For some divisions, we use casts to 32bit entities. Always guard
against division by zero with these casts also.
* src/base/ftcalc.c (ft_div64by32): Remove redundant cast.
(FT_MulDiv, FT_MulDiv_No_Round): Add 32bit cast.
(FT_DivFix): Add 32bit cast (this omission triggered the bug).
* src/psaux/afmparse.c (afm_parse_track_kern): Don't inverse sign
for `min_kern'. It is indeed quite common that track kerning
*increases* spacing for very small sizes.
If in function `skip_spaces' the routine `skip_comment' comes to the
end of buffer, `cur' is still increased by one, so we need to check
for `p >= limit' and not `p == limit'.
* src/psaux/psconv.c (PS_Conv_Strtol, PS_Conv_ToFixed,
PS_Conv_ASCIIHexDecode, PS_Conv_EexecDecode): Fix boundary checking.
* src/truetype/ttinterp.c (Ins_MIRP): Typo, present since ages. The
code is now in sync with the other operators (e.g. MSIRP) which
modify twilight points.
* src/bdf/bdflib.c (_bdf_list_ensure): Bring code in sync with
comment before `_bdf_list_split', this is, really allocate at least
five `field' elements.
* src/bdf/bdflib.c (_bdf_parse_glyphs) <DWIDTH, BBX>: Abort if
_BDF_ENCODING isn't set. We need this because access to the `glyph'
variable might be undefined otherwise.
* src/smooth/ftsmooth.c (ft_smooth_render_generic): Use `FT_Pos'
instead of `FT_UInt' for some variables and update comparisons
accordingly. A detailed analysis can be found in the bug report.
* src/type1/t1load.c (parse_subrs): Add proper guards for `strncmp'.
* src/psaux/psobjs.c (ps_parser_skip_PS_token): Emit error message
only if cur < limit.
Jump instructions are now bound to the current function. The MS
Windows rasterizer behaves the same, as confirmed by Greg Hitchcock.
* src/truetype/ttinterp.h (TT_CallRec): Add `Cur_End' element.
* src/truetype/ttobjs.h (TT_DefRecord): Add `end' element.
* src/truetype/ttinterp.c (DO_JROT, DO_JMPR, DO_JROF): Check upper
bound of jump address.
(Ins_FDEF, Ins_CALL, Ins_LOOPCALL, Ins_UNKNOWN, TT_RunIns): Updated.
* include/freetype/internal/ftobjs.h (FT_ModuleRec, FT_LibraryRec):
Remove `generic' field since users can't access it.
* src/base/ftobjs.c (FT_Done_GlyphSlot): Call `generic.finalizer' as
advertised in the documentation of FT_Generic.
(Destroy_Module, FT_Done_Library): Updated to changes in `ftobjs.h'.
Patch submitted by anonymous reporter.
* src/gxvalid/gxvcommn.c (gxv_XStateTable_subtable_setup):
gxv_set_length_by_ulong_offset() must be called with 3, not 4,
the number of the subtables in the state tables; classTable,
stateArray, entryTable.
Based on the patch provided by Erik Dahlstrom <ed@opera.com>,
http://lists.gnu.org/archive/html/freetype-devel/2012-01/msg00010.html
Also `raccess_guess_table[]' and `raccess_rule_by_darwin_vfs()'
are renamed with `ft_' suffixes.
* src/base/ftbase.h: `raccess_rule_by_darwin_vfs()' is renamed
to `ft_raccess_rule_by_darwin_vfs()'.
* src/base/ftobjs.c: Ditto.
* src/base/ftrfork.c: Declarations of FT_RFork_Rule,
raccess_guess_rec, are moved to...
* include/freetype/internal/ftrfork.h: Here.
* include/freetype/internal/ftrfork.h:
FT_RFORK_RULE_ARRAY_{BEGIN,ENTRY,END} macros are defined
to replace raccess_guess_table[] in both of PIC and non-PIC
modes.
* src/base/ftrfork.c: raccess_guess_table[] array is rewritten
by FT_RFORK_RULE_ARRAY_{BEGIN,ENTRY,END}.
* src/base/basepic.h (BasePIC): Add `ft_raccess_guess_table'
storage. (FT_RACCESS_GUESS_TABLE_GET): New macro to retrieve
the function pointer from `ft_raccess_guess_table' storage in
`BasePIC' structure.
* src/base/ftrfork.c (FT_Raccess_Guess): Rewritten with
FT_RACCESS_GUESS_TABLE_GET.
(raccess_get_rule_type_from_rule_index): Add `library' as the
first argument to the function, to retrieve the storage of
`ft_raccess_guess_table' from it. Also `raccess_guess_table'
is replaced by FT_RACCESS_GUESS_TABLE_GET.
(ft_raccess_rule_by_darwin_vfs): Ditto.
* src/autofit/afpic.c: Include "aflatin2.h" when
FT_OPTION_AUTOFIT2 is defined, as afglobal.c does so.
Unconditionally inclusion causes declared but unimplemented
warning by GCC 4.6.
* src/cff/cffpic.c: The declarations of
FT_Init_Class_cff_cmap_encoding_class_rec() and
FT_Init_Class_cff_cmap_unicode_class_rec() are removed.
They can be obtained by the inclusion of cffcmap.h.
cffcmap.h invokes FT_DECLARE_CMAP_CLASS() and it declares
FT_Init_Class_cff_cmap_encoding_class_rec() etc in PIC mode.