Also fix memory deallocation in case of error.
`head' problem reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17820
* src/sfnt/sfwoff2.c (reconstruct_glyf): Don't use `stream_close'.
Abort if `head_table' is NULL.
Don't free `transformed_buf' in case of error.
(woff2_open_font): Don't set `uncompressed_buf' to NULL.
The libs which cmake controls are commented out at
include/freetype/config/ftoption.h
and cmake un-comment each enabled library, but the brotli option was
not commented out, therefore `FT_CONFIG_OPTION_USE_BROTLI' remained
defined even if brotli was missing/disabled/etc.
Comment it such that cmake can control it, which means leaving it
undefined if brotli is missing.
* include/freetype/config/ftoption.h: Fix typo.
Extract `version_info' variable from `builds/unix/configure.raw' and
use the data to correctly set `LIBRARY_VERSION' and
`LIBRARY_SOVERSION'.
Also use the data to set `ft_version' field in `freetype2.pc'.
Also fix the needed minimum version of HarfBuzz in `freetype2.pc'.
* src/sfnt/sfwoff2.c (woff2_open_font): Use `FT_UInt32' for
`file_offset'. This fixes builds on platforms where `FT_LONG64' is
not defined while still being sufficient to store a file offset.
If table tag is not 0x3f, we expect a value between 0 and 62. If
this is not the case, exit with errors.
* src/sfnt/sfwoff2/c: Check whether table tag makes sense.
* src/sfnt/woff2tags.c: Return 0 if tag is out of bounds.
`reconstruct_hmtx' requires `info->x_mins' and `info->num_glyphs' to
reconstruct the hmtx table. In case glyf is not transformed, we
call `get_x_mins' which does the necessary work.
* src/sfnt/sfwoff2.c (get_x_mins): New function.
(reconstruct_font): Call get_x_mins.
Set correct value of `face->num_faces' for WOFF2 fonts. This is
being handled separately because we only load the tables for the
requested font face in `woff2_open_font' and create a single-face
sfnt stream.
The full discussion is at:
https://lists.gnu.org/archive/html/freetype-devel/2019-08/msg00000.html
* src/sfnt/sfobjs.c (sfnt_open_font): Add parameter
`woff2_num_faces'.
(sfnt_init_face): Introduce variable `woff2_num_faces', and change
`face->root.num_faces' if `woff2_num_faces' is set.
* src/sfnt/sfwoff2.c (woff2_open_font): Validate requested face
index and handle negative face indices.
* src/sfnt/sfwoff2.h (woff2_open_font): Add parameter `num_faces' to
declaration.
We do this by using `totalSfntSize' as an initial reference, and
extending the buffer when required. This reduces rendering time
considerably.
* include/freetype/internal/wofftypes.h (WOFF2_HeaderRec): Add
`totalSfntSize', rename `total_sfnt_size' to `actual_sfnt_size'.
* src/sfnt/sfwoff2.c (write_buf): Add parameter `dst_size' to keep
track of and update total size of stream.
(WRITE_SFNT_BUF, WRITE_SFNT_BUF_AT): Modify macros accordingly.
(pad4, store_loca, reconstruct_glyf, reconstruct_hmtx,
reconstruct_font): Update parameters to accept `sfnt_size'.
(woff2_open_font): Add variable `sfnt_size'. Use WOFF2 header field
`totalSfntSize' as initial reference (if value makes sense) and
allocate `totalSfntSize' bytes for the sfnt stream. `write_buf'
handles reallocation if and when required. Also resize the stream
to `actual_sfnt_size' after reconstruction.
Add necessary functions to reconstruct loca and hmtx tables (the two
remaining tables that can have a transform). `woff2_open_font' is
now capable of loading a woff2 font face. This code may still need
more refining and better memory management.
* include/freetype/internal/wofftypes.h (WOFF2_HeaderRec): Add total
(final) size of sfnt stream.
(WOFF2_InfoRec): Add header checksum value.
* src/sfnt/sfobjs.c (sfnt_open_font): Change `face_instance_index'
parameter to its pointer so its value can be modified by
`woff2_open_font'.
* src/sfnt/sfwoff2.c: (WRITE_SFNT_BUF_AT): New macro to write into
sfnt buffer at given position.
(write_buf): Add parameter `extend_buf' which allows caller to
specify whether buffer should be reallocated before copying data.
(WRITE_SFNT_BUF): Updated.
(pad4, store_loca, reconstruct_htmx): New functions.
(reconstruct_glyf): Calculate loca values and store them.
(reconstruct_font): Call `reconstruct_hmtx', write table record
entries, and calculate table checksums. Also calculate font
checksum and update `checksumAdjustment' entry in head table.
(woff2_open_font): Open stream for sfnt buffer, swap out input
stream and return.
* src/sfnt/sfwoff2.h (woff2_open_font): Modify parameter to accept
pointer to `face_index'.
Reconstruct `glyf' table if it is transformed in the uncompressed
table stream. Also add necessary structures, macros and functions.
* include/freetype/internal/wofftypes.h (WOFF2_InfoRec,
WOFF2_SubstreamRec, WOFF2_PointRec): New structures.
(WOFF2_TableRec): s/OrigLength/dst_length/.
* src/sfnt/sfwoff2.c (READ_255USHORT, READ_BASE128): Use
`FT_SET_ERROR' to set implicit `error' variable.
(WRITE_SHORT): New macro.
(N_CONTOUR_STREAM, N_POINTS_STREAM, FLAG_STREAM, GLYPH_STREAM,
COMPOSITE_STREAM, BBOX_STREAM, INSTRUCTION_STREAM): New macros to
refer to substreams of the transformed `glyf' tables.
(Read255UShort, ReadBase128): Return errors set by `FT_READ_XXX'
macros.
(with_sign, safe_int_addition): New functions to add sign to values
based on a flag and perform safe addition respectively.
(triplet_decode): Decode variable-length (flag, xCoordinate,
yCoordinate) triplet for a simple glyph. See
https://www.w3.org/TR/WOFF2/#triplet_decoding
(store_points, compute_bbox, composteGlyph_size, reconstruct_glyf):
New functions.
(reconstruct_font): Call `reconstruct_glyf'.
* src/sfnt/sfwoff2.h: Add required constants.
* src/sfnt/woff2tags.h: Move out constants to `sfwoff2.h'.
Copy un-transformed tables to the sfnt stream.
* src/sfnt/sfwoff2.c: (WRITE_SFNT_BUF): New macro.
(write_buf): New function. Extend memory of `dst' buffer and copy
bytes from `src'.
(compute_ULong_sum): New function. Calculate checksum of table.
(reconstruct_font): Change `FT_Byte* sfnt' to `FT_Byte**
sfnt_bytes'. This has been done because we reallocate memory to
`sfnt' multiple times, which may change the pointer value of `sfnt'.
This new pointer must be propogated back to the caller. Same reason
for using a double pointer in `write_buf'.
* src/sfnt/woff2tags.h (WOFF2_DEFAULT_MAX_SIZE): New macro used for
overflow checking.
Uncompressed buffer is now an `FT_Stream'.
Perform basic checks and start iterating over tables.
* src/sfnt/sfwoff2.c (stream_close, find_table, read_num_hmetrics):
New functions.
(reconstruct_font): Modify parameters and iterate over tables.
(woff2_open_font): Updated.
We `handle' TTCs by modifying the `indices' array to point to only
those tables that are part of the requested `face_index'.
Set and use `num_tables' in `WOFF2_TtcFont'.
* src/sfnt/sfwoff2.c (reconstruct_font): New function.
(woff2_open_font): Start reconstruction of font.
Change `KnownTags' to a function (`woff2_known_tags'). This avoids
introducing a global constant array. This function returns the
specified index without *any* checks. The caller must ensure that
`index' is within array limits.
* src/sfnt/sfwoff2.c (woff2_open_font): Change `KnownTags[...]'
notation to `woff2_known_tags( ... )'.
* src/sfnt/woff2tags.c: Perform changes.
* src/sfnt/woff2tags.h: Update definitions.
WOFF2 compressed stream is now uncompressed if Brotli is available.
This data is stored in a separate buffer (uncompressed_buf) because
it does not contain direct table data. Certain tables have
transformations applied to them, and they must be reconstructed
before we can write those tables to the SFNT stream.
`face_index' is now being passed as a parameter to
`woff2_open_font'.
* src/sfnt/sfobjs.c (sfnt_open_font): Add parameter
`face_instance_index'.
* src/sfnt/sfwoff2.c (woff2_uncompress): New function.
(woff2_open_font): Call `woff2_uncompress'.
(compute_first_table_offset): Fix return type.
* src/sfnt/sfwoff2.h (woff2_open_font): Modify declaration.
Brotli is required for decompressing WOFF2 font directory streams.
The library is thus being added as an optional dependency for
FreeType.
* builds/unix/configure.raw: Add checks for `libbrotlidec'.
(REQUIRES_PRIVATE, LIBS_PRIVATE, LIBSSTATIC_CONFIG): Updated.
* devel/ftoption.h, include/freetype/config/ftoption.h
(FT_CONFIG_OPTION_USE_BROTLI): New macro.
Add constants required for WOFF2, and known table tags as defined in
the specification. See
https://www.w3.org/TR/WOFF2/#table_dir_format
for details.
* src/sfnt/woff2tags.c, src/sfnt/woff2tags.h: New files.
Check for WOFF2 tag, call `woff2_open_font', and implement it to read
header according to specification.
* include/freetype/internal/fttrace.h: Add `sfwoff2.c'.
* src/sfnt/rules.mk (SFNT_DRV_SRC): Add `sfwoff2.c'.
* src/sfnt/sfnt.c: Include `sfwoff2.c'.
* src/sfnt/sfobjs.c (sfnt_open_font): Check for `wOF2' tag and call
`woff2_open_font'.
* src/sfnt/sfwoff2.c, src/sfnt/sfwoff2.h: New files.
Add structures and macro for WOFF 2 header and table directory.
* include/freetype/internal/wofftypes.h (WOFF2_HeaderRec,
WOFF2_TableRec_): New structures.
* include/freetype/tttags.h (TTAG_wOF2): New macro.
As originally intended, a Type 1 SEAC charstring would be used for
an accented glyph (like `acaron' or `uumlaut'), where the advance
width of the SEAC glyph is the same as that of the `base' glyph
(like `a' or `u'). In this case it is not uncommon for the SEAC
glyph to not use an (H)SBW opcode of its own but to rely on the
value from the base glyph.
However, out-of-spec fonts also use SEAC glyphs for ligatures (like
`oe' or `fi'), and in those cases the overall advance width is
greater than that of the `base' glyph. For this reason we have to
allow that the SEAC glyph can have an (H)SBW value of its own, and
if it has, retain this value, rather than the one from the base
glyph.
* src/psaux/psintrp.c (cf2_interpT2CharString) <cf2_escSEAC>:
Implement it.
==========================
Tag sources with `VER-2-10-1'.
* docs/VERSION.TXT: Add entry for version 2.10.1.
* README, Jamfile (RefDoc), src/base/ftver.rc,
builds/windows/vc2010/freetype.vcxproj,
builds/windows/vc2010/index.html,
builds/windows/visualc/freetype.dsp,
builds/windows/visualc/freetype.vcproj,
builds/windows/visualc/index.html,
builds/windows/visualce/freetype.dsp,
builds/windows/visualce/freetype.vcproj,
builds/windows/visualce/index.html,
builds/wince/vc2005-ce/freetype.vcproj,
builds/wince/vc2005-ce/index.html,
builds/wince/vc2008-ce/freetype.vcproj,
builds/wince/vc2008-ce/index.html: s/2.10.0/2.10.1/, s/2100/2101/.
* include/freetype/freetype.h (FREETYPE_PATCH): Set to 1.
* builds/unix/configure.raw (version_info): Set to 23:1:17.
* CMakeLists.txt (VERSION_PATCH): Set to 1.
* include/freetype/fterrors.h (FT_Error_String): Fix C++ compilation.
* src/autofit/afglobal.c (af_face_global_get_metrics): Start again
(with dummy hinter module) if no blue zones are present.
* src/autofit/aflatin.c (af_latin_metrics_init_blues): Change
signature to return error code.
If no blue zones are found, update `glyph_styles' array to hold
AF_STYLE_NONE_DFLT instead of the current style.
(af_latin_metrics_init): Return internal error code if no blue zones
are found.
More to come.
* builds/vms/LIBS.OPT_IA64, builds/vms/_LINK.OPT_IA64,
builds/vms/vmslib.dat: New files provided by Jouk Jansen
<joukj@hrem.nano.tudelft.nl>.
* builds/vms/ftconfig.h: Update, also from Jouk.
The buffer size FT_MAX_GRAY_SPANS is set to 10 spans, which should be
enough to cover the entire scanline for simple glyphs in most cases:
each slightly slanted edge needs up to two spans, plus a filling span
in-between. This is not new, we used to do it before cb4388783c.
* src/smooth/ftgrays.c (gray_TWorker): Add `spans' and `num_spans'.
(gray_hline, gray_sweep): Implement the span buffering.
(gray_raster_render): Use negative `num_spans' to avoid the direct
mode.
Up to now, only the unscaled CVT values were varied; in other words,
the `CVAR' data was never used for bytecode hinting.
* src/truetype/ttgxvar.c (tt_cvt_ready_iterator): New auxiliary
function.
(tt_face_vary_cvt): Use it to trigger rescaling of CVT values.
If `CVAR' data is applied to variation fonts, fractional values are
possible.
* include/freetype/internal/tttypes.h (TT_FaceRec): Change type of
`cvt' from `FT_Short' to `FT_Int32'.
* src/truetype/ttgxvar.c (FT_fdot6ToFixed): New macro.
(tt_face_vary_cvt): Use it to update code to 26.6 format.
* src/truetype/ttobjs.c (tt_size_run_prep): Update code to 26.6
format.
* src/truetype/ttpload.c (tt_face_load_cvt): Stora data in 26.6
format.
Very embarassing :-)
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14701https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14705https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14710
* src/truetype/ttgload.c (IS_DEFAULT_INSTANCE): Move up and add
argument; update all callers.
(TT_Process_Simple_Glyph): Use it. The `unrounded' array is active
for variation fonts only, thus also enclose related code with
`#ifdef TT_CONFIG_OPTION_GX_VAR_SUPPORT ... #endif' where
necessary.
Revert commit a113e5d from 2019-05-09, and don't use `extra_points2'
but allocate a temporary array.
Speed up the scaling of the `unrounded' array.
* src/truetype/ttgxvar.c (FT_fixedToInt, FT_FixedToFdot6): Fix type
conversions and rounding. The unsigned type must have more or equal
bits to the signed type.
This patch make FreeType use font units in 26.6 format internally
instead of integers.
* src/truetype/ttgxvar.c (FT_fixedToFdot6): New macro.
(TT_Vary_Apply_Glyph_Deltas): Add argument to output unrounded font
coordinates.
* src/truetype/ttgxvar.h: Updated.
* src/truetype/ttgload.c (TT_Process_Simple_Glyph): Use
`extra_points2' array to temporarily hold unrounded point
coordinates; use them to compute scaled coordinates and linear
advance width and height.
(load_truetype_code): Adjust similarly.
Reported by Sender Ghost <lightside@gmx.com>.
* src/autofit/afcjk.c (af_cjk_hints_compute_edges): Catch a corner
case where `edge->first' could be NULL.
* src/pfr/pfrobjs.c (pfr_slot_load): Remove unnecessary test of
`size'.
* src/raster/ftraster.c (Draw_Sweep): Catch a corner case where
`draw_right' might be NULL.
* src/sfnt/ttmtx.c (tt_face_get_metrics): Fix limit test for
`aadvance'.
Ensure `abearing' always hold a meaningful result.
* src/truetype/ttgload.c (load_truetype_glyph): Ensure `subglyph' is
not NULL before accessing it.
* src/truetype/ttgxvar.c (TT_Set_Named_Instance): Remove unnecessary
test of `namedstyle'.
* src/type42/t42parse.c (t42_parser_done): Ensure
`parser->root.funcs.done' is not NULL before accessing it.
The previous implementation is correct but it is too complex.
The revised algorithm is based on the fact that each split moves
the control points closer to the trisection points on the chord.
The corresponding distances are good surrogates for the curve
deviation from the straight line.
This cubic flattening algorithm is somewhat similar to the conic
algorithm based the distance from the control point to the middle of
the chord. The cubic distances, however, decrease less predictably
but are easy enough to calculate on each step.
* src/smooth/ftgrays.c (gray_render_cubic): Replace the split
condition.
This commit fixes the changes from 2018-07-21, which broke charmap
iteration. We now add the default character as a new glyph with
index 0, thus increasing the number of glyphs by one (as before).
* src/pcf/pcfread.c (pcf_get_metrics): Adjust to new artificial
glyph with index 0.
Limit number of elements to 65534.
(pcf_get_bitmaps): Ditto.
Unify two loops into one; this avoids allocation of an intermediate
array.
(pcf_get_encodings): Don't flip indices but copy glyph metrics of
default character to index 0.
Also handle invalid default character.
* docs/CHANGES: Updated.
642bc7590c introduced dynamically
allocated memory when parsing CFF files with the "old" engine. Bounds
checks have never been updated, however, leading to pointless
comparisons of pointers in some cases. This commit presents a
solution for bounds checks in the CFF module with an extended logic
for the "old" engine while staying as concise as possible for the
"new" one.
* src/cff/cffparse.h: Introduce the struct `CFF_T2_StringRec' and
the additional field `t2_strings' within `CFF_ParserRec'.
* src/cff/cffparse.c (cff_parser_within_limits): Move all boundary
checks into this new function and update the rest of `cffparse.c' to
use it.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12137
* src/autofit/afblue.dat: Use U+200D (ZERO-WIDTH JOINER) characters
to get medial forms for some Mongolian characters.
* src/autofit/afblue.c, src/autofit/afblue.h: Regenerated.
As a de-facto standard, layouts using this script are constructed
horizontally line by line, then the lines are rotated clockwise for
vertical display.
* src/autofit/afblue.dat: Add blue zone data for Mongolian.
* src/autofit/afblue.c, src/autofit/afblue.h: Regenerated.
* src/autofit/afscript.h: Add Mongolian standard characters.
* src/autofit/afranges.c, src/autofit/afstyles.h: Add Mongolian
data.
==========================
Tag sources with `VER-2-10-0'.
* docs/VERSION.TXT: Add entry for version 2.10.0.
* docs/CHANGES: Updated.
* README, Jamfile (RefDoc), src/base/ftver.rc,
builds/windows/vc2010/freetype.vcxproj,
builds/windows/vc2010/index.html,
builds/windows/visualc/freetype.dsp,
builds/windows/visualc/freetype.vcproj,
builds/windows/visualc/index.html,
builds/windows/visualce/freetype.dsp,
builds/windows/visualce/freetype.vcproj,
builds/windows/visualce/index.html,
builds/wince/vc2005-ce/freetype.vcproj,
builds/wince/vc2005-ce/index.html,
builds/wince/vc2008-ce/freetype.vcproj,
builds/wince/vc2008-ce/index.html: s/2.9.1/2.10.0/, s/291/2100/.
* include/freetype/freetype.h (FREETYPE_MINOR): Set to 10.
(FREETYPE_PATCH): Set to 0.
* builds/unix/configure.raw (version_info): Set to 23:0:17.
* CMakeLists.txt (VERSION_MINOR): Set to 10.
(VERSION_PATCH): Set to 0.
* builds/toplevel.mk (version, winversion): Since the minor version
number has two digits now, never omit the patch number. We would
get ambiguous zip file names otherwise.
(dist): Remove remnants of `docmaker' tool.
(do-dist): Remove unused intermediate files.
* src/cff/cffparse.c (destrict_c2s_item): Guard function with
CFF_CONFIG_OPTION_OLD_ENGINE macro.
This change should allow Freetype to work on WASM/Emscripten without
needing `-s EMULATE_FUNCTION_POINTER_CASTS=1'.
* src/autofit/afdummy.c (af_dummy_hints_apply): Fix signature.
* src/cid/cidload.c (cid_parse_font_matrix, parse_fd_array,
parse_expansion_factor, parse_font_name): Return `void', not
`FT_Error'.
* include/freetype/internal/ftobjs.h (FT_CMap_CharVarIsDefaultFunc):
Fix signature.
* src/psaux/psintrp.c (cf2_interpT2CharString): The call to
`cf2_arrstack_setCount' may fail because the allocator ran out of
memory. When this happens the stack is still written to before the
error condition is checked. This means that FreeType writes outside
of allocated memory. This commit moves the error check prior to the
stack assignment, hence the function now properly returns with an
error condition.
Instead of setting typo or win metrics as the new FT_Face metrics
indiscriminately, apply only typo deltas to the currently active FT_Face
metrics. This prevents line height differences when e.g. the default
outlines were used as the regular face and instances for everything else.
* src/truetype/ttgxvar.c (tt_apply_mvar): Implement.
If the OS/2 table exists and fsSelection bit 7 (USE_TYPO_METRICS) is set,
use the sTypo* set of values to compute the FT_Face's ascender, descender
and height. Otherwise, fall back to old behavior.
* src/sfnt/sfobjs.c (sfnt_load_face): Implement.
All of the Type 1 path building is done with code common to the
revised CFF engine, with the exception of closepath, which was still
calling ps_builder_close_contour(), thus previously cached segments
were not always written to the path, and glyph corruption, or even
invalid outlines were possible.
* src/psauc/psinterp.c (cf2_interpT2CharString) <cf2_cmdCLOSEPATH>:
Switch to calling `cf2_glyphpath_closeOpenPath'.
For multiple master fonts, common usage (in Postscript) is to modify
the WeightVector of an existing font instance, this addition
supports that use.
* include/freetype/ftmm.h, src/base/ftmm.c (FT_Set_MM_WeightVector,
FT_Get_MM_WeightVector): New API functions.
* include/freetype/internalservices/svmm.h
(FT_Set_MM_WeightVector_Func, FT_Get_MM_WeightVector_Func): New
function types.
(MultiMasters): Add `set_mm_weightvector' and `get_mm_weightvector'
members.
(FT_DEFINE_SERVICE_MULTIMASTERSREC): Updated.
* src/cffcffdrivr.c (cff_set_mm_weightvector,
cff_get_mm_weightvector): New functions.
(cff_service_multi_masters): Register them.
* src/truetype/ttdriver.c (tt_service_gx_multi_masters): Updated.
This driver doesn't use the new interface.
* src/type1/t1load.c (T1_Set_MM_WeightVector,
T1_Get_MM_WeightVector): New functions.
* src/type1/t1driver.c (t1_service_multi_masters): Register them.
* src/type1/t1load.h: Updated.
The solution and project files should be automatically upgraded for
the approriate Visual C++ version.
* builds/windows/visualc/freetype.{sln,vcproj}: Major upgrades.
* builds/windows/visualc/index.html: Document the change.
* builds/windows/vc2005, builds/windows/vc2008: Removed as redundant.