While clang's sanitizer recommends a cast to unsigned for safe
negation (to handle -INT_MIN), both MSVC and Visualc emit warning
C4146 if an unsigned value gets negated.
* include/freetype/internal/ftcalc.h (NEG_LONG, NEG_INT32),
src/base/ftcalc.c (FT_MOVE_SIGN): Replace negation with a
subtraction.
These versions don't produce run-time errors due to integer
overflow.
* include/freetype/internal/ftobjs.h: Include FT_INTERNAL_CALC_H.
(FT_PAD_ROUND_LONG, FT_PAD_CEIL_LONG, FT_PIX_ROUND_LONG,
FT_PIX_CEIL_LONG): New macros.
(FT_PAD_ROUND_INT32, FT_PAD_CEIL_INT32, FT_PIX_ROUND_INT32,
FT_PIX_CEIL_INT32): New macros.
This commit handles the new engine.
* include/freetype/internal/ftcalc.h (OVERFLOW_ADD_INT32,
OVERFLOW_SUB_INT32, OVERFLOW_MUL_INT32, NEG_INT, NEG_LONG,
NEG_INT32): New macros.
* src/cff/cf2ft.c (cf2_getScaleAndHintFlag): Use OVERFLOW_ADD_INT32.
* src/cff/cf2hints.c (cf2_getWindingMomentum, cf2_hint_init,
cf2_hintmap_map, cf2_glyphpath_hintPoint,
cf2_glyphpath_computeIntersection, cf2_glyphpath_computeOffset,
cf2_glyphpath_lineTo, cf2_glyphpath_curveTo): Use
OVERFLOW_ADD_INT32, OVERFLOW_SUB_INT32, OVERFLOW_MUL_INT32, and
NEG_INT32 where appropriate.
* src/cff/cf2intrp.c (cf2_doFlex, cf2_doBlend,
cf2_interpT2CharString): Ditto.
Also add some other code where needed to avoid overflow.
This commit (mainly for 32bit CPUs) is the first of a series of
similar commits to handle known integer overflows. Basically, all
of them are harmless, since they affect rendering of glyphs only,
not posing security threats. It is expected that fuzzying will show
up more overflows, to be fixed in due course.
The idea is to mark places where overflows can occur, using macros
that simply cast to unsigned integers, because overflow arithmetic
is well defined in this case. Doing so suppresses run-time errors
of sanitizers without adding computational overhead.
* include/freetype/internal/ftcalc.h (OVERFLOW_ADD_INT,
OVERFLOW_SUB_INT, OVERFLOW_MUL_INT, OVERFLOW_ADD_LONG,
OVERFLOW_SUB_LONG, OVERFLOW_MUL_LONG): New macros.
* src/base/ftcalc.c (FT_RoundFix, FT_CeilFix, FT_Matrix_Multiply,
FT_Matrix_Multiply_Scaled, FT_Vector_Transform_Scaled,
ft_corner_orientation): Use new macros.
* src/base/ftoutln.c (FT_Outline_Get_Orientation): Use new macros.
Extra bitmap padding for LCD filtering depends on the filter. The
default 5-tap filter needs 2 extra subpixels. The light 3-tap filter
needs only 1 extra subpixel. This space could be already available
due to rounding. In order to optimize the padding, we now expand
CBox for the given filter weights before rounding.
This change breakes current Skia (and Firefox).
* include/freetype/internal/ftobjs.h (FT_LibraryRec)
[FT_CONFIG_OPTION_SUBPIXEL_RENDERING]: Remove `lcd_extra' field.
* src/base/ftlcdfil.c (FT_Library_SetLcdFilterWeights,
FT_Library_SetLcdFilter): Remove `lcd_extra' initializations.
* src/smooth/ftsmooth.c (ft_smooth_render_generic): Implement dymanic
LCD padding.
=======================
Tag sources with `VER-2-8'.
* docs/VERSION.TXT: Add entry for version 2.8.
* docs/CHANGES: Updated.
* README, Jamfile (RefDoc), builds/windows/vc2005/freetype.vcproj,
builds/windows/vc2005/index.html,
builds/windows/vc2008/freetype.vcproj,
builds/windows/vc2008/index.html,
builds/windows/vc2010/freetype.vcxproj,
builds/windows/vc2010/index.html,
builds/windows/visualc/freetype.dsp,
builds/windows/visualc/freetype.vcproj,
builds/windows/visualc/index.html,
builds/windows/visualce/freetype.dsp,
builds/windows/visualce/freetype.vcproj,
builds/windows/visualce/index.html,
builds/wince/vc2005-ce/freetype.vcproj,
builds/wince/vc2005-ce/index.html,
builds/wince/vc2008-ce/freetype.vcproj,
builds/wince/vc2008-ce/index.html: s/2.7.1/2.8/, s/271/28/.
* include/freetype/freetype.h (FREETYPE_MINOR): Set to 8.
(FREETYPE_PATCH): Set to 0.
* builds/unix/configure.raw (version_info): Set to 20:0:14.
* CMakeLists.txt (VERSION_MINOR): Set to 8.
(VERSION_PATCH): Set to 0.
* include/freetype/config/ftoption.h
(AF_CONFIG_OPTION_TT_SIZE_METRICS): New option, commented out by
default.
* src/autofit/afloader.c (af_loader_load_glyph): Use
AF_CONFIG_OPTION_TT_SIZE_METRICS to guard the corresponding code.
This mode uses fractional advance widths and doesn't scale glyphs
horizontally, only applying vertical scaling and hinting.
At the same time, the behaviour of the `light' auto-hinter gets
restored for backwards compatibility: Both vertical and horizontal
scaling is again based on rounded metrics values (this was changed
in a commit from 2017-03-30 as a side effect). To be more precise,
the behaviour is restored for TrueType fonts only; for other font
formats like Type 1, this is a new feature of the `light' hinting
mode.
* include/freetype/freetype.h (FT_LOAD_TARGET_SLIGHT): New macro.
(FT_RENDER_MODE_SLIGHT): New render mode.
* include/freetype/internal/ftobjs.h (FT_Size_InternalRec): Add
`autohint_mode' and `autohint_metrics' fields.
* src/autofit/afcjk.c (af_cjk_hints_init), src/autofit/aflatin.c
(af_latin_hints_init), src/autofit/aflatin2 (af_latin2_hints_init):
Updated.
* src/autofit/afloader.c (af_loader_embolden_glyph_in_slot): Use
`autohint_metrics'.
(af_loader_load_glyph): s/internal/slot_internal/.
Initialize `autohint_metrics' and `autohint_mode' depending on
current auto-hint mode.
Use `autohint_metrics'.
Updated.
* src/base/ftadvanc.c (LOAD_ADVANCE_FAST_CHECK): Updated.
* src/base/ftobjs.c (FT_Load_Glyph): Updated.
(FT_New_Size): Allocate `internal' object.
* src/pshinter/pshalgo.c (ps_hints_apply): Updated.
* src/smooth/ftsmooth.c (ft_smooth_render): Updated.
We are going to extend this later on.
* include/freetype/internal/ftobjs.h (FT_Size_InternalRec): New
structure with a single field `module_data'.
* src/base/ftobjs.c (FT_New_Size): Allocate `internal' field of
`FT_Size' structure.
* src/cff/cffgload.c (cff_builder_init, cff_decoder_prepare): Use
`size->internal->module_data' instead of `size->internal'.
* src/cff/cffobjs.c (cff_size_done): Deallocate `module_data'.
(cff_size_init, cff_size_select, cff_size_request): Use
`size->internal->module_data' instead of `size->internal'.
* src/cif/cidobjs.c (cid_size_done, cid_size_init,
cid_size_request): Use `size->internal->module_data' instead of
`size->internal'.
* src/psaux/psobjs.c (t1_builder_ini): Use
`size->internal->module_data' instead of `size->internal'.
* src/type1/t1objs.c (T1_Size_Done, T1_Size_Init, T1_Size_Request):
Use `size->internal->module_data' instead of `size->internal'.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=981
* include/freetype/fterrdef.h (FT_Err_DEF_In_Glyf_Bytecode): New
error code.
* src/truetype/ttinterp.c (Ins_FDEF, Ins_IDEF): Prohibit execution
of these two opcodes in `glyf' bytecode.
(TT_RunIns): Don't enforce reexecution of `fpgm' and `prep' bytecode
in case of error since function tables can no longer be modified
(due to the changes in `Ins_FDEF' and `Ins_IDEF'). This change can
enormously speed up handling of broken fonts.
We have to make a separate case for Windows 64's LLP64 data model.
* builds/unix/ftconfig.in, builds/vms/ftconfig.h,
include/freetype/config/ftconfig.h (FT_UINT_TO_POINTER): New macro.
* src/truetype/ttgload.c (load_truetype_glyph): Use it.
Everything is guarded with TT_CONFIG_OPTION_GX_VAR_SUPPORT.
* include/freetype/internal/tttypes.h (TT_FaceRec): New fields
`var_postscript_prefix' and `var_postscript_prefix_len'.
* src/sfnt/sfdriver.c: Include FT_TRUETYPE_IDS_H.
(sfnt_is_alphanumeric): New wrapperfunction for `ft_isalnum'.
(get_win_string, get_apple_string): Remove `const' from return
value.
(MAX_VALUE_DESCRIPTOR_LEN, MAX_PS_NAME_LEN): New macros.
(hexdigits): New array.
(sfnt_get_var_ps_name): New function, implementing Adobe TechNote
5902 to construct a PS name for a variation font instance.
(sfnt_get_ps_name): Call `sfnt_get_var_ps_name' for font instances.
* src/sfnt/sfobjs.c (sfnt_done_face): Updated.
* src/truetype/ttgxvar.c (tt_set_mm_blend): Reset
`face->postscript_name' to trigger recalculation for new instance
parameters.
* include/freetype/internal/services/svmm.h (FT_Get_Var_Blend_Func):
Add `normalizedcoords' argument.
* src/truetype/ttgxvar.h (GX_BlendRec): Add `coords' field to store
the design coordinates of the current instance.
Updated.
* src/truetype/ttgxvar.c (TT_Set_MM_Blend): Move functionality to...
(tt_set_mm_blend): ... New function.
Convert data in `normalizedcoords' array to `coords' array on
demand.
(TT_Set_Var_Design): Store argument data in `coords' array.
(TT_Get_Var_Design): Get data from `coords' array.
(tt_get_var_blend): Updated.
(tt_done_blend): Updated.
* src/cff/cffload.c, src/cff/cffload.h (cff_get_var_blend): Updated.
* src/cff/cf2ft.c (cf2_getNormalizedVector): Updated.
* src/cff/cffobjs.c (cff_face_init): Updated.
We need this for support of the `random' operator.
* include/freetype/ftcffdrv.h (FT_PARAM_TAG_RANDOM_SEED): New macro.
* include/freetype/internal/ftobjs.h (FT_Face_InternalRec): New
field `random_seed'.
* src/cff/cffobjs.h (CFF_DriverRec): New field `random_seed'.
This commit provides the framework, to be filled with something
useful in the next commits.
* include/freetype/freetype.h (FT_Face_Properties): Declare.
* src/base/ftobjs.c (FT_Face_Properties): New function.
* include/freetype/internal/tttypes.h (TT_LangTagRec): New
structure.
(TT_NameTableRec): Add fields `numLangTagRecords' and `langTags'.
* src/sfnt/ttload.c (tt_face_load_name): Add support for language
tags.
Reduce array size of name strings in case of invalid entries.
(tt_face_free_name): Updated.
* docs/CHANGES: Updated.
Show more macros in the reference: TT_MAC_LANGID_XXX, TT_MS_LANGID_XXX,
TT_NAME_ID_XXX, TT_UCR_XXX.
This commit is viewed best with
git diff --color-words='[^*/ ]+'
The change from 2016-09-29 was too radical (except for people using
the openSuSE GNU/Linux distribution). To ameliorate the situation,
PCF_CONFIG_OPTION_LONG_FAMILY_NAMES gets introduced which controls
the feature; if set, a new PCF property option
`no-long-family-names' can be used to switch this feature off.
* include/freetype/config/ftoption.h, devel/ftoption.h
(PCF_CONFIG_OPTION_LONG_FAMILY_NAMES): New option.
* include/freetype/ftpcfdrv.h: New header file (only containing
comments currently, used for building the documentation).
* include/freetype/config/ftheader.h (FT_PCF_DRIVER_H): New macro.
* src/pcf/pcf.h (PCF_Driver): Add `no_long_family_names' field.
* src/pcf/pcfdrivr.c: Include FT_SERVICE_PROPERTIES_H and
FT_PCF_DRIVER_H.
(pcf_property_set, pcf_property_get): New functions.
(pcf_service_properties): New service.
(pcf_servives): Updated.
(pcf_driver_init) [PCF_CONFIG_OPTION_LONG_FAMILY_NAMES]: Handle
`no_long_family_names'.
* src/pcf/pcfread.c (pcf_load_font): Handle `no_long_family_names'
and PCF_CONFIG_OPTION_LONG_FAMILY_NAMES.
* docs/CHANGES: Updated.
* include/freetype/internal/tttypes.h (TT_FACE_FLAG_VAR_XXX):
Remove all flags related to MVAR; replace it with...
(TT_FACE_FLAG_VAR_MVAR): ...this new macro.
(TT_Face): Remove `mvar_support' field (which was still unused).
* include/freetype/internal/tttypes.h (TT_FACE_FLAG_VAR_XXX):
New macros describing available functionality of various OpenType
tables related to font variation.
(TT_Face): New fields `variation_support' and `mvar_support',
replacing and extending `use_fvar'.
* src/sfnt/sfobjs.c (sfnt_init_face, sfnt_load_face): Use
`variation_support'.
* src/truetype/ttgxvar.c (ft_var_load_hvar): Set `variation_support'
field.
(TT_Vary_Apply_Glyph_Deltas): Updated.
In particular, we need access to named instance data.
* include/freetype/internal/services/svmm.h (FT_Get_Var_Blend_Func):
Add argument for `FT_MM_Var'.
* src/cff/cffload.c (cff_get_var_blend): Updated.
* src/cff/cffload.h: Updated.
* src/cff/cf2ft.c (cf2_getNormalizedVector): Updated.
* src/truetype/ttgxvar.c (tt_get_var_blend): Updated.
Accept value `NULL' for arguments.
* src/truetype/ttgxvar.h: Updated.
This is better behaviour than exiting with an error.
* include/freetype/internal/tttypes.h (TT_Face): Add `use_fvar'
field.
* src/sfnt/sfobjs.c (sfnt_init_face): Compute `use_fvar', also
updating the validation code.
Use `use_fvar' to compute FT_FACE_FLAG_MULTIPLE_MASTERS.
* src/truetype/ttgxvar.c (TT_Get_MM_Var): Remove `fvar' validation
code.
* include/freetype/internal/tttypes.h (TT_Face): Move
`is_default_instance' into TT_CONFIG_OPTION_GX_VAR_SUPPORT
block.
* src/sfnt/sfobjs.c (sfnt_init_face): Updated.
* src/truetype/ttgload.c (IS_DEFAULT_INSTANCE): New macro.
(TT_Load_Glyph): Use it.
Note that this is not complete yet; it only handles advance width
variation.
Activation of the code follows in another commit.
* include/freetype/ftmm.h (FT_Var_Named_Style): Add `psid' member.
* src/truetype/ttgxvar.h (GX_HVarData, GX_AxisCoords, GX_HVarRegion,
GX_HVStore, GX_WidthMap): New auxiliary structures for...
(GX_HVarTable): ... HVAR main structure.
(GX_BlendRec): Add data for HVAR loading.
* src/truetype/ttgxvar.c (FT_FIXED_ONE, FT_fdot14ToFixed,
FT_intToFixed, FT_fixedToInt): New macros.
(ft_var_load_hvar): New function.
(TT_Get_MM_Var): Updated.
(tt_done_blend): Deallocate HVAR data.
No effect yet; service functions will be implemented later on.
Everything is guarded with TT_CONFIG_OPTION_GX_VAR_SUPPORT.
* include/freetype/internal/services/svmetric.h: New file.
* include/freetype/internal/ftserv.h
(FT_SERVICE_METRICS_VARIATIONS_H): New macro.
* include/freetype/internal/tttypes.h (TT_Face): New field `var'.
* src/sfnt/sfobjs.c: Include FT_SERVICE_METRICS_VARIATIONS_H.
(sfnt_init_face): Initialize `face->var'.
* src/truetype/ttdriver.c: Include FT_SERVICE_METRICS_VARIATIONS_H.
(tt_service_metrics_variations): New service.
(tt_services): Updated.
* src/truetype/ttpic.h: Updated.
The code simply uses the MM functions from the `truetype' module.
Everything is guarded with TT_CONFIG_OPTION_GX_VAR_SUPPORT.
* include/freetype/internal/tttypes.h (TT_Face): New field `mm'.
* src/cff/cffdrivr.c: Include FT_SERVICE_MULTIPLE_MASTERS_H.
(cff_set_mm_blend, cff_get_mm_blend, cff_get_mm_var,
cff_set_var_design, cff_get_var_design): New functions.
(cff_service_multi_masters): New service.
(cff_services): Updated.
* src/cff/cffload.c (cff_get_var_blend, cff_done_blend): New
functions.
* src/cff/cffload.h: Updated.
* src/cff/cffpic.h (CFF_SERVICE_MULTI_MASTERS_GET): New macro.
* src/sfnt/sfobjs.c: Include FT_SERVICE_MULTIPLE_MASTERS_H.
(sfnt_init_face): Initialize `face->mm'.
It can now differentiate between local and global searches.
* src/base/ftobjs.c (ft_module_get_service): Add `global' argument.
(FT_Get_TrueType_Engine_Type): Updated.
* src/cff/cffdrivr.c (cff_get_ps_name, cff_get_cmap_info): Updated.
* include/freetype/internal/ftobjs.h: Updated.
* include/freetype/internal/ftserv.h (FT_FACE_FIND_GLOBAL_SERVICE):
Updated.
For internal use; we want to share code between the forthcoming CFF2
support and TrueType.
* include/freetype/internal/services/svmm.h (FT_Get_Var_Blend_Func):
New typedef.
(MultiMasters): Add `get_var_blend'.
(FT_Service_MultiMasters): Updated.
* src/truetype/ttgxvar.c (tt_get_var_blend): New function.
* src/truetype/ttgxvar.h: Updated.
* src/truetype/ttdriver.c (tt_service_gx_multi_masters): Updated.
* src/type1/t1driver.c (t1_service_multi_masters): Updated.
For internal use; we want to share code between the forthcoming CFF2
support and TrueType.
* include/freetype/internal/services/svmm.h (FT_Done_Blend_Func):
New typedef.
(MultiMasters): Add `done_blend'.
(FT_Service_MultiMasters): Updated.
* src/truetype/ttgxvar.c (tt_done_blend): Use `TT_Face' as argument.
* src/truetype/ttgxvar.h: Updated.
* src/truetype/ttobjs.c (TT_Face_Done): Updated.
* src/truetype/ttdriver.c (tt_service_gx_multi_masters): Updated.
* src/type1/t1driver.c (t1_service_multi_masters): Updated.
CFF2 fonts will need access to those two functions.
* include/freetype/internal/sfnt.h: Include FT_SERVICE_GLYPH_DICT_H.
(SFNT_Interface): Add `get_glyph_name' and `get_name_index' members.
(FT_DEFINE_SFNT_INTERFACE): Updated.
* src/sfnt/sfdriver.c (sfnt_get_glyph_name, sfnt_get_name_index):
Fix signatures to exactly correspond to the glyph dict service
function typedefs.
(sfnt_interface): Updated.
Note that the low-level functions aren't implemented yet.
* include/freetype/ftmm.h: Declare.
* include/freetype/internal/services/svmm.h
(FT_Get_Var_Design_Func): New typedef.
(MultiMasters): New MM service function `get_var_design'.
(FT_DEFINE_SERVICE_MULTIMASTERSREC): Updated.
Update all callers.
* src/base/ftmm.c (FT_Get_Var_Design_Coordinates): Implement.
* src/truetype/ttdriver.c: Updated.
* src/truetype/ttgxvar.c (TT_Get_Var_Design): New dummy function to
handle `get_var_design' service.
* src/truetype/ttgxvar.h: Updated.
* src/type1/t1driver.c: Updated.
* src/type1/t1load.c (T1_Get_Var_Design): New dummp function to
handle `get_var_design' service.
* src/type1/t1load.h: Updated.
`FT_Load_Glyph' doesn't generate a bitmap for a non-bitmap glyph
until the user calls `FT_Render_Glyph'. However, it always
allocates memory for bitmaps and copies or decodes the contents of a
bitmap glyph, which can be quite slow for PNG data.
* include/freetype/freetype.h (FT_LOAD_BITMAP_METRICS_ONLY): New
macro.
* src/base/ftobjs.c (FT_Load_Glyph): Unset FT_LOAD_RENDER if
FT_LOAD_BITMAP_METRICS_ONLY is used.
* src/sfnt/ttsbit.c (tt_sbit_decoder_alloc_bitmap,
tt_sbit_decoder_load_bitmap): Add argument to control allocation of
the glyph slot.
(tt_sbit_decoder_load_image, tt_sbit_decoder_load_compound,
tt_face_load_sbit_image): Updated.
* src/pcf/pcfdrivr.c (PCF_Glyph_Load): Quickly exit if
`FT_LOAD_BITMAP_METRICS_ONLY' is set.
* src/pfr/pfrsbit.c, src/pfr/pfrsbit.h (pfr_slot_load_bitmap): Add
argument to control allocation of the glyph slot.
* src/pfr/pfrobjs (pfr_slot_load): Updated.
* src/winfonts/winfnt.c (FNT_Load_Glyph): Ditto.
* docs/CHANGES: Updated.
* include/freetype/config/ftconfig.h, builds/unix/ftconfig.in,
builds/vms/ftconfig.h (FT_TYPEOF): Update code to use definition in
current version of `intprops.h'.
Other minor synchronization to reduce code differences between the
three files.
Werner Lemberg