Commit Graph

5620 Commits

Author SHA1 Message Date
Werner Lemberg c9de4bf6ba Typo. 2016-12-30 10:07:23 +01:00
Werner Lemberg 6b21d1281e [ftfuzzer] Restrict number of tested bitmap strikes.
Malformed fonts often have large values for the number of bitmap
strikes, and FreeType doesn't check the validity of all bitmap
strikes in advance.

Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=353

* src/tools/ftfuzzer/ftfuzzer.cc: Include `stdlib.h' for `rand'.
(Random): Small class to provide n randomly selected numbers
(without repitition) out of the value set [0,N].
(LLVMFuzzerTestOneInput): Use it to test only up to 10 bitmap
strikes.
2016-12-30 10:00:54 +01:00
Werner Lemberg 7591bf11d1 [truetype] Variation font API stability issues.
Make some functions work before a call to `TT_Set_MM_Blend'.

* src/truetype/ttgxvar.c (tt_hadvance_adjust): Exit immediately if
we don't blend.
(TT_Get_MM_Blend, TT_Get_Var_Design): Return default values if we
don't blend.
2016-12-29 21:39:06 +01:00
Werner Lemberg 91fc3bd7c9 * src/truetype/ttgxvar.c (TT_Get_MM_Var): Check axis data.
Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=348
2016-12-29 21:34:46 +01:00
Werner Lemberg 180185109b [truetype] Tracing fixes.
* src/truetype/ttgxvar.c (tt_hadvance_adjust): Emit correct
information.
(TT_Set_Var_Design): Fix typo.
(TT_Get_Var_Design): Fix typos.
2016-12-29 21:30:06 +01:00
Werner Lemberg 84b0d9927b */*: Use `0.5f' for tracing 16.16 numbers. 2016-12-29 10:38:51 +01:00
Werner Lemberg 346b141762 [pcf] Protect against gzip bombs.
Fix suggested by Kostya; reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=345

* src/pcf/pcfread.c (pcf_read_TOC): Limit number of TOC entries to
1024.
2016-12-29 06:03:40 +01:00
Werner Lemberg 6fb549ddab [psnames] Only declare, not define, data in `pstables.h' (#49949).
Pdfium includes `pstables.h' a second time; moving the definition
from `pstables.h' to `psmodule.c' saves more than 60kByte data
segment space for this case.

* src/tools/glnames.py (StringTable::dump,
StringTable::dump_sublist, dump_encoding, dump_array): Emit
additional code to only define tables if `DEFINE_PS_TABLES' is set.

* src/psnames/pstables.h: Regenerated.
* src/psnames/psmodule.c (DEFINE_PS_TABLES): Define.
2016-12-28 22:23:33 +01:00
Werner Lemberg c4a1ef3c94 [cff] Catch `blend' op in non-variant fonts.
Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=334

* src/cff/cf2intrp.c (cf2_interpT2CharString) <cf2_cmdBLEND>: Don't
allow `blend' op for non-variant fonts.
2016-12-28 21:22:45 +01:00
Werner Lemberg c4cd34a9e0 [cff] Better check of number of blends.
* src/cff/cf2intrp.c (cf2_interpT2CharString) <cf2_cmdBLEND>,
src/cff/cffparse.c (cff_parse_blend): Compare number of blends with
stack size.
2016-12-28 08:33:35 +01:00
Werner Lemberg 48fd5bb2b6 Documentation updates.
* docs/CHANGES: Add missing information.

* docs/formats.txt: Rewritten and updated.
2016-12-27 10:20:23 +01:00
Werner Lemberg 0a943b6362 Formatting. 2016-12-27 07:50:22 +01:00
Werner Lemberg e5e3556fa2 [truetype, type1] Implement `FT_Get_Var_Design_Coordinates'.
* src/truetype/ttgxvar.c (TT_Get_Var_Design): Implement.
(TT_Set_Var_Design): Fix tracing.

* src/type1/t1load.c (T1_Get_Var_Design): Implement.
2016-12-27 06:49:37 +01:00
Werner Lemberg f80c4473b6 Replace `++foo' and `--foo' with `foo++' and `foo--', resp. 2016-12-26 23:57:45 +01:00
Werner Lemberg 4441f7b246 Replace `foo == NULL' and `foo != NULL' with `!foo' and `foo', resp.
Other minor formatting.
2016-12-26 17:08:17 +01:00
Werner Lemberg 37c72f66a5 Minor formatting. 2016-12-25 22:55:25 +01:00
Werner Lemberg a300c1c3af * src/truetype/ttpload.c (tt_face_load_hdmx): Ignore `version'.
Problem reported by 張俊芝 <418092625@qq.com>.
2016-12-24 09:27:15 +01:00
Werner Lemberg d1db57c284 * src/sfnt/ttsbit.c (tt_face_load_sbit): Allow more version values.
Some fonts seem to have the `version' field in the wrong byte order.

Problem reported by 張俊芝 <418092625@qq.com>.
2016-12-24 09:05:16 +01:00
Werner Lemberg fde0b78cce * src/truetype/ttpload.c (tt_face_load_loca): Sanitize table length.
This trivial fix allows us to accept more fonts.

Problem reported by 張俊芝 <418092625@qq.com>.
2016-12-24 08:17:19 +01:00
Werner Lemberg 1fecdfe346 * src/sfnt/sfobjs.c (sfnt_init_face): Fix tracing. 2016-12-24 07:50:45 +01:00
Werner Lemberg 8d37efbc79 Add missing ChangeLog entry for commit d44daf9e. 2016-12-22 20:48:28 +01:00
Werner Lemberg 18bd176a65 * CMakeLists.txt: Make it work with cmake 2.8.11.2 (#49909). 2016-12-22 12:24:23 +01:00
Werner Lemberg 06d61b487a Ensure used preprocessor symbols are defined (#49790).
* builds/unix/ftconfig.in, builds/vms/ftconfig.h,
include/freetype/config/ftconfig.h: Check `__GNUC__', `__IBMC__',
and `__SUNPRO_C' correctly.
2016-12-22 10:43:46 +01:00
Werner Lemberg 7f7333990c * src/base/ftrfork.c (FT_Raccess_Get_DataOffsets): Check `count'.
Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=308
2016-12-22 10:12:17 +01:00
Werner Lemberg b44e6c2035 [cff] Protect against invalid `vsindex' and `blend' values.
Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=305

* src/cff/cf2intrp.c (cf2_interpT2CharString) <cf2_cmdVSINDEX,
cf2_cmdBLEND>: Implement it.
2016-12-22 08:30:15 +01:00
Werner Lemberg ada8297175 [ftfuzzer] Always use Adobe CFF engine.
* src/tools/ftfuzzer/ftfuzzer.cc (FT_Global::FT_Global): Implement
it.
2016-12-22 08:25:42 +01:00
Werner Lemberg 7209110345 * src/truetype/ttgxvar.c (TT_Vary_Apply_Glyph_Deltas): Thinko.
I should really stop coding late in the evening...

Thanks again to Ben for checking.
2016-12-21 23:46:29 +01:00
Werner Lemberg d44daf9e9b * src/truetype/ttgxvar.c (TT_Vary_Apply_Glyph_Deltas): Thinko.
Don't apply deltas twice for non-phantom points.

Spotted by Ben Wagner.
2016-12-21 23:03:48 +01:00
Werner Lemberg e6a429e2c7 [cff, truetype] Another try for #49829.
* src/cff/cffdrivr.c: Don't include
`FT_SERVICE_METRICS_VARIATIONS_H'.
(cff_get_advances): Use `ttface->variation_support'.

* src/truetype/ttdriver.c (tt_get_advances): Use
`ttface->variation_support'.

* src/truetype/ttgload.c (TT_Process_Simple_Glyph,
load_truetype_glyph): Use `ttface->variation_support'.
2016-12-21 20:27:48 +01:00
Werner Lemberg 64a91137f1 [truetype, sfnt] Introduce font variation flags to `TT_Face'.
* include/freetype/internal/tttypes.h (TT_FACE_FLAG_VAR_XXX):
New macros describing available functionality of various OpenType
tables related to font variation.
(TT_Face): New fields `variation_support' and `mvar_support',
replacing and extending `use_fvar'.

* src/sfnt/sfobjs.c (sfnt_init_face, sfnt_load_face): Use
`variation_support'.

* src/truetype/ttgxvar.c (ft_var_load_hvar): Set `variation_support'
field.
(TT_Vary_Apply_Glyph_Deltas): Updated.
2016-12-21 19:30:33 +01:00
Werner Lemberg 57a6733dcf [base] Improve sanity check for Mac resources (#49888).
* src/base/ftobjs.c (Mac_Read_sfnt_Resource): Abort if `rlen' is not
positive.
2016-12-21 06:52:23 +01:00
Werner Lemberg ded4bdb5d0 [base] More sanity checks for Mac resources.
We use

  https://github.com/kreativekorp/ksfl/wiki/Macintosh-Resource-File-Format

and

  https://developer.apple.com/legacy/library/documentation/mac/pdf/MoreMacintoshToolbox.pdf#page=151

as references.

* include/freetype/internal/ftrfork.h (FT_RFork_Ref): Use FT_Short
for `res_id'.

* src/base/ftrfork.c (FT_Raccess_Get_HeaderInfo): Extract map length
and use it to improve sanity checks.
Follow the specification more closely;in particular, all data types
are signed, not unsigned.
(FT_Raccess_Get_DataOffsets): Follow the specification more closely;
in particular, all data types are signed, not unsigned.
Add some sanity checks.
2016-12-20 23:26:38 +01:00
Werner Lemberg b55730320c ftobjs.c: Formatting. 2016-12-20 23:22:06 +01:00
Werner Lemberg d5fe8da774 Spelling. 2016-12-20 22:03:40 +01:00
Werner Lemberg d678b37e8a Another minor ChangeLog addition. 2016-12-20 12:45:31 +01:00
Werner Lemberg 70704b34ac [truetype] Improve logic for getting fast advance widths.
* src/cff/cffdrivr.c (cff_get_advances), src/truetype/ttdriver.c
(tt_get_advances): Use `is_default_instance' for test; this gets
recomputed after changing blend coordinates.
2016-12-20 12:27:22 +01:00
Werner Lemberg 59b0b3a76c Add bug reference to previous commit. 2016-12-20 11:39:52 +01:00
Ben Wagner cc576f8002 [truetype] Fix linear metrics of GX variation fonts.
When asking for an unhinted non-default variations,
`linearVertAdvance' is currently the value from the `hmtx' table
instead of the actual value after applying the variation.  `HVAR'
support fixes this, but fonts will exist without that table and will
need sane fallback.

* src/truetype/ttgload.c (TT_Process_Simple_Glyph,
load_truetype_glyph): Implement linear advance adjustments if `HVAR'
or `VVAR' tables are missing.
2016-12-20 11:37:42 +01:00
Werner Lemberg a1e85f11c8 [cff, truetype] Fast advance width retrieval for fonts with HVAR.
Everything is guarded with TT_CONFIG_OPTION_GX_VAR_SUPPORT.

* src/base/ftadvanc.c (LOAD_ADVANCE_FAST_CHECK): Don't handle MM.

* src/cff/cffdrivr.c: Include FT_SERVICE_METRICS_VARIATIONS_H.
(cff_get_advances): Test for HVAR and VVAR.

* src/truetype/ttdriver.c (tt_get_advances): Test for HVAR and VVAR.
2016-12-20 10:52:26 +01:00
Werner Lemberg 5743df7718 [base] Fix invalid mac font recursion.
Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=304

* src/base/ftobjs.c (FT_Open_Face): Code moved to...
(ft_open_face_internal): ... this function.
Add a parameter to control whether we try special Mac font handling
in case of failure.
(FT_Open_Face, FT_New_Face, FT_New_Memory_Face,
open_face_from_buffer): Use `ft_open_face_internal'.
2016-12-18 21:01:03 +01:00
Werner Lemberg ca3d401993 * src/cff/cffobjs.c (cff_face_init): Make named instances work. 2016-12-18 18:23:19 +01:00
Werner Lemberg a8652c59da [truetype, cff] Extend `get_var_blend' function of MM service.
In particular, we need access to named instance data.

* include/freetype/internal/services/svmm.h (FT_Get_Var_Blend_Func):
Add argument for `FT_MM_Var'.

* src/cff/cffload.c (cff_get_var_blend): Updated.
* src/cff/cffload.h: Updated.

* src/cff/cf2ft.c (cf2_getNormalizedVector): Updated.

* src/truetype/ttgxvar.c (tt_get_var_blend): Updated.
Accept value `NULL' for arguments.
* src/truetype/ttgxvar.h: Updated.
2016-12-18 18:12:03 +01:00
Werner Lemberg 25f3ac2b9e [sfnt] Handle `fvar' with zero axes as a non-MM font.
This is better behaviour than exiting with an error.

* include/freetype/internal/tttypes.h (TT_Face): Add `use_fvar'
field.

* src/sfnt/sfobjs.c (sfnt_init_face): Compute `use_fvar', also
updating the validation code.
Use `use_fvar' to compute FT_FACE_FLAG_MULTIPLE_MASTERS.

* src/truetype/ttgxvar.c (TT_Get_MM_Var): Remove `fvar' validation
code.
2016-12-18 15:50:18 +01:00
Werner Lemberg eb6d02087b Minor GX code shuffling.
* include/freetype/internal/tttypes.h (TT_Face): Move
`is_default_instance' into TT_CONFIG_OPTION_GX_VAR_SUPPORT
block.

* src/sfnt/sfobjs.c (sfnt_init_face): Updated.
* src/truetype/ttgload.c (IS_DEFAULT_INSTANCE): New macro.
(TT_Load_Glyph): Use it.
2016-12-18 09:29:58 +01:00
Werner Lemberg 8f633a08f1 [cff] Better handling of non-CFF font formats.
* src/cff/cffload.c (cff_font_load): Pure CFFs don't have a
signature, so return `FT_Err_Unknown_File_Format' more often.
2016-12-18 06:42:31 +01:00
Werner Lemberg 4cd6817951 * src/cff/cffload.c (cff_build_blend_vector): Remove redundant code. 2016-12-17 22:52:50 +01:00
Werner Lemberg 6949797d60 More code formatting. 2016-12-17 21:05:54 +01:00
Werner Lemberg 5d664b6d51 Use FT_SET_ERROR where useful. Other minor code formatting. 2016-12-17 20:47:42 +01:00
Werner Lemberg db17ceb4c0 * src/truetype/ttobjs.c (tt_face_init): Simplify conditional code. 2016-12-17 13:39:31 +01:00
Werner Lemberg 7c75b166c8 [sfnt, truetype] Various sanitizing fixes.
* src/sfnt/sfobjs.c (sfnt_init_face): If the axis count in `fvar' is
zero, set `num_instances' to zero.

* src/truetype/ttgxvar.c (TT_Get_MM_Var): Handle `fvar' table with
zero axes as invalid.

* src/truetype/ttobjs.c (tt_face_init): Improve logic of loading
`loca', `cvt', `fpgm', and `prep' table.
2016-12-17 13:28:24 +01:00