The functions in this patch *do* return non-trivial errors that must
be taken care of.
* src/autofit/afloader.c (af_loader_load_g), src/base/ftobjs.c
(FT_Render_Glyph_Internal), src/base/ftoutln.c (FT_Outline_Render),
src/cff/cffgload.c (cff_decoder_parse_charstrings) <cff_op_endchar>,
src/psaux/psobjs.c (ps_parser_load_field_table), src/psaux/t1decode
(t1_decoder_parse_charstrings) <op_endchar>, src/truetype/ttgload.c
(load_truetype_glyph <subglyph loop>, tt_loader_init,
TT_Load_Glyph), src/truetype/ttgxvar.c (TT_Set_MM_Blend),
src/truetype/ttobjs.c (tt_size_run_fpgm, tt_size_run_prep): Do it.
We use a cast to indicate that we intentionally ignore a function's
return value. However, this doesn't apply to API functions where
errors can only happen for trivially invalid input.
* src/base/ftstroke.c (FT_Glyph_Stroke, FT_Glyph_StrokeBorder),
src/base/ftsynth.c (FT_GlyphSlot_Embolden), src/cff/cffgload.c
(cff_slot_load), src/pfr/pfrdrivr.c (pfr_get_kerning),
src/type1/t1load.c (parse_encoding), src/type42/t42parse.c
(t42_parse_encoding): Do it.
This adds an additional constraint to make the fix from 2013-01-25
really work.
* src/sfnt/ttsbit.c (tt_sbit_decoder_load_image) <index_format==4>:
Check `p' before `num_glyphs'.
Don't cast cmap init function pointers to an incompatible type.
Without this patch, the number of parameters between declaration and
the real signature differs. Calling such a function results in
undefined behavior.
ISO/IEC 9899:TC3 (Committee Draft September 7, 2007)
6.5.2.2 Function calls
9 If the function is defined with a type that is not
compatible with the type (of the expression) pointed to by
the expression that denotes the called function, the
behavior is undefined.
On certain platforms (c -> js with emscripten) this causes
termination of execution or invalid calls because in the emscripten
implementation, function pointers of different types are stored in
different pointer arrays. Incorrect pointer type here results in
indexing of an incorrect array.
* src/cff/cffcmap.c (cff_cmap_encoding_init, cff_cmap_unicode_init),
src/pfr/pfrcmap.c (pfr_cmap_init), src/psaux/t1cmap.c
t1_cmap_standard_init, t1_cmap_expert_init, t1_cmap_custom_init,
t1_cmap_unicode_init), src/winfonts/winfnt.c (fnt_cmap_init): Fix
signature.
This is a follow-up to Savannah bug #43659.
* src/type42/t42objs.c (T42_Face_Init): Exclusively use the
`truetype' font driver for loading the font contained in the `sfnts'
array.
* src/type42/t42objs.c (T42_Open_Face): Initialize `face->ttf_size'.
* src/type42/t42parse.c (t42_parse_sfnts): Always set
`face->ttf_size' directly. This ensures a correct stream size in
the call to `FT_Open_Face', which follows after parsing, even for
buggy input data.
Fix error messages.
`FT_MulFix' takes `FT_Long' parameters as defined in `freetype.h',
but several inline implementations of it in `ftcalc.h' take
`FT_Int32' arguments. This is causing compiler warnings on x86-64:
If parameters of type `FT_Fixed' (= `FT_Long') are passed to the
inline implementation of this function, integer values are truncated
from 64bit to 32bit.
* include/internal/ftcalc.h (FT_MulFix) [FT_MULFIX_ASSEMBLER]: Add
casts.
* src/sfnt/ttcmap.c (tt_cmap8_validate, tt_cmap10_validate,
tt_cmap12_validate, tt_cmap13_validate, tt_cmap14_validate): Protect
against overflow in additions and multiplications.
The scaling between the hypotenuse and its CORDIC approximation is
based on regression analysis. The smaller padding for `theta' is
justifed by its maximum error of less than 6.
* src/base/fttrigon.c (ft_trig_downscale): Borrow code from
./ftcalc.c (ft_multo64), change linear intercept.
(ft_trig_pseudo_polarize): Decrease `theta' padding.
Before this patch, it was impossible to ever call DELTAP[123] in
subpixel hinting mode as described in the ClearType whitepaper; it
only worked if in `compatibility mode'. However, compatibility mode
essentially disables SHPIX, completely ruining hinting of
ttfautohint output, for example.
We now follow the whitepaper more closely so that DELTAP[123]
instructions for touched points in the non-subpixel direction are
executed.
* src/smooth/ftsmooth.c (ft_smooth_render_generic): Translate origin
virtually by modifying cbox, actually translate outline if cumulative
shift is not zero.