| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
FSGetForkCBInfo()
|
| | |
|
| |
|
|
| |
are defauled to no
|
| | |
|
| |
|
|
| |
functions, if they are warned as deprecated by the compiler attributes
|
| | |
|
| |
|
|
|
|
|
|
|
| |
There is no need to validate the original charmap in `FT_Set_Charmap`.
It can be reset directly.
* src/autofit/afglobal.c (af_face_globals_compute_style_coverage):
Use direct assignment.
* src/autofit/af{latin,cjk,indic}.c (af_latin_metrics_init): Ditto.
|
| |
|
|
|
|
| |
As with the previous commit, we can avoid the validation checks
of `FT_Set_Charmap` and set it directly when choosing from the
available list.
|
| |
|
|
|
| |
Set charmap aggressively without all validations of `FT_Set_Charmap`
because we take it from the available array and only temporarily.
Even CMap Format 14 will gracefully return 0.
|
| | |
|
| |
|
|
|
|
|
| |
Replace '(start + end) / 2' with 'start + (end - start) / 2' to avoid
overflow.
Fixes #1180.
|
| | |
|
| |
|
|
|
| |
* src/truetype/ttgxvar.c (tt_var_get_item_delta, ft_var_load_mvar): Use
`FT_OFFSET`.
|
| | |
|
| | |
|
| |
|
|
| |
Fixes #1185, closes !205. Formatting changes according to PEP8.
|
| |
|
|
|
|
|
|
|
|
|
| |
* src/sfnt/ttcolr.c (tt_face_get_colorline_stops, read_paint): Tighten
pointer bounds checks.
(get_child_table_pointer): Check whether incoming pointer `p` lies within
the 'COLR' table.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51816
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a check that the document content is actually contained within the
`SVG ` table. Without this check a malformed font may claim arbitrary
memory as its document content.
* src/sfnt/ttsvg.c (tt_face_load_svg): Take `numEntries` into account when
testing 'documentRecord' extents.
(find_doc): Rename `stream` to `document_records` for clarity.
(tt_face_load_svg_doc): Split `doc` from `doc_list` pointer for clarity.
Test that the document content is contained within the table.
Ensure minimum length of document before testing for gzip format.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51812
|
| |
|
|
|
|
|
| |
* src/base/ftbitmap.c (FT_Bitmap_Copy): Flip the copy if its pitch
is trully opposite, zero is not a positive value.
(FT_Bitmap_Convert): Set negative pitch as needed, accept negative
alignment values.
|
| |
|
|
|
|
|
|
| |
Reusing target bitmaps for copying and converting is permitted. It is,
however, pointless to preserve their content before overwriting. Free-
malloc might be faster than realloc.
* src/base/ftbitmap.c (FT_Bitmap_Copy, FT_Bitmap_Convert): Free
an old buffer and create a new one.
|
| |
|
|
|
|
|
|
|
| |
* src/sfnt/ttcolr.c (tt_face_load_colr): If the version is determined to
be 1, then the table size has to be at least the size of the v1 header.
Also, for peeking the number of base glyphs and entries in the layer list,
ensure that the table is sufficiently long.
Fixes #1179. Original patch by Sergey Temnikov.
|
| |
|
|
| |
Fixes #1181.
|
| |
|
|
|
|
|
|
|
|
| |
* src/truetype/ttgxvar.c (TT_Get_MM_Var): Reject retrieving master when
'fvar' values locally do not match with sanitized values from initialization
at `sfnt_init_face` time.
Reported as
https://bugs.chromium.org/p/chromium/issues/detail?id=1360295
|
| |
|
|
|
|
|
|
| |
Fixes #1178.
* src/sfnt/ttcolr.c (get_deltas_for_var_index_base): Set outer index to
0 and inner index to the delta index when retrieving deltas if the
`COLR` table has no delta set index map.
|
| |
|
|
|
|
|
|
|
| |
* src/sfnt/ttcolr.c (tt_face_get_colr_layer): Check that the pointer to
read from is within the 'COLR' table.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50633
|
| |
|
|
|
| |
* src/autofit/afglobal.c (af_face_globals_compute_style_coverage): Avoid
compiler warning.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes #1172.
* src/sfnt/sfobjs.c (sfnt_load_face): Tag font as Multiple Masters font if
`fvar` is present; do not require other tables to be present.
* src/truetype/ttgxvar.c (tt_set_mm_blend): Allow for a missing 'gvar' table
when setting variation coordinates. However, if a 'gvar' table is actually
present, do perform a sanity check and fail on malformedness.
(TT_Get_MM_Var): Don't assume 'fvar' needs 'gvar' or 'CFF2 tables in all
cases, which is an overly tight check.
|
| |
|
|
| |
Fixes #1177 to avoid mistranslation and other problems.
|
| |
|
|
|
|
|
| |
* src/sfnt/ttcolr.c (tt_face_get_colorline_stops): Disambiguate shift
behavior by using multiplication using macros from ftcalc.h.
Fixes: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50573
|
| |
|
|
|
|
|
|
| |
This option uncomments FreeType configuration macro
`FT_CONFIG_OPTION_ERROR_STRINGS` to make function `FT_Error_String` return
meaningful error strings.
This option is off by default.
|
| |
|
|
|
|
|
|
|
|
|
| |
This follows similar code in `cff_slot_done`.
* src/base/ftobjs.c (ft_glyphslot_done), src/type1/t1objs.c
(T1_GlyphSlot_Done): Check `internal` pointer.
The Type1 problems was reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50057.
|
| |
|
|
| |
The old 1809 runner will be decommissioned at some point.
|
| |
|
|
| |
See !192.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
| |
* src/cache/ftcbasic.c (FTC_ImageCache_Lookup, FTC_SBitCache_Lookup):
Clean up tracing types.
* src/cache/ftccache.c (ftc_node_destroy): Ditto.
* src/cache/ftcmanag.c (FTC_Manager_Check): Ditto.
(FTC_Manager_Check, FTC_Node_Unref): Remove a cast.
* src/cache/ftccmap.c (FTC_CMapCache_Lookup): Ditto.
|
| |
|
|
|
|
|
| |
* src/autofit/afmodule.h (AF_ModuleRec): Change `default_script` type.
* src/autofit/afglobal.c (af_face_globals_compute_style_coverage):
Remove casting.
* src/autofit/afmodule.c (af_property_{set,get}): Updated accordingly.
|
| |
|
|
|
|
|
|
| |
* src/autofit/afglobal.h (AF_FaceGlobalsRec): Change `glyph_count` type.
* src/autofit/afglobal.c (af_face_globals_compute_style_coverage,
af_face_globals_get_metrics, af_face_globals_is_digit,
af_face_globals_new): Changed local types and updated accordingly.
* src/autofit/aflatin.c (af_latin_metrics_init_blues): Ditto.
|
| |
|
|
|
| |
* include/freetype/internal/psaux.h (PS_TableRec): Remove `num_elems`.
* src/psaux/psobjs.c (ps_table_new): Remoove its initialization.
|
| |
|
|
|
| |
* src/sfnt/ttcolr.c (tt_face_get_color_glyph_clipbox): Depending on the
format, read `var_index_base`, then retrieve and apply scaled deltas.
|
| |
|
|
|
| |
* src/sfnt/ttcolr.c (tt_face_get_color_glyph_clipbox): Use appropriate
scale factor for `yMin` and `yMax`.
|
| |
|
|
|
|
|
|
|
|
| |
* src/autofit/afhints.h (AF_AxisHintsRec): Use unsigned types.
* src/autofit/afhints.c (af_axis_hints_new_{segment,edge},
af_glyph_hints_get_num_segments, af_glyph_hints_get_segment_offset):
Updated accordingly.
* src/autofit/aflatin.c (af_cjk_hints_compute_edges): Ditto.
* src/autofit/afcjk.c (af_cjk_hints_compute_edges): Ditto.
|
| | |
|
| | |
|
| |
|
|
|
| |
* src/sfnt/ttcolr.c: Protect relevant code with
`TT_CONFIG_OPTION_GX_VAR_SUPPORT`.
|
| |
|
|
|
|
|
|
|
| |
* include/freetype/internal/ftstream.h (FT_GET_SHORT_LE, FT_GET_USHORT_LE):
Fix type.
* src/sfnt/ttcolr.c (get_deltas_for_var_index_base): Always return boolean
value.
(tt_face_get_colorline_stops): Fix type of `var_index_base`.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Any array index must be strictly less then the array size. Therefore,
we must reject indexes that are equal to the array size. Alternatively,
we should move the bounds check before the index decrement but that
would be confusing.
In addition, it is ok to decrement zero (.notdef) and get UINT_MAX,
which is then automatically rejected in the bounds check.
* src/pfr/pfrobjs.c (pfr_face_get_kerning): Fix the bounds checking.
|
| |
|
|
|
|
|
| |
* src/pfr/pfrload.c (pfr_phy_font_load): Check resolutions and number of
characters.
Fixes #1174.
|
| | |
|
