Problem reported by Marek Kašík <mkasik@redhat.com>.
The problematic font that exceeds the old limit is Padauk-Bold,
version 3.002, containing bytecode generated by a buggy version of
ttfautohint.
This commit handles the new engine.
* include/freetype/internal/ftcalc.h (OVERFLOW_ADD_INT32,
OVERFLOW_SUB_INT32, OVERFLOW_MUL_INT32, NEG_INT, NEG_LONG,
NEG_INT32): New macros.
* src/cff/cf2ft.c (cf2_getScaleAndHintFlag): Use OVERFLOW_ADD_INT32.
* src/cff/cf2hints.c (cf2_getWindingMomentum, cf2_hint_init,
cf2_hintmap_map, cf2_glyphpath_hintPoint,
cf2_glyphpath_computeIntersection, cf2_glyphpath_computeOffset,
cf2_glyphpath_lineTo, cf2_glyphpath_curveTo): Use
OVERFLOW_ADD_INT32, OVERFLOW_SUB_INT32, OVERFLOW_MUL_INT32, and
NEG_INT32 where appropriate.
* src/cff/cf2intrp.c (cf2_doFlex, cf2_doBlend,
cf2_interpT2CharString): Ditto.
Also add some other code where needed to avoid overflow.
This commit handles the old engine.
* src/cff/cffgload.c: Include FT_INTERNAL_CALC_H.
(cff_decoder_parse_charstrings): Use OVERFLOW_ADD_LONG and
OVERFLOW_SUB_LONG where needed.
* src/cff/cffparse.c: Include FT_INTERNAL_CALC_H.
(power_ten_limits): New static array.
(do_fixed): Use it to prevent multiplication overflow.
(cff_parser_run): Use OVERFLOW_ADD_LONG.
* src/pcf/pcfread.c (pcf_get_accel): Add sanity checks for
`fontAscent' and `fontDescent'.
(pcf_load_font): Add sanity checks for global height.
Add sanity checks for AVERAGE_WIDTH, POINT_SIZE, PIXEL_SIZE,
RESOLUTION_X, and RESOLUTION_Y properties.
This commit (mainly for 32bit CPUs) is the first of a series of
similar commits to handle known integer overflows. Basically, all
of them are harmless, since they affect rendering of glyphs only,
not posing security threats. It is expected that fuzzying will show
up more overflows, to be fixed in due course.
The idea is to mark places where overflows can occur, using macros
that simply cast to unsigned integers, because overflow arithmetic
is well defined in this case. Doing so suppresses run-time errors
of sanitizers without adding computational overhead.
* include/freetype/internal/ftcalc.h (OVERFLOW_ADD_INT,
OVERFLOW_SUB_INT, OVERFLOW_MUL_INT, OVERFLOW_ADD_LONG,
OVERFLOW_SUB_LONG, OVERFLOW_MUL_LONG): New macros.
* src/base/ftcalc.c (FT_RoundFix, FT_CeilFix, FT_Matrix_Multiply,
FT_Matrix_Multiply_Scaled, FT_Vector_Transform_Scaled,
ft_corner_orientation): Use new macros.
* src/base/ftoutln.c (FT_Outline_Get_Orientation): Use new macros.
The new name better describes what the macro actually does;
additionally, we don't need a trailing `f' for literals (there was
only a single such instance in the code, but this caused a clang
warning because the macro itself uses `double' literals).
* src/cff/cf2blues.c, src/cff/cf2blues.h, src/cff/cf2fixed.h,
src/cff/cf2font.c, src/cff/cf2hints.c: Updated.
* src/base/ftcalc.c (FT_MOVE_SIGN): Add argument to pass unsigned
value, to be used as the result.
(FT_MulDiv, FT_MulDiv_No_Round, FT_DivFix, FT_MulFix,
FT_Vector_NormLen): Updated.
* src/truetype/ttgxvar.c (tt_set_mm_blend): Compute all design
coordinates if we have to create the `blends->coord' array.
(TT_Get_MM_Blend, TT_Get_Var_Design): Select default instance
coordinates if no instance is selected yet.
Extra bitmap padding for LCD filtering depends on the filter. The
default 5-tap filter needs 2 extra subpixels. The light 3-tap filter
needs only 1 extra subpixel. This space could be already available
due to rounding. In order to optimize the padding, we now expand
CBox for the given filter weights before rounding.
This change breakes current Skia (and Firefox).
* include/freetype/internal/ftobjs.h (FT_LibraryRec)
[FT_CONFIG_OPTION_SUBPIXEL_RENDERING]: Remove `lcd_extra' field.
* src/base/ftlcdfil.c (FT_Library_SetLcdFilterWeights,
FT_Library_SetLcdFilter): Remove `lcd_extra' initializations.
* src/smooth/ftsmooth.c (ft_smooth_render_generic): Implement dymanic
LCD padding.
Problem reported by Hin-Tak Leung <htl10@users.sourceforge.net>.
* src/truetype/ttgload.c (TT_Load_Glyph)
[TT_CONFIG_OPTION_EMBEDDED_BITMAPS]: Handle error if font is not
scalable.
This moves warping option from LIGHT to NORMAL mode. This makes LIGHT
truly void of hinting in x-direction, with left side bearing never
changed and right side bearing only altered by advance rounding.
Therefore, LIGHT is now ready to return fractional advance. As a
NORMAL option, warping substitutes normal hinting.
* src/autofit/afcjk.c (af_cjk_hints_apply): Updated.
* src/autofit/aflatin.c (af_latin_hints_apply): Updated.
* src/autofit/aflatin2.c (af_latin2_hints_apply): Updated.
* src/autofit/afloader.c (af_loader_load_glyph): Handle warping
phantom points as normal.
=======================
Tag sources with `VER-2-8'.
* docs/VERSION.TXT: Add entry for version 2.8.
* docs/CHANGES: Updated.
* README, Jamfile (RefDoc), builds/windows/vc2005/freetype.vcproj,
builds/windows/vc2005/index.html,
builds/windows/vc2008/freetype.vcproj,
builds/windows/vc2008/index.html,
builds/windows/vc2010/freetype.vcxproj,
builds/windows/vc2010/index.html,
builds/windows/visualc/freetype.dsp,
builds/windows/visualc/freetype.vcproj,
builds/windows/visualc/index.html,
builds/windows/visualce/freetype.dsp,
builds/windows/visualce/freetype.vcproj,
builds/windows/visualce/index.html,
builds/wince/vc2005-ce/freetype.vcproj,
builds/wince/vc2005-ce/index.html,
builds/wince/vc2008-ce/freetype.vcproj,
builds/wince/vc2008-ce/index.html: s/2.7.1/2.8/, s/271/28/.
* include/freetype/freetype.h (FREETYPE_MINOR): Set to 8.
(FREETYPE_PATCH): Set to 0.
* builds/unix/configure.raw (version_info): Set to 20:0:14.
* CMakeLists.txt (VERSION_MINOR): Set to 8.
(VERSION_PATCH): Set to 0.
* src/autofit/afblue.dat: Add blue zone data for Chakma.
* src/autofit/afblue.c, src/autofit/afblue.h: Regenerated.
* src/autofit/afscript.h: Add Chakma standard character.
* src/autofit/afranges.c, src/autofit/afstyles.h: Add Chakma data.
* src/autofit/afblue.dat: Add blue zone data for Kayah Li.
* src/autofit/afblue.c, src/autofit/afblue.h: Regenerated.
* src/autofit/afscript.h: Add Kayah Li standard character.
* src/autofit/afranges.c, src/autofit/afstyles.h: Add Kayah Li data.
* src/autofit/afblue.dat: Add blue zone data for Bamum.
* src/autofit/afblue.c, src/autofit/afblue.h: Regenerated.
* src/autofit/afscript.h: Add Bamum standard character.
* src/autofit/afranges.c, src/autofit/afstyles.h: Add Bamum data.
* src/autofit/afblue.dat: Add blue zone data for Saurashtra.
* src/autofit/afblue.c, src/autofit/afblue.h: Regenerated.
* src/autofit/afscript.h: Add Saurashtra standard character.
* src/autofit/afranges.c, src/autofit/afstyles.h: Add Saurashtra
data.
* src/autofit/afblue.dat: Add blue zone data for Buhid.
* src/autofit/afblue.c, src/autofit/afblue.h: Regenerated.
* src/autofit/afscript.h: Add Buhid standard character.
* src/autofit/afranges.c, src/autofit/afstyles.h: Add Buhid data.
* src/autofit/afblue.dat: Add blue zone data for Shavian.
* src/autofit/afblue.c, src/autofit/afblue.h: Regenerated.
* src/autofit/afscript.h: Add Shavian standard character.
* src/autofit/afranges.c, src/autofit/afstyles.h: Add Shavian data.
* src/autofit/afblue.dat: Add blue zone data for Vai.
* src/autofit/afblue.c, src/autofit/afblue.h: Regenerated.
* src/autofit/afscript.h: Add Vai standard character.
* src/autofit/afranges.c, src/autofit/afstyles.h: Add Vai data.
* src/autofit/afblue.dat: Add blue zone data for Osmanya.
* src/autofit/afblue.c, src/autofit/afblue.h: Regenerated.
* src/autofit/afscript.h: Add Osmanya standard character.
* src/autofit/afranges.c, src/autofit/afstyles.h: Add Osmanya data.
* src/autofit/afblue.dat: Add blue zone data for Coptic.
* src/autofit/afblue.c, src/autofit/afblue.h: Regenerated.
* src/autofit/afscript.h: Add Coptic standard character.
* src/autofit/afranges.c, src/autofit/afstyles.h: Add Coptic data.
* src/autofit/afblue.dat: Add blue zone data for Carian.
* src/autofit/afblue.c, src/autofit/afblue.h: Regenerated.
* src/autofit/afscript.h: Add Carian standard character.
* src/autofit/afranges.c, src/autofit/afstyles.h: Add Carian data.
* src/autofit/afblue.dat: Add blue zone data for Unified Canadian
Syllabics.
* src/autofit/afblue.c, src/autofit/afblue.h: Regenerated.
* src/autofit/afscript.h: Add Unified Canadian Syllabics standard
character.
* src/autofit/afranges.c, src/autofit/afstyles.h: Add Unified
Canadian Syllabics data.
This essentially moves the Sundanese script from the `Indic' hinter
to the `Latin' hinter.
* src/autofit/afblue.dat: Add blue zone data for Sundanese.
* src/autofit/afblue.c, src/autofit/afblue.h: Regenerated.
* src/autofit/afscript.h: Add Sundanese standard character and move
data out of AF_CONFIG_OPTION_INDIC block.
* src/autofit/afranges.c: Move Sundanese data out of
AF_CONFIG_OPTION_INDIC block.
* src/autofit/afstyles.h: Update Sundanese data; in particular, use
AF_WRITING_SYSTEM_LATIN.
* src/autofit/afblue.dat: Add blue zone data for Avestan.
* src/autofit/afblue.c, src/autofit/afblue.h: Regenerated.
* src/autofit/afscript.h: Add Avestan standard character.
* src/autofit/afranges.c, src/autofit/afstyles.h: Add Avestan data.
When points are not touched by gvar interpolation deltas, FreeType
gave a slightly different result than Apple's CoreText.
The OpenType working group will update the specification to document
the following behaviour: If the two points with deltas to the `left'
and `right' of the untouched point have the same coordinate, then
the inferred delta for the untouched point should be zero.
* src/truetype/ttgxvar.c (tt_delta_interpolate): Implement new
behaviour.
Problem reported by Markus Trippelsdorf <markus@trippelsdorf.de> and
Nikolaus Waxweiler <madigens@gmail.com>.
* src/base/ftobjs.c (FT_Request_Size): Trigger recomputation of
auto-hinter metrics. Without this change, multiple size changing
calls for a single face fail.
* include/freetype/config/ftoption.h
(AF_CONFIG_OPTION_TT_SIZE_METRICS): New option, commented out by
default.
* src/autofit/afloader.c (af_loader_load_glyph): Use
AF_CONFIG_OPTION_TT_SIZE_METRICS to guard the corresponding code.
* src/truetype/ttobs.h (TT_SizeRec): Add field `hinted_metrics' to
hold hinted metrics.
Make `metrics' a pointer so that `tt_glyph_load' can easily switch
between metrics.
* src/truetype/ttdriver.c (tt_size_request): Updated.
(tt_glyph_load): Use top-level metrics if FT_LOAD_NO_HINTING is
used.
* src/truetype/ttgload.c (TT_Hint_Glyph, TT_Process_Simple_Glyph,
TT_Process_Composite_Component, load_truetype_glyph,
compute_glyph_metrics, TT_Load_Glyph): Updated.
* src/truetype/ttinterp.c (TT_Load_Context): Updated.
* src/truetype/ttobjs.c (tt_size_reset): Updated.
* src/truetype/ttsubpix.c (sph_set_tweaks): Updated.
This mode uses fractional advance widths and doesn't scale glyphs
horizontally, only applying vertical scaling and hinting.
At the same time, the behaviour of the `light' auto-hinter gets
restored for backwards compatibility: Both vertical and horizontal
scaling is again based on rounded metrics values (this was changed
in a commit from 2017-03-30 as a side effect). To be more precise,
the behaviour is restored for TrueType fonts only; for other font
formats like Type 1, this is a new feature of the `light' hinting
mode.
* include/freetype/freetype.h (FT_LOAD_TARGET_SLIGHT): New macro.
(FT_RENDER_MODE_SLIGHT): New render mode.
* include/freetype/internal/ftobjs.h (FT_Size_InternalRec): Add
`autohint_mode' and `autohint_metrics' fields.
* src/autofit/afcjk.c (af_cjk_hints_init), src/autofit/aflatin.c
(af_latin_hints_init), src/autofit/aflatin2 (af_latin2_hints_init):
Updated.
* src/autofit/afloader.c (af_loader_embolden_glyph_in_slot): Use
`autohint_metrics'.
(af_loader_load_glyph): s/internal/slot_internal/.
Initialize `autohint_metrics' and `autohint_mode' depending on
current auto-hint mode.
Use `autohint_metrics'.
Updated.
* src/base/ftadvanc.c (LOAD_ADVANCE_FAST_CHECK): Updated.
* src/base/ftobjs.c (FT_Load_Glyph): Updated.
(FT_New_Size): Allocate `internal' object.
* src/pshinter/pshalgo.c (ps_hints_apply): Updated.
* src/smooth/ftsmooth.c (ft_smooth_render): Updated.
We are going to extend this later on.
* include/freetype/internal/ftobjs.h (FT_Size_InternalRec): New
structure with a single field `module_data'.
* src/base/ftobjs.c (FT_New_Size): Allocate `internal' field of
`FT_Size' structure.
* src/cff/cffgload.c (cff_builder_init, cff_decoder_prepare): Use
`size->internal->module_data' instead of `size->internal'.
* src/cff/cffobjs.c (cff_size_done): Deallocate `module_data'.
(cff_size_init, cff_size_select, cff_size_request): Use
`size->internal->module_data' instead of `size->internal'.
* src/cif/cidobjs.c (cid_size_done, cid_size_init,
cid_size_request): Use `size->internal->module_data' instead of
`size->internal'.
* src/psaux/psobjs.c (t1_builder_ini): Use
`size->internal->module_data' instead of `size->internal'.
* src/type1/t1objs.c (T1_Size_Done, T1_Size_Init, T1_Size_Request):
Use `size->internal->module_data' instead of `size->internal'.
* src/autofit/afblue.dat: Add blue zone data for Old Turkic.
* src/autofit/afblue.c, src/autofit/afblue.h: Regenerated.
* src/autofit/afscript.h: Add Old Turkic standard characters.
* src/autofit/afranges.c, src/autofit/afstyles.h: Add Old Turkic data.
* src/autofit/afblue.dat: Add blue zone data for Gothic.
* src/autofit/afblue.c, src/autofit/afblue.h: Regenerated.
* src/autofit/afscript.h: Add Gothic standard characters.
* src/autofit/afranges.c, src/autofit/afstyles.h: Add Gothic data.
* src/autofit/afblue.dat: Add blue zone data for Cypriot.
* src/autofit/afblue.c, src/autofit/afblue.h: Regenerated.
* src/autofit/afscript.h: Add Cypriot standard characters.
* src/autofit/afranges.c, src/autofit/afstyles.h: Add Cypriot data.
* src/autofit/afblue.dat: Add blue zone data for Deseret.
* src/autofit/afblue.c, src/autofit/afblue.h: Regenerated.
* src/autofit/afscript.h: Add Deseret standard characters.
* src/autofit/afranges.c, src/autofit/afstyles.h: Add Deseret data.
* src/autofit/afblue.dat: Add blue zone data for Lisu.
* src/autofit/afblue.c, src/autofit/afblue.h: Regenerated.
* src/autofit/afscript.h: Add Lisu standard characters.
* src/autofit/afranges.c, src/autofit/afstyles.h: Add Lisu data.
* src/autofit/afblue.dat: Add blue zone data for Osage.
* src/autofit/afblue.c, src/autofit/afblue.h: Regenerated.
* src/autofit/afscript.h: Add Osage standard characters.
* src/autofit/afranges.c, src/autofit/afstyles.h: Add Osage data.
* src/autofit/afblue.dat: Add blue zone data for Glagolitic.
* src/autofit/afblue.c, src/autofit/afblue.h: Regenerated.
* src/autofit/afscript.h: Add Glagolitic standard characters.
* src/autofit/afranges.c, src/autofit/afstyles.h: Add Glagolitic data.
* src/autofit/afblue.dat: Add blue zone data for Tai Viet.
* src/autofit/afblue.c, src/autofit/afblue.h: Regenerated.
* src/autofit/afscript.h: Add Tai Viet standard characters.
* src/autofit/afranges.c, src/autofit/afstyles.h: Add Tai Viet data.
* src/autofit/afblue.dat: Add blue zone data for Tifinagh.
* src/autofit/afblue.c, src/autofit/afblue.h: Regenerated.
* src/autofit/afscript.h: Add Tifinagh standard characters.
* src/autofit/afranges.c, src/autofit/afstyles.h: Add Tifinagh data.
* src/autofit/afblue.dat: Add blue zone data for N'Ko.
* src/autofit/afblue.c, src/autofit/afblue.h: Regenerated.
* src/autofit/afscript.h: Add N'Ko standard characters.
* src/autofit/afranges.c, src/autofit/afstyles.h: Add N'Ko data.
* src/autofit/afblue.dat: Add blue zone data for Adlam.
* src/autofit/afblue.c, src/autofit/afblue.h: Regenerated.
* src/autofit/afscript.h: Add Adlam standard characters.
* src/autofit/afranges.c, src/autofit/afstyles.h: Add Adlam data.
* src/autofit/afblue.dat: Add blue zone data for Ol Chiki.
* src/autofit/afblue.c, src/autofit/afblue.h: Regenerated.
* src/autofit/afscript.h: Add Ol Chiki standard character.
* src/autofit/afranges.c, src/autofit/afstyles.h: Add Ol Chiki data.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=981
* include/freetype/fterrdef.h (FT_Err_DEF_In_Glyf_Bytecode): New
error code.
* src/truetype/ttinterp.c (Ins_FDEF, Ins_IDEF): Prohibit execution
of these two opcodes in `glyf' bytecode.
(TT_RunIns): Don't enforce reexecution of `fpgm' and `prep' bytecode
in case of error since function tables can no longer be modified
(due to the changes in `Ins_FDEF' and `Ins_IDEF'). This change can
enormously speed up handling of broken fonts.
* src/truetype/ttdriver.c (tt_size_request): Revert change from
2011-07-16; the intended metrics fix seems now to be implemented in
a different way, making the patch unnecessary. Note that this
change was usually patched out by all major GNU/Linux distributions
due to heavy side effects.
* src/truetype/ttgload.c (compute_glyph_metrics, TT_Load_Glyph):
Refer to the metrics of the `TT_Size' object.
At least on FreeBSD there is a global declaration of `index' in file
`/usr/include/strings.h'.
* src/cff/cf2intrp.c, src/truetype/ttgload.c: s/index/idx/ where
appropriate.
* src/sfnt/ttkern.c (tt_face_load_kern): Don't check for
cross-stream kerning tables since we reject format 2 tables later
on anyways.
Modify code for limit test...
(tt_face_get_kerning): ... to avoid a limit test here.
Reported by Alexander Hedges <ahedges@student.ethz.ch>.
* src/pcf/pcfdrivr.c (pcf_property_set, pcf_property_get): Tag
`property_name' with `FT_UNUSED' where necessary.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=935
* src/psaux/t1decode.c (t1_decoder_parse_charstrings)
<callothersubr>: Since there is not a single flex operator but a
series of subroutine calls, malformed fonts can call arbitrary other
operators after the start of a flex, possibly adding points. For
this reason we have to check the available number of points before
inserting a point.
* src/base/ftmm.c (FT_Set_Var_Design_Coordinates,
FT_Set_MM_Blend_Coordinates, FT_Set_Var_Blend_Coordinates): Ignore
return value of `ft_face_get_mvar_service'; instead, check whether a
service is actually returned.
Too much local variables holding different structures were called
`metrics'.
* src/truetype/ttdriver.c (tt_size_select): s/metrics/size_metrics/.
* src/truetype/ttgload.c (tt_get_metrics_incr_overrids,
compute_glyph_metrics): s/metrics/incr_metrics/.
(load_sbit_image): s/metrics/sbit_metrics/.
* src/truetype/ttobjs.c (tt_size_run_fpgm): s/metrics/size_metrics/.
(tt_size_init_bytecode): s/metrics/tt_metrics/.
(tt_size_reset): s/metrics/size_metrics/.
We have to make a separate case for Windows 64's LLP64 data model.
* builds/unix/ftconfig.in, builds/vms/ftconfig.h,
include/freetype/config/ftconfig.h (FT_UINT_TO_POINTER): New macro.
* src/truetype/ttgload.c (load_truetype_glyph): Use it.
* src/autofit/afcjk.c, src/autofit/afindic.c: Include `afcjk.h'
earlier.
* src/sfnt/sfobjs.c (sfnt_init_face): Put `memory' variable into
TT_CONFIG_OPTION_GX_VAR_SUPPORT block.
(sfnt_done_face): Protect some code with
TT_CONFIG_OPTION_GX_VAR_SUPPORT.
* src/sfnt/ttsbit.c (tt_face_load_sbix_image): Remove compiler
warning.
* src/truetype/ttgload.c (TT_Load_Simple_Glyph): Put `tmp' variable
into TT_USE_BYTECODE_INTERPRETER block.
(tt_loader_init): Put `error' variable into
TT_USE_BYTECODE_INTERPRETER block.
* src/base/ftsnames.c: Include FT_INTERNAL_DEBUG_H.
* src/cff/cffobjs.c [TT_CONFIG_OPTION_GX_VAR_SUPPORT]: Include
FT_MULTIPLE_MASTERS_H and FT_SERVICE_MULTIPLE_MASTERS_H.
* src/sfnt/sfdriver.c [TT_CONFIG_OPTION_GX_VAR_SUPPORT]: Include
FT_MULTIPLE_MASTERS_H and FT_SERVICE_MULTIPLE_MASTERS_H.
(get_win_string, get_apple_string): Initialize `result'.
* src/cff/cffload.c (cff_blend_build_vector): Explicitly build blend
vector when `lenNDV' is zero; don't rely on zero-init.
Save `lenNDV' as part of cache key even when `lenNDV' is zero.
This is inspired by the discussion in and analysis of
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=859
* src/tools/ftfuzzer/ftfuzzer.cc (LLVMFuzzerTestOneInput): Use only
up to 20 face indices.
Use only up to 20 instance indices.
Everything is guarded with TT_CONFIG_OPTION_GX_VAR_SUPPORT.
* include/freetype/internal/tttypes.h (TT_FaceRec): New fields
`var_postscript_prefix' and `var_postscript_prefix_len'.
* src/sfnt/sfdriver.c: Include FT_TRUETYPE_IDS_H.
(sfnt_is_alphanumeric): New wrapperfunction for `ft_isalnum'.
(get_win_string, get_apple_string): Remove `const' from return
value.
(MAX_VALUE_DESCRIPTOR_LEN, MAX_PS_NAME_LEN): New macros.
(hexdigits): New array.
(sfnt_get_var_ps_name): New function, implementing Adobe TechNote
5902 to construct a PS name for a variation font instance.
(sfnt_get_ps_name): Call `sfnt_get_var_ps_name' for font instances.
* src/sfnt/sfobjs.c (sfnt_done_face): Updated.
* src/truetype/ttgxvar.c (tt_set_mm_blend): Reset
`face->postscript_name' to trigger recalculation for new instance
parameters.
Add 128bit MurmurHash 3 function.
Everything is guarded with TT_CONFIG_OPTION_GX_VAR_SUPPORT.
* src/sfnt/sfdriver.c (ROTL32): New macro.
(fmix32, murmur_hash_3_128): New functions.
* include/freetype/internal/services/svmm.h (FT_Get_Var_Blend_Func):
Add `normalizedcoords' argument.
* src/truetype/ttgxvar.h (GX_BlendRec): Add `coords' field to store
the design coordinates of the current instance.
Updated.
* src/truetype/ttgxvar.c (TT_Set_MM_Blend): Move functionality to...
(tt_set_mm_blend): ... New function.
Convert data in `normalizedcoords' array to `coords' array on
demand.
(TT_Set_Var_Design): Store argument data in `coords' array.
(TT_Get_Var_Design): Get data from `coords' array.
(tt_get_var_blend): Updated.
(tt_done_blend): Updated.
* src/cff/cffload.c, src/cff/cffload.h (cff_get_var_blend): Updated.
* src/cff/cf2ft.c (cf2_getNormalizedVector): Updated.
* src/cff/cffobjs.c (cff_face_init): Updated.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=759
* src/sfnt/sfobjs.c (sfnt_init_face): While setting number of
instances to zero for `CFF' fonts table, ensure that there is no
`CFF2' present also (which gets priority).
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=738
* src/sfnt/sfobjs.c (sfnt_init_face): While setting number of
instances to zero for `CFF' fonts table, ensure that there is no `glyf'
present also (which gets priority).
As documented in the OpenType specification, an entry for the
default instance may be omitted in the named instance table. In
particular this means that even if there is no named instance table
in the font we actually do have a named instance, namely the default
instance.
For consistency, we always want the default instance in our list of
named instances. If it is missing, we try to synthesize it.
* src/sfnt/sfobjs.c (sfnt_init_face): Check whether the default
instance is in the table of named instances. Otherwise adjust
number of instances.
* src/truetype/ttgxvar.c: Include FT_TRUETYPE_IDS_H.
(TT_Get_MM_Var): Use `face->root.style_flags' as the number of named
instances.
Sythesize a named instance entry if necessary.
(tt_done_blend): Free `normalized_stylecoords'.
* src/sfnt/sfdriver.c (sfnt_ps_map): New array.
(sfnt_is_postscript): New function.
(char_type_func): New typedef.
(get_win_string, get_apple_string): Add argument to specify
character checking function.
Add argument whether argument checking failures should be reported.
Update callers.
(search_name_id): Fix return value.
* src/sfnt/sfdriver.c (sfnt_get_ps_name): Split off some
functionality into...
(IS_WIN, IS_APPLE): ... New macros.
(get_win_string, get_apple_string): ... New functions.
We need this for support of the `random' operator.
* include/freetype/ftcffdrv.h (FT_PARAM_TAG_RANDOM_SEED): New macro.
* include/freetype/internal/ftobjs.h (FT_Face_InternalRec): New
field `random_seed'.
* src/cff/cffobjs.h (CFF_DriverRec): New field `random_seed'.
This commit provides the framework, to be filled with something
useful in the next commits.
* include/freetype/freetype.h (FT_Face_Properties): Declare.
* src/base/ftobjs.c (FT_Face_Properties): New function.
Problem reported as
https://github.com/google/fonts/issues/632
The font in question (Nunito) has values 705 and 713 for the
reference and overshoot values, respectively, of the first blue
zone. Blue zone 2, however, has value 710 for both the reference
and overshoot. At 12ppem, reference and overshoot of blue zone 0
becomes 8px, while blue zone 2 becomes 9px.
A peculiarity of this font is that the tops of isolated vertical
stems like `N' have a slight overshoot also. The auto-hinter tries
to find the nearest blue zone using the *original* coordinates. For
vertical stems, this is value 713. For normal horizontal tops like
in character `E', this is value 710. Since value 713 is mapped to
8px but value 710 to 9px, `N' and similar characters are one pixel
higher than `E', which looks very bad.
This commit sanitizes blue zones to avoid such a behaviour.
* src/autofit/aflatin.c (af_latin_sort_blue): New function.
(af_latin_metrics_init_blues): Sort blue values and remove overlaps.
* src/truetype/ttgxvar.h (GX_HVarTable): Renamed to...
(GX_HVVarTable): ...This.
(GX_Blend): Add fields for `VVAR' table handling.
Other minor updates.
* src/truetype/ttgxvar.c (ft_var_load_hvar): Renamed to...
(ft_var_load_hvvar): ...This.
Handle VVAR loading also (controlled by an additional parameter).
(tt_hadvance_adjust): Renamed to...
(tt_hvadvance_adjust): ...This.
Handle application of advance height also (controlled by an
additional parameter).
(tt_hadvance_adjust, tt_vadvance_adjust): Wrappers for
`tt_hvadvance_adjust'.
* src/truetype/ttdriver.c (tt_service_metrics_variations): Updated.
The number of lowercase characters for computing the top flat blue
zone value was too small (in most cases only `x' and `z'). If one
of the two characters has a large serif, say, it can happen that
FreeType must select between two different values, having a 50%
chance to use the wrong one. As a result, rendering at larger PPEM
values could yield uneven lowercase glyph heights.
Problem reported by Christoph Koeberlin <christoph@koe.berlin>.
* src/autofit/afblue.dat (AF_BLUE_STRING_LATIN_SMALL): Replaced
with...
(AF_BLUE_STRING_LATIN_SMALL_TOP, AF_BLUE_STRING_LATIN_SMALL_BOTTOM):
... New, extended sets.
(AF_BLUE_STRINGSET_LATN): Updated.
* src/autofit/afblue.c, scr/autofit/afblue.h: Regenerated.
Only now I've got an OTF with an HVAR table for testing...
The code in `ftmm.c' uses `FT_FACE_LOOKUP_SERVICE' to get the
metrics variations interface. However, this didn't work with
`FT_FACE_FIND_GLOBAL_SERVICE' used in `sfnt_init_face'.
* src/cff/cffdrivr.c: Include FT_SERVICE_METRICS_VARIATIONS_H.
(cff_hadvance_adjust, cff_metrics_adjust): Wrapper functions for
metric service functions from the `truetype' module.
(cff_service_metrics_variations): New service.
(cff_services): Updated.
* src/cff/cffpic.h (CFF_SERVICE_METRICS_VAR_GET): New macro.
[FT_CONFIG_OPTION_PIC]: Synchronize code.
* src/sfnt/sfobjs.c (sfnt_init_face): Replace call to
FT_FACE_FIND_GLOBAL_SERVICE with `ft_module_get_service' to always
load the service from the `truetype' module.
* include/freetype/internal/tttypes.h (TT_LangTagRec): New
structure.
(TT_NameTableRec): Add fields `numLangTagRecords' and `langTags'.
* src/sfnt/ttload.c (tt_face_load_name): Add support for language
tags.
Reduce array size of name strings in case of invalid entries.
(tt_face_free_name): Updated.
* docs/CHANGES: Updated.
* src/truetype/ttgxvar.h (GX_MVarTable): `axisCount' has been
removed frem the specification; it is now reserved.
* src/truetype/ttgxvar.c (ft_var_load_mvar): Updated.
(GX_FVar_Head): Remove `countSizePairs'; the corresponding data
field in the `MVAR' table is now reserved.
(fvar_fields): Updated.
* src/base/ftmm.c: Include FT_SERVICE_METRICS_VARIATIONS_H.
(ft_face_get_mvar_service): New auxiliary function to look up
metrics variation service.
(FT_Set_Var_Design_Coordinates, FT_Set_MM_Blend_Coordinates,
FT_Set_Var_Blend_Coordinates): Call metrics variation service.
* src/truetype/ttobjs.c (tt_face_init): Use metrics variations for
named instances.
* src/truetype/ttgxvar.h (MVAR_TAG_XXX): New macros for MVAR tags.
(GX_Value, GX_MVarTable): New structures.
(GX_Blend): Add it.
* src/truetype/ttgxvar.c (GX_VALUE_SIZE, GX_VALUE_CASE,
GX_GASP_CASE): New macros.
(ft_var_get_value_pointer): New auxiliary function to get a pointer
to a value from various SFNT tables already stored in `TT_Face'.
(ft_var_load_mvar): New function.
(TT_Get_MM_Var): Call it.
(tt_done_blend): Updated.
* src/truetype/ttobjs.c (tt_size_reset): Add argument to make
function only recompute ascender, descender, and height.
* src/truetype/ttobjs.h: Updated.
* src/truetype/ttdriver.c (tt_size_select, tt_size_request):
Updated.
The change from 2016-09-29 was too radical (except for people using
the openSuSE GNU/Linux distribution). To ameliorate the situation,
PCF_CONFIG_OPTION_LONG_FAMILY_NAMES gets introduced which controls
the feature; if set, a new PCF property option
`no-long-family-names' can be used to switch this feature off.
* include/freetype/config/ftoption.h, devel/ftoption.h
(PCF_CONFIG_OPTION_LONG_FAMILY_NAMES): New option.
* include/freetype/ftpcfdrv.h: New header file (only containing
comments currently, used for building the documentation).
* include/freetype/config/ftheader.h (FT_PCF_DRIVER_H): New macro.
* src/pcf/pcf.h (PCF_Driver): Add `no_long_family_names' field.
* src/pcf/pcfdrivr.c: Include FT_SERVICE_PROPERTIES_H and
FT_PCF_DRIVER_H.
(pcf_property_set, pcf_property_get): New functions.
(pcf_service_properties): New service.
(pcf_servives): Updated.
(pcf_driver_init) [PCF_CONFIG_OPTION_LONG_FAMILY_NAMES]: Handle
`no_long_family_names'.
* src/pcf/pcfread.c (pcf_load_font): Handle `no_long_family_names'
and PCF_CONFIG_OPTION_LONG_FAMILY_NAMES.
* docs/CHANGES: Updated.
To be filled later on with something useful.
* src/pcf/pcf.h (PCF_Driver): New structure.
* src/pcf/pcfdrivr.c (pcf_driver_init, pcf_driver_done): New dummy
functions.
(pcf_driver_class): Updated.
We need this later on for MVAR also.
* src/truetype/ttgxvar.c (tt_hadvance_adjust): Split off computing
an item store variation delta into...
(ft_var_get_item_delta): ...new function.
* include/freetype/internal/tttypes.h (TT_FACE_FLAG_VAR_XXX):
Remove all flags related to MVAR; replace it with...
(TT_FACE_FLAG_VAR_MVAR): ...this new macro.
(TT_Face): Remove `mvar_support' field (which was still unused).
We need this later on for MVAR also.
* src/truetype/ttgxvar.c (tt_done_blend): Split off handling of item
variation store into...
(ft_var_done_item_variation_store): ...new function.
We need this later on for MVAR also.
* src/truetype/ttgxvar.c (ft_var_load_delta_set_index_mapping): Add
parameters for delta-set index mapping and item variation store.
(ft_var_load_item_variation_store): Add parameter for item variation
store.
s/hvarData/varData/.
Move allocation of `hvar_table' to...
(ft_var_load_hvar): ...this function.
Updated.
* src/truetype/ttgxvar.c (): Split off loading of item variation
store and delta set index mapping into...
(ft_var_load_item_variation_store,
ft_var_load_delta_set_index_mapping): ... new functions.
* src/truetype/ttgxvar.c (ft_var_load_hvar): Handle case where
`offsetToAdvanceWidthMapping' is zero.
(tt_hadvance_adjust): Implement direct deltaSet access by glyph
index.
This commit improves tracing and handling of malformed fonts. In
particular, the changes to `pcf_get_properties' fix
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=379
* src/pcf/pcfread.c (tableNames): Use long names for better
readability.
(pcf_read_TOC): Allow at most 9 tables.
(pcf_get_properties): Allow at most 256 properties.
Limit strings array length to 256 * (65536 + 1) bytes.
Better tracing.
(pcf_get_metric): Trace metric data.
(pcf_get_metrics): Allow at most 65536 metrics.
Fix comparison of `metrics->ascent' and `metrics->descent' to avoid
potential overflow.
Better tracing.
(pcf_get_bitmaps): Allow at most 65536 bitmaps.
Better tracing.
(pcf_get_encodings, pcf_get_accel): Better tracing.
* src/pcf/pcfdrivr.c (PCF_Glyph_Load): Don't trace `format' details.
These are now shown by `pcf_get_bitmaps'.
* src/truetype/ttgload.c (TT_Load_Simple_Glyph): Check instruction
size only if we do native hinting.
(TT_Load_Glyph): Trace returned error code.
* src/truetype/ttobjs.c (tt_size_run_fpgm, tt_size_run_prep): Trace
returned error code.
(tt_size_ready_bytecode): Don't run `prep' table if `fpgm' table is
invalid.
* src/cff/cffload.c (FT_fdot14ToFixed): Fix casting.
(cff_blend_doBlend): Don't left-shift negative numbers.
Handle 5-byte numbers byte by byte to avoid alignment issues.
* src/cff/cffparse.c (cff_parse): Handle 5-byte numbers byte by byte
to avoid alignment issues.
* src/cid/cidload (cid_read_subrs): Do nothing if we don't have any
subrs.
* src/psaux/t1decode.c (t1_decode_parse_charstring): Fix tracing.
* src/tools/glnames.py (main): Put `DEFINE_PSTABLES' guard around
definition of `ft_get_adobe_glyph_index'.
* src/psnames/pstables.h: Regenerated.
* src/psnames/psmodule.c: Inlude `pstables.h' twice to get both
declaration and definition.
* src/truetype/ttgxvar.c (FT_fdot14ToFixed, FT_intToFixed): Fix
casting.
Without this patch, requesting information for face index N returned
the data for face index N+1 (or index 0).
* src/sfnt/sfobjs.c (sfnt_init_face): Correctly adjust `face_index'
for negative `face_instance_index' values.
Malformed fonts often have large values for the number of bitmap
strikes, and FreeType doesn't check the validity of all bitmap
strikes in advance.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=353
* src/tools/ftfuzzer/ftfuzzer.cc: Include `stdlib.h' for `rand'.
(Random): Small class to provide n randomly selected numbers
(without repitition) out of the value set [0,N].
(LLVMFuzzerTestOneInput): Use it to test only up to 10 bitmap
strikes.
Make some functions work before a call to `TT_Set_MM_Blend'.
* src/truetype/ttgxvar.c (tt_hadvance_adjust): Exit immediately if
we don't blend.
(TT_Get_MM_Blend, TT_Get_Var_Design): Return default values if we
don't blend.
Pdfium includes `pstables.h' a second time; moving the definition
from `pstables.h' to `psmodule.c' saves more than 60kByte data
segment space for this case.
* src/tools/glnames.py (StringTable::dump,
StringTable::dump_sublist, dump_encoding, dump_array): Emit
additional code to only define tables if `DEFINE_PS_TABLES' is set.
* src/psnames/pstables.h: Regenerated.
* src/psnames/psmodule.c (DEFINE_PS_TABLES): Define.