei Podtelezhnikov 1bfaca0635 [cff, truetype] Simplify SVG metrics scaling.
Use pre-calculated scaling factors. Also, the advance widths used
to be rounded, which was incorrect.

* src/cff/cffgload.c (cff_slot_load): Use `x_scale` and `y_scale`.
* src/truetype/ttgload.c (TT_Load_Glyph): Ditto.
2022-10-21 12:14:52 +00:00
Werner Lemberg 0ec85f71a8 * subprojects/zlib.wrap: Update to zlib version 1.2.13. 2022-10-20 13:55:41 +02:00
Dominik Röttsches 0b62c1e43d [sfnt] Additional bounds checks for `COLR` v1 table handling.
* src/sfnt/ttcolr.c (read_paint): Add `colr` argument, necessary for...
... another use of `ENSURE_READ_BYTES`.
Update callers.
(tt_face_get_paint_layers): Ensure that the 4-byte paint table
offset can be read.

This is a follow-up to !124 and issue
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=52404
2022-10-18 19:55:25 +02:00
Werner Lemberg af46fcc15a [gzip] Update sources to zlib 1.2.13. 2022-10-18 19:43:52 +02:00
Alexei Podtelezhnikov b8882a3ed6 * src/sfnt/ttsbit.c (tt_face_load_strike_metrics): Simplify calculations. 2022-10-18 15:58:02 +00:00
Werner Lemberg c943d408e0 Minor formatting. 2022-10-18 11:41:00 +02:00
Dominik Röttsches 04272824e0 [sfnt] Guard individual `COLR` v1 paint field reads.
* src/sfnt/ttcolr.c (ENSURE_READ_BYTES): New macro.
(read_paint): Use it – after the start pointer `p` has been checked for
whether it allows reading the format byte, each successive paint table field
read need to be bounds-checked before reading further values.

Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=52404
2022-10-18 08:37:05 +02:00
Xiang Xiao 8493877e78 * builds/toplevel.mk: Prefix all paths with `$(TOP_DIR)/`.
This is useful for builds that are not started from the root directory.

Signed-off-by: Xiang Xiao <xiaoxiang@xiaomi.com>
2022-10-17 08:49:53 +02:00
Liu Kunpeng(柳鲲鹏) bb59c3c958 * src/base/ftsynth.c (FT_GlyphSlot_Slant): New API with custom slant.
* include/freetype/ftsynth.h (FT_GlyphSlot_Slant): Declare it.
2022-10-16 22:10:19 -04:00
Alexei Podtelezhnikov 3ab1875cd2 Note the lack of floating-point data types. 2022-10-14 22:06:23 -04:00
Werner Lemberg 5182264a40 [cff] Remove `FT_CONFIG_OPTION_NO_GLYPH_NAMES`.
This ancient option stayed completely undocumented.  Given that the 'cff'
driver requires the 'psnames' module, it makes no sense today to have this
macro.

* src/cff/cffdrivr.c (cff_services), src/cff/cffobjs.c (cff_face_init):
Remove corresponding conditional code.
2022-10-10 12:41:49 +02:00
Werner Lemberg 0d66abca4b Synchronize `ftoption.h` flavours. 2022-10-10 12:41:19 +02:00
Werner Lemberg 141d979af7 Minor comment changes. 2022-10-10 12:25:51 +02:00
Alexei Podtelezhnikov 15f6873495 Improve FT_Get_Name_Index docs and place it next to FT_Get_Glyph_Name. 2022-10-04 23:36:09 -04:00
Alexei Podtelezhnikov 0417527d5b [autofit] Reset the face charmap directly.
There is no need to validate the original charmap in `FT_Set_Charmap`.
It can be reset directly.

* src/autofit/afglobal.c (af_face_globals_compute_style_coverage):
Use direct assignment.
* src/autofit/af{latin,cjk,indic}.c (af_latin_metrics_init): Ditto.
2022-10-03 19:23:26 -04:00
Alexei Podtelezhnikov 1b6dce84f9 * src/type1/t1afm.c (T1_Read_PFM): Set charmaps directly.
As with the previous commit, we can avoid the validation checks
of `FT_Set_Charmap` and set it directly when choosing from the
available list.
2022-10-03 19:18:48 -04:00
Alexei Podtelezhnikov 8faf57dd17 * src/cache/ftccmap.c (FTC_CMapCache_Lookup): Avoid `FT_Set_Charmap`.
Set charmap aggressively without all validations of `FT_Set_Charmap`
because we take it from the available array and only temporarily.
Even CMap Format 14 will gracefully return 0.
2022-10-03 17:13:30 +00:00
Alexei Podtelezhnikov b93f20ab7a * src/cache/ftcbasic.c (ftc_basic_family_get_count): Remove redundancy. 2022-10-03 15:10:12 +00:00
Werner Lemberg de8f14a8e4 * src/psaux/pshints.c (cf2_hintmap_insertHint): Fix midpoint computation.
Replace '(start + end) / 2' with 'start + (end - start) / 2' to avoid
overflow.

Fixes #1180.
2022-09-30 23:25:02 +02:00
Werner Lemberg 2adb810c3d * src/psaux/pshints.c (cf2_hintmap_build): Improve debugging output. 2022-09-30 17:00:10 +02:00
mlugg 905270925d [truetype] Fix undefined pointer arithmetic.
* src/truetype/ttgxvar.c (tt_var_get_item_delta, ft_var_load_mvar): Use
`FT_OFFSET`.
2022-09-29 20:44:41 +02:00
Alexei Podtelezhnikov ff66e912d0 * src/sfnt/ttsbit.c (tt_face_load_strike_metrics): Use lighter FT_DivFix. 2022-09-29 17:46:23 +00:00
Ali Chraghi 5faa1df8b9 [base] FT_Attach_Stream: Make `parameters` argument constant. 2022-09-29 19:30:20 +02:00
Azamat Hackimov 3f3427c6f3 * src/tools/*.py: Migrate to Python 3.
Fixes #1185, closes !205. Formatting changes according to PEP8.
2022-09-28 22:35:49 -04:00
Dominik Röttsches df2601395f [sfnt] Guard access in 'COLR' table when requesting child table pointer.
* src/sfnt/ttcolr.c (tt_face_get_colorline_stops, read_paint): Tighten
pointer bounds checks.
(get_child_table_pointer): Check whether incoming pointer `p` lies within
the 'COLR' table.

Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51816
2022-09-27 18:18:59 +02:00
Ben Wagner bd41700773 [sfnt] Add SVG document bounds checking.
Add a check that the document content is actually contained within the
`SVG ` table.  Without this check a malformed font may claim arbitrary
memory as its document content.

* src/sfnt/ttsvg.c (tt_face_load_svg): Take `numEntries` into account when
testing 'documentRecord' extents.
(find_doc): Rename `stream` to `document_records` for clarity.
(tt_face_load_svg_doc): Split `doc` from `doc_list` pointer for clarity.
Test that the document content is contained within the table.
Ensure minimum length of document before testing for gzip format.

Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51812
2022-09-27 07:31:32 +02:00
Alexei Podtelezhnikov c9c326312f [base] Clean up the bitmap flow control.
* src/base/ftbitmap.c (FT_Bitmap_Copy): Flip the copy if its pitch
is trully opposite, zero is not a positive value.
(FT_Bitmap_Convert): Set negative pitch as needed, accept negative
alignment values.
2022-09-22 20:40:21 -04:00
Alexei Podtelezhnikov c456eeb47a [base] Discard and recreate bitmaps for copying and converting.
Reusing target bitmaps for copying and converting is permitted.  It is,
however, pointless to preserve their content before overwriting.  Free-
malloc might be faster than realloc.

* src/base/ftbitmap.c (FT_Bitmap_Copy, FT_Bitmap_Convert): Free
an old buffer and create a new one.
2022-09-22 15:09:17 +00:00
Dominik Röttsches 33ceac2afc Reject 'COLR' table if version is 1 but header too small.
* src/sfnt/ttcolr.c (tt_face_load_colr): If the version is determined to
be 1, then the table size has to be at least the size of the v1 header.
Also, for peeking the number of base glyphs and entries in the layer list,
ensure that the table is sufficiently long.

Fixes #1179.  Original patch by Sergey Temnikov.
2022-09-16 18:55:24 +02:00
Werner Lemberg a0d1536452 * src/otvalid/otvgsub.c (otv_SingleSubst_validate): Fix format 1 handling.
Fixes #1181.
2022-09-15 09:14:06 +02:00
Dominik Röttsches 8e68439a6f [truetype] Reject 'fvar' loading when `num_instances` is too small.
* src/truetype/ttgxvar.c (TT_Get_MM_Var): Reject retrieving master when
'fvar' values locally do not match with sanitized values from initialization
at `sfnt_init_face` time.

Reported as

  https://bugs.chromium.org/p/chromium/issues/detail?id=1360295
2022-09-06 17:18:17 +02:00
Dominik Röttsches 91a7fae777 [sfnt] Handle variable `COLR` v1 fonts without delta set index map
Fixes #1178.

* src/sfnt/ttcolr.c (get_deltas_for_var_index_base): Set outer index to
0 and inner index to the delta index when retrieving deltas if the
`COLR` table has no delta set index map.
2022-09-05 15:52:58 +02:00
Dominik Röttsches 6d62076ae5 [sfnt] Pointer sanity checks before reading layer info in 'COLR' v0
* src/sfnt/ttcolr.c (tt_face_get_colr_layer): Check that the pointer to
read from is within the 'COLR' table.

Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50633
2022-09-05 12:23:31 +02:00
Werner Lemberg 048f2e247c [autofit] Minor fix.
* src/autofit/afglobal.c (af_face_globals_compute_style_coverage): Avoid
compiler warning.
2022-09-05 10:43:59 +02:00
Dominik Röttsches a1017e2655 [sfnt] Don't require 'gvar' table to support variation fonts.
Fixes #1172.

* src/sfnt/sfobjs.c (sfnt_load_face): Tag font as Multiple Masters font if
`fvar` is present; do not require other tables to be present.

* src/truetype/ttgxvar.c (tt_set_mm_blend): Allow for a missing 'gvar' table
when setting variation coordinates.  However, if a 'gvar' table is actually
present, do perform a sanity check and fail on malformedness.
(TT_Get_MM_Var): Don't assume 'fvar' needs 'gvar' or 'CFF2 tables in all
cases, which is an overly tight check.
2022-09-05 10:36:22 +02:00
Alexei Podtelezhnikov dd91f6e7f5 * src/base/ftver.rc: Explicitly use UTF-16.
Fixes #1177 to avoid mistranslation and other problems.
2022-08-26 22:24:02 -04:00
Dominik Röttsches 4797b2ff22 [sfnt] Avoid undefined shifts in `COLR` v1 color line retrieval
* src/sfnt/ttcolr.c (tt_face_get_colorline_stops): Disambiguate shift
behavior by using multiplication using macros from ftcalc.h.

Fixes: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50573
2022-08-26 12:08:34 +03:00
Sean Farrell 395da3d72a CMakeLists.txt (FT_ENABLE_ERROR_STRINGS): New configuration option.
This option uncomments FreeType configuration macro
`FT_CONFIG_OPTION_ERROR_STRINGS` to make function `FT_Error_String` return
meaningful error strings.

This option is off by default.
2022-08-21 19:58:35 +02:00
Chris Liddell 37b718d589 [base, type1] Better handling of out-of-memory situations.
This follows similar code in `cff_slot_done`.

* src/base/ftobjs.c (ft_glyphslot_done), src/type1/t1objs.c
(T1_GlyphSlot_Done): Check `internal` pointer.

The Type1 problems was reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50057.
2022-08-21 19:41:45 +02:00