* src/autofit/aflatin.h (AF_LatinBlueRec): Add `ascender' and
`descender' fields.
* src/autofit/aflatin.c (af_latin_metrics_init_blues): Collect
ascender and descender data for blue zones.
(af_latin_metrics_scale_dim): Reject vertical scaling values that
change the result by more than two pixels.
* include/freetype/internal/tttypes.h (TT_LoaderRec): New field
`composites'.
* src/truetype/ttgload.c: Include FT_LIST_H.
(load_truetype_glyph): Add composite subglyph index to a list;
abort if index is already in list.
(tt_loader_init): Updated.
(tt_loader_done): New function.
(TT_Load_Glyph): Call `tt_loader_done'.
This is a crude adaption of the original `cf2_computeDarkening'
function.
* src/autofit/afloader.c (af_intToFixed, af_fixedToInt,
af_floatToFixed): New macros, taken from `cf2fixed.h'.
(af_loader_compute_darkening): New function.
* src/autofit/afloader.h: Updated.
We need the computed standard horizontal and vertical widths for the
emboldening calculation. This method provides a convenient way to
extract it from writing-system-specific metrics structures, which
all script definitions must implement.
* src/autofit/aftypes.h (AF_WritingSystem_GetStdWidthsFunc): New
function type.
(AF_WritingSystemClassRec): New member `style_metrics_getstdw'.
(AF_DEFINE_WRITING_SYSTEM_CLASS): Updated.
* src/autofit/afcjk.c (af_cjk_get_standard_width): New function.
(af_cjk_writing_system_class): Updated.
* src/autofit/afdummy.c (af_dummy_writing_system_class): Updated.
* src/autofit/afindic.c (af_cjk_get_standard_width): New function.
(af_indic_writing_system_class): Updated.
* src/autofit/aflatin.c (af_latin_get_standard_width): New function.
(af_indic_writing_system_class): Updated.
* src/autofit/aflatin.c (af_latin_get_standard_width): New function.
(af_indic_writing_system_class): Updated.
Actual code follows in a later commit.
* include/freetype/ftautoh.h: Document `no-stem-darkening' and
`darkening-parameters'.
* src/autofit/afmodule.h: New fields `no_stem_darkening' and
`darken_params'.
* src/autofit/afmodule.c (af_property_set, af_property_get):
Handle them.
(af_autofitter_init): Initialize them.
Currently, libFuzzer only supports mutation of a single file. We
circumvent this problem by using an uncompressed tar archive as
multiple-file input for the fuzzer.
This patch enables tests of `FT_Attach_Stream' and AFM/PFM parsing;
a constructed tarball should contain a font file as the first
element, and files to be attached as further elements.
* src/tools/ftfuzzer/ftfuzzer.cc: Include libarchive headers.
(archive_read_entry_data, parse_data): New functions.
(LLVMFuzzerTestOneInput): Updated.
* src/tools/ftfuzzer/ftmutator.cc: New file, providing a custom
mutator for libFuzzer that can mutate tarballs in a sensible way.
* src/autofit/afhints.c (af_print_idx, af_get_segment_index,
af_get_edge_index): New functions.
(af_glyph_hints_dump_points): Remove unnecessary `|', `[', and `]'.
Add segment and edge index for each point.
Slightly change printing order of some elements.
Don't print `-1' but `--' for missing elements.
(af_glyph_hints_dump_segments, af_glyph_hints_dump_edges): Remove
unnecessary `|', `[', and `]'.
Don't print `-1' but `--' for missing elements.
Problem reported by Nikolay Sivov <bunglehead@gmail.com>.
* src/sfnt/ttsbit.c (tt_face_load_strike_metrics): Avoid zero value
for `metrics->height' by applying some heuristics.
This modifies the addition of subroutine number to subroutine bias
from unsigned to signed, but does not change any results.
* src/cff/cf2ft.c (cf2_initGlobalRegionBuffer,
cf2_initLocalRegionBuffer): Change variable names from (unsigned)
`idx' to (signed) `subrNum', since it is not an index until after
the bias is added.
* src/cff/cf2ft.h: Updated.
* src/cff/cf2intrp.c (cf2_interpT2CharString) <cf2_cmdCALLSUBR>:
Updated similarly.
* src/cid/cidload.c (parse_fd_array): Check `num_dicts' against
stream size.
(cid_read_subrs): Check largest offset against stream size.
(cid_parse_dict): Move safety check to ...
(cid_face_open): ... this function.
Also test length of binary data and values of `SDBytes',
`SubrMapOffset', `SubrCount', `CIDMapOffset', and `CIDCount'.
Due to incorrect casting negative numbers were shown as very large
(positive) integers on 64bit systems.
* src/psaux/t1decode.c (t1_decoder_parse_charstrings) <op_none>:
Use division instead of shift.
* src/bdf/bdflib.c (ACMSG17): New message macro.
(_bdf_parse_t): Add member `size'.
(bdf_load_font): Set `size'.
(_bdf_parse_glyphs): Adjust `cnt' if necessary.
Similar to other font formats, this commit makes the parser no
longer check the whole PCF file but only the header and the TOC if
we just want to get the number of available faces (and a proper
recognition of the font format).
* src/pcf/pcfdrivr.c (PCF_Face_Init): Updated.
Exit quickly if face_index < 0.
* src/pcfread.c (pcf_load_font): Add `face_index' argument.
Exit quickly if face_index < 0.
* src/pcf/pcf.h: Updated.
This patch also contains various other improvements.
* src/tools/ftfuzzer/ftfuzzer.cc: Add preprocessor guard to reject
pre-C++11 compilers.
(FT_Global): New class. Use it to provide a global constructor and
destructor for the `FT_Library' object.
(setIntermediateAxis): New function to select an (arbitrary)
instance.
(LLVMFuzzerTestOneInput): Loop over all faces and named instances.
Also call `FT_Set_Char_Size'.
Use the `gvar' table size instead of the remaining bytes in the
stream.
* src/truetype/ttgxvar.h (GX_BlendRec): New field `gvar_size'.
* src/truetype/ttgxvar.c (ft_var_load_gvar): Set `gvar_size'.
(ft_var_readpackedpoints, ft_var_readpackeddeltas: New argument
`size'.
(tt_face_vary_cvt, TT_Vary_Apply_Glyph_Deltas): Updated.
These tests should mainly help avoid unnecessarily large memory
allocations in case of malformed fonts.
* src/truetype/ttgxvar.c (ft_var_readpackedpoints,
ft_var_readpackeddeltas): Check number of points against stream
size.
(ft_var_load_avar): Check `pairCount' against table length.
(ft_var_load_gvar): Check `globalCoordCount' and `glyphCount'
against table length.
(tt_face_vary_cvt): Check `tupleCount' and `offsetToData'.
Fix trace.
(TT_Vary_Apply_Glyph_Deltas): Fix trace.
Free `sharedpoints' to avoid memory leak.
This implementation renders the entire line segment at once without
subdividing it into scanlines. The main speed improvement comes from
reducing the number of divisions to just two per line segment, which
is a bare minimum to calculate cell coverage in a smooth rasterizer.
Notably, the progression from cell to cell does not itself require any
divisions at all. The speed improvement is more noticeable at larger
sizes.
* src/smooth/ftgrays.c (gray_render_line): New implementation.
=========================
Tag sources with `VER-2-6-1'.
* docs/VERSION.DLL: Update documentation and bump version number to
2.6.1.
* README, Jamfile (RefDoc), builds/windows/vc2005/freetype.vcproj,
builds/windows/vc2005/index.html,
builds/windows/vc2008/freetype.vcproj,
builds/windows/vc2008/index.html,
builds/windows/vc2010/freetype.vcxproj,
builds/windows/vc2010/index.html,
builds/windows/visualc/freetype.dsp,
builds/windows/visualc/freetype.vcproj,
builds/windows/visualc/index.html,
builds/windows/visualce/freetype.dsp,
builds/windows/visualce/freetype.vcproj,
builds/windows/visualce/index.html,
builds/wince/vc2005-ce/freetype.vcproj,
builds/wince/vc2005-ce/index.html,
builds/wince/vc2008-ce/freetype.vcproj,
builds/wince/vc2008-ce/index.html: s/2.6/2.6.1/, s/26/261/.
* include/freetype/freetype.h (FREETYPE_PATCH): Set to 1.
* builds/unix/configure.raw (version_info): Set to 18:1:12.
* CMakeLists.txt (VERSION_PATCH): Set to 1.
* src/autofit/afmodule.c [AF_DEBUG_AUTOFIT]: Ensure C linking for
dumping functions.
* src/bzip2/ftbzip2.c (ft_bzip2_file_fill_input), src/gzip/ftgzip.c
(ft_gzip_file_fill_input): In case of an error, adjust the limit to
avoid copying uninitialized memory.
* src/bzip2/ftbzip2.c (ft_bzip2_file_fill_output), src/gzip/ftgzip.c
(ft_gzip_file_fill_output): In case of an error, adjust the limit to
avoid copying uninitialized memory.
* src/sfnt/ttcmap.c (tt_cmap4_char_map_linear): Add code to better
skip invalid segments.
If searching the next character, provide a more efficient logic to
speed up the code.
Thanks to Danh Hong <danhhong@gmail.com> for guidance with blue zone
characters!
* src/autofit/afblue.dat: Add blue zone data for Lao.
* src/autofit/afblue.c, src/autofit/afblue.h: Regenerated.
* src/autofit/afscript.h: Add Lao standard characters.
* src/autofit/afranges.c: Add Lao data.
* src/autofit/afstyles.h: Add Lao data.
open_face_from_buffer() frees passed buffer if valid font
is not found. But if copying to the buffer is failed,
the allocated buffer should be freed within the caller.
* src/base/ftobjs.c (open_face_PS_from_sfnt_stream): Free
the buffer `sfnt_ps' if an error caused before calling
open_face_from_buffer().
(Mac_Read_sfnt_Resource): Free the buffer `sfnt_data' if
an error caused before calling open_face_from_buffer();
Suggested by Hin-Tak Leung.
* src/bzip2/ftbzip2.c (ft_bzip2_stream_io), src/gzip/ftgzip.c
(ft_gzip_stream_io), src/lzw/ftlzw.c (ft_lzw_stream_io): Do it.
While the current code in `FT_Get_Next_Char' correctly rejects
out-of-bounds glyph indices, it can be extremely slow for malformed
cmaps that use 32bit values. This commit tries to improve that.
* src/sfnt/ttcmap.c (tt_cmap8_char_next, tt_cmap12_next,
tt_cmap12_char_map_binary, tt_cmap13_next,
tt_cmap13_char_map_binary): Reject glyph indices larger than or
equal to the number of glyphs.
* src/base/ftobjs.c (FT_Get_Char_Index): Don't return out-of-bounds
glyph indices.
(FT_Get_First_Char): Updated.
* src/sfnt/ttcmap.c (tt_cmap6_char_next): Don't return character
codes greater than 0xFFFF.
(tt_cmap8_char_index): Avoid integer overflow in computation of
glyph index.
(tt_cmap8_char_next): Avoid integer overflows in computation of
both next character code and glyph index.
(tt_cmap10_char_index): Fix unsigned integer logic.
(tt_cmap10_char_next): Avoid integer overflow in computation of
next character code.
(tt_cmap12_next): Avoid integer overflows in computation of both
next character code and glyph index.
(tt_cmap12_char_map_binary): Ditto.
(tt_cmap12_char_next): Simplify.
(tt_cmap13_char_map_binary): Avoid integer overflow in computation
of next character code.
(tt_cmap13_char_next): Simplify.
* src/base/ftbase.h (FT_MAC_RFORK_MAX_LEN): Maximum length
of the resource fork for Mac OS. The resource fork larger
than 16 MB can be written but could not be handled
correctly, at least in Carbon routine.
See https://support.microsoft.com/en-us/kb/130437
* src/base/ftobjs.c (Mac_Read_POST_Resource): No need `0x'
for `%p' formatter.
* src/base/ftbase.c (Mac_Read_POST_Resource): Check the
fragment and total size of the concatenated POST resource
before buffer allocation.
(Mac_Read_sfnt_Resource): Check the declared size of
sfnt resource before buffer allocation.
* src/base/ftmac.c (read_lwfn, FT_New_Face_From_SFNT):
Check the total resource size before buffer allocation.
This patch fixes weaknesses in function `tt_face_load_font_dir'.
- It incorrectly assumed that valid tables are always at the
beginning. As a consequence, some valid tables after invalid
entries (which are ignored) were never seen.
- Duplicate table entries (this is, having the same tag) were not
rejected.
- The number of valid tables was sometimes too large, leading to
access of invalid tables.
* src/sfnt/ttload.c (check_table_dir): Add argument to return number
of valid tables.
Add another tracing message.
(tt_face_load_font_dir): Only allocate table array for valid
entries as returned by `check_table_dir'.
Reject duplicate tables and adjust number of valid tables
accordingly.
* src/pcf/pcfread.c (pcf_load_font): Take absolute values for
AVERAGE_WIDTH, POINT_SIZE, PIXEL_SIZE, RESOLUTION_X, and
RESOLUTION_Y. In tracing mode, add warnings.
* src/gzip/ftgzip.c (ft_gzip_stream_close): Avoid memory leak.
(ft_gzip_get_uncompressed_file): Correct byte order while reading
unsigned long value. Without this change, the whole optimization of
accessing small files in `FT_Stream_OpenGzip' is never executed! As
a consequence, access to PCF files in general (which are normally
small files) should be much improved now as originally intended.
* src/psaux/psobjs.c (ps_parser_skip_PS_token): If a token is
enclosed in balanced expressions, ensure that the cursor position
doesn't get larger than the current limit.
This commit adds two fallback scripts (`latb', `latp') and
implements support for the no-base character ranges introduced in
the previous commit.
* src/autofit/aftypes.h (AF_ScriptClassRec): Add
`script_uni_nobase_ranges' field.
(AF_DEFINE_SCRIPT_CLASS): Updated.
* src/autofit/afscript.h, src/autofit/afstyles.h: Add `latb' and
`latp' fallback scripts.
* src/autofit/afblue.dat: Add blue zones for Latin subscript and
superscript fallback scripts.
* src/autofit/afblue.c, src/autofit/afblue.h: Regenerated.
* src/autofit/afglobal.h (AF_NOBASE): New style flag for no-base
characters.
(AF_STYLE_MASK): Updated.
* src/autofit/afglobal.c (SCRIPT): Updated.
(af_face_globals_compute_style_coverage): Handle new style flag.
* src/autofit/aflatin.c (af_latin_hints_apply): Handle new style
flag.
* src/autofit/afranges.h (SCRIPT): Use it to export no-base ranges.
This patch introduces auxiliary code ranges that identify no-base
characters; they refer to glyphs of a script that should be hinted
without alignments to blue zones (mostly diacritics).
It also splits off ranges for fallback scripts that handle subscript
and superscript characters not covered by OpenType features. For
example, this greatly helps improve the hinting of various phonetic
alphabets, which contain a large amount characters that look like
superscript glyphs.
Finally, code ranges are updated to Unicode 8.0, and enclosed
characters are removed in general since they normally look better if
they stay unhinted.
* src/autofit/afranges.c (af_latn_uniranges): Updated to Unicode
8.0.
Split off superscript-like and subscript-like glyphs into...
(af_latb_uniranges, af_latp_uniranges): ... these two new arrays.
(af_xxxx_nobase_uniranges): New arrays that hold no-base characters
of the corresponding character ranges.
* src/autofit/afglobal.h (AF_STYLE_MASK): New macro.
(AF_STYLE_UNASSIGNED): Use AF_STYLE_MASK for definition.
* src/autofit/afglobal.c (af_face_globals_compute_style_coverage):
Updated.
* include/freetype/ftautoh.h (FT_Prop_GlyphToScriptMap): Use
`FT_UShort' for `map' field.
* src/autofit/afglobal.c (af_face_globals_compute_style_coverage,
af_face_globals_new), src/autofit/hbshim.c, src/autofit/hbshim.h
(af_get_coverage): Use FT_UShort for `glyph_styles' array.
* src/autofit/afglobal.h (AF_STYLE_UNASSIGNED, AF_DIGIT): Extend to
16 bits.
(AF_FaceGlobalsRec): Use `FT_UShort' for `glyph_styles' field.
For functions querying a face, bits 16-30 of the face index can hold
the named instance index if we have a GX font. The indices start
with value 1; value 0 indicates font access without GX variation
data.
* include/freetype/freetype.h (FT_FaceRec): Update documentation.
* include/freetype/internal/sfnt.h: Ditto.
* src/sfnt/sfobjs.c (sfnt_init_face)
[TT_CONFIG_OPTION_GX_VAR_SUPPORT]: Get number of named instances and
do argument checks.
(sfnt_load_face): Updated.
* src/truetype/ttobjs.c (tt_face_init)
[TT_CONFIG_OPTION_GX_VAR_SUPPORT]: Use named instance, overwriting
the style name.
* src/base/ftobjs.c (open_face_from_buffer,
open_face_PS_from_sfnt_stream): Updated.
* src/bdf/bdfdrivr.c (BDF_Face_Init): Updated.
* src/cff/cffload.c (cff_font_load): Updated.
* src/cff/cffobjs.c (cff_face_init): Make function exit early for
pure CFF fonts if `font_index < 0'.
Updated.
* src/cid/cidobjs.c (cid_face_init): Updated.
* src/pcf/pcfdrivr.c (PCF_Face_Init): Updated.
* src/pfr/pfrobjs.c (pfr_face_init): Updated.
* src/type1/t1objs.c (T1_Face_Init): Updated.
* src/type42/t42objs.c (T42_Face_Init): Updated.
* src/winfonts/winfnt.c (fnt_face_get_dll_font, FNT_Face_Init):
Updated.
* docs/CHANGES: Updated.
* src/type1/t1gload.c (T1_Load_Glyph): Directly modify advances only
if font matrix is not trivial.
* src/cff/cffgload.c (cff_slot_load): Ditto.
* sff/cid/cidgload.c (cid_slot_load_glyph): Ditto for advances and the
entire outline.
* src/type1/t1load.c (t1_parse_font_matrix): Scale units per EM only
when necessary. Refresh comments.
* src/cid/cidload.c (cid_parse_font_matrix): Ditto.
* src/type42/t42parse.c (t42_parse_font_matrix): Refresh comments.
This is a severe bug: We've missed one level of indirection, as
described in the Type 42 specification. As a result, ftview
sometimes showed incorrect glyphs for given glyph names, and even
displayed `error 0x0006' (invalid argument!) in case the number of
glyph indices differed between the Type 42 font and the embedded
TTF.
Apparently, noone ever noticed it; this shows how much Type 42 fonts
are in use...
* src/type42/t42objs.c (T42_GlyphSlot_Load): Map Type 42 glyph index
to embedded TTF's glyph index.
Problem reported by Titus Nemeth <tn@tntypography.eu> (by using
ttfautohint).
* src/autofit/afblue.dat: Add neutral blue zone for the tatweel
character.
* src/autofit/afblue.c, src/autofit/afblue.h: Regenerated.