From 346f1867fd32dae8f56e5b482d1af98f626804ac Mon Sep 17 00:00:00 2001 From: Werner Lemberg Date: Fri, 6 Aug 2010 00:47:57 +0200 Subject: [PATCH] Fix Savannah bug #30657. * src/truetype/ttinterp.c (BOUNDSL): New macro. Change `BOUNDS' to `BOUNDSL' where appropriate. * src/truetype/ttinterp.h (TT_ExecContextRec): Fix type of `cvtSize'. --- ChangeLog | 10 ++++ src/truetype/ttinterp.c | 103 ++++++++++++++++++++-------------------- src/truetype/ttinterp.h | 2 +- 3 files changed, 63 insertions(+), 52 deletions(-) diff --git a/ChangeLog b/ChangeLog index 4235ffb36..83cc3d950 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,13 @@ +2010-08-05 Werner Lemberg + + Fix Savannah bug #30657. + + * src/truetype/ttinterp.c (BOUNDSL): New macro. + Change `BOUNDS' to `BOUNDSL' where appropriate. + + * src/truetype/ttinterp.h (TT_ExecContextRec): Fix type of + `cvtSize'. + 2010-08-05 Werner Lemberg Fix Savannah bug #30656. diff --git a/src/truetype/ttinterp.c b/src/truetype/ttinterp.c index 3e108f4e3..d22e94f5d 100644 --- a/src/truetype/ttinterp.c +++ b/src/truetype/ttinterp.c @@ -224,9 +224,10 @@ /*************************************************************************/ /* */ - /* A simple bounds-checking macro. */ + /* Two simple bounds-checking macros. */ /* */ -#define BOUNDS( x, n ) ( (FT_UInt)(x) >= (FT_UInt)(n) ) +#define BOUNDS( x, n ) ( (FT_UInt)(x) >= (FT_UInt)(n) ) +#define BOUNDSL( x, n ) ( (FT_ULong)(x) >= (FT_ULong)(n) ) #undef SUCCESS #define SUCCESS 0 @@ -3281,39 +3282,39 @@ args[0] = FT_PIX_CEIL( args[0] ); -#define DO_RS \ - { \ - FT_ULong I = (FT_ULong)args[0]; \ - \ - \ - if ( BOUNDS( I, CUR.storeSize ) ) \ - { \ - if ( CUR.pedantic_hinting ) \ - { \ - ARRAY_BOUND_ERROR; \ - } \ - else \ - args[0] = 0; \ - } \ - else \ - args[0] = CUR.storage[I]; \ +#define DO_RS \ + { \ + FT_ULong I = (FT_ULong)args[0]; \ + \ + \ + if ( BOUNDSL( I, CUR.storeSize ) ) \ + { \ + if ( CUR.pedantic_hinting ) \ + { \ + ARRAY_BOUND_ERROR; \ + } \ + else \ + args[0] = 0; \ + } \ + else \ + args[0] = CUR.storage[I]; \ } -#define DO_WS \ - { \ - FT_ULong I = (FT_ULong)args[0]; \ - \ - \ - if ( BOUNDS( I, CUR.storeSize ) ) \ - { \ - if ( CUR.pedantic_hinting ) \ - { \ - ARRAY_BOUND_ERROR; \ - } \ - } \ - else \ - CUR.storage[I] = args[1]; \ +#define DO_WS \ + { \ + FT_ULong I = (FT_ULong)args[0]; \ + \ + \ + if ( BOUNDSL( I, CUR.storeSize ) ) \ + { \ + if ( CUR.pedantic_hinting ) \ + { \ + ARRAY_BOUND_ERROR; \ + } \ + } \ + else \ + CUR.storage[I] = args[1]; \ } @@ -3322,7 +3323,7 @@ FT_ULong I = (FT_ULong)args[0]; \ \ \ - if ( BOUNDS( I, CUR.cvtSize ) ) \ + if ( BOUNDSL( I, CUR.cvtSize ) ) \ { \ if ( CUR.pedantic_hinting ) \ { \ @@ -3341,7 +3342,7 @@ FT_ULong I = (FT_ULong)args[0]; \ \ \ - if ( BOUNDS( I, CUR.cvtSize ) ) \ + if ( BOUNDSL( I, CUR.cvtSize ) ) \ { \ if ( CUR.pedantic_hinting ) \ { \ @@ -3358,7 +3359,7 @@ FT_ULong I = (FT_ULong)args[0]; \ \ \ - if ( BOUNDS( I, CUR.cvtSize ) ) \ + if ( BOUNDSL( I, CUR.cvtSize ) ) \ { \ if ( CUR.pedantic_hinting ) \ { \ @@ -4679,7 +4680,7 @@ /* first of all, check the index */ F = args[0]; - if ( BOUNDS( F, CUR.maxFunc + 1 ) ) + if ( BOUNDSL( F, CUR.maxFunc + 1 ) ) goto Fail; /* Except for some old Apple fonts, all functions in a TrueType */ @@ -4755,7 +4756,7 @@ /* first of all, check the index */ F = args[1]; - if ( BOUNDS( F, CUR.maxFunc + 1 ) ) + if ( BOUNDSL( F, CUR.maxFunc + 1 ) ) goto Fail; /* Except for some old Apple fonts, all functions in a TrueType */ @@ -5030,7 +5031,7 @@ L = (FT_ULong)args[0]; - if ( BOUNDS( L, CUR.zp2.n_points ) ) + if ( BOUNDSL( L, CUR.zp2.n_points ) ) { if ( CUR.pedantic_hinting ) { @@ -5114,8 +5115,8 @@ K = (FT_UShort)args[1]; L = (FT_UShort)args[0]; - if( BOUNDS( L, CUR.zp0.n_points ) || - BOUNDS( K, CUR.zp1.n_points ) ) + if ( BOUNDS( L, CUR.zp0.n_points ) || + BOUNDS( K, CUR.zp1.n_points ) ) { if ( CUR.pedantic_hinting ) { @@ -5769,12 +5770,12 @@ static void Ins_SHZ( INS_ARG ) { - TT_GlyphZoneRec zp; - FT_UShort refp; - FT_F26Dot6 dx, - dy; + TT_GlyphZoneRec zp; + FT_UShort refp; + FT_F26Dot6 dx, + dy; - FT_UShort last_point, i; + FT_UShort last_point, i; if ( BOUNDS( args[0], 2 ) ) @@ -5976,8 +5977,8 @@ cvtEntry = (FT_ULong)args[1]; point = (FT_UShort)args[0]; - if ( BOUNDS( point, CUR.zp0.n_points ) || - BOUNDS( cvtEntry, CUR.cvtSize ) ) + if ( BOUNDS( point, CUR.zp0.n_points ) || + BOUNDSL( cvtEntry, CUR.cvtSize ) ) { if ( CUR.pedantic_hinting ) CUR.error = TT_Err_Invalid_Reference; @@ -6169,7 +6170,7 @@ /* XXX: UNDOCUMENTED! cvt[-1] = 0 always */ if ( BOUNDS( point, CUR.zp1.n_points ) || - BOUNDS( cvtEntry, CUR.cvtSize + 1 ) || + BOUNDSL( cvtEntry, CUR.cvtSize + 1 ) || BOUNDS( CUR.GS.rp0, CUR.zp0.n_points ) ) { if ( CUR.pedantic_hinting ) @@ -6420,8 +6421,8 @@ p1 = (FT_UShort)args[0]; p2 = (FT_UShort)args[1]; - if ( BOUNDS( args[0], CUR.zp1.n_points ) || - BOUNDS( args[1], CUR.zp0.n_points ) ) + if ( BOUNDS( p1, CUR.zp1.n_points ) || + BOUNDS( p2, CUR.zp0.n_points ) ) { if ( CUR.pedantic_hinting ) CUR.error = TT_Err_Invalid_Reference; @@ -6950,7 +6951,7 @@ A = (FT_ULong)CUR.stack[CUR.args + 1]; B = CUR.stack[CUR.args]; - if ( BOUNDS( A, CUR.cvtSize ) ) + if ( BOUNDSL( A, CUR.cvtSize ) ) { if ( CUR.pedantic_hinting ) { diff --git a/src/truetype/ttinterp.h b/src/truetype/ttinterp.h index 732a1f298..c480dfa50 100644 --- a/src/truetype/ttinterp.h +++ b/src/truetype/ttinterp.h @@ -150,7 +150,7 @@ FT_BEGIN_HEADER FT_Bool step_ins; /* true if the interpreter must */ /* increment IP after ins. exec */ - FT_Long cvtSize; + FT_ULong cvtSize; FT_Long* cvt; FT_UInt glyphSize; /* glyph instructions buffer size */