diff options
Diffstat (limited to 'freetype/src/sfnt')
28 files changed, 931 insertions, 435 deletions
diff --git a/freetype/src/sfnt/Jamfile b/freetype/src/sfnt/Jamfile index cb20b1b04..089cc269b 100644 --- a/freetype/src/sfnt/Jamfile +++ b/freetype/src/sfnt/Jamfile @@ -1,6 +1,6 @@ # FreeType 2 src/sfnt Jamfile # -# Copyright 2001, 2002, 2004, 2005 by +# Copyright 2001-2016 by # David Turner, Robert Wilhelm, and Werner Lemberg. # # This file is part of the FreeType project, and may only be used, modified, @@ -16,7 +16,18 @@ SubDir FT2_TOP $(FT2_SRC_DIR) sfnt ; if $(FT2_MULTI) { - _sources = sfobjs sfdriver ttcmap ttmtx ttpost ttload ttsbit ttkern ttbdf sfntpic ; + _sources = pngshim + sfdriver + sfntpic + sfobjs + ttbdf + ttcmap + ttkern + ttload + ttmtx + ttpost + ttsbit + ; } else { diff --git a/freetype/src/sfnt/module.mk b/freetype/src/sfnt/module.mk index 95fd6a314..ca19e096a 100644 --- a/freetype/src/sfnt/module.mk +++ b/freetype/src/sfnt/module.mk @@ -3,7 +3,7 @@ # -# Copyright 1996-2000, 2006 by +# Copyright 1996-2016 by # David Turner, Robert Wilhelm, and Werner Lemberg. # # This file is part of the FreeType project, and may only be used, modified, diff --git a/freetype/src/sfnt/pngshim.c b/freetype/src/sfnt/pngshim.c index 9bfcc2a77..2815759cc 100644 --- a/freetype/src/sfnt/pngshim.c +++ b/freetype/src/sfnt/pngshim.c @@ -4,7 +4,8 @@ /* */ /* PNG Bitmap glyph support. */ /* */ -/* Copyright 2013, 2014 by Google, Inc. */ +/* Copyright 2013-2016 by */ +/* Google, Inc. */ /* Written by Stuart Gill and Behdad Esfahbod. */ /* */ /* This file is part of the FreeType project, and may only be used, */ @@ -36,11 +37,11 @@ /* This code is freely based on cairo-png.c. There's so many ways */ /* to call libpng, and the way cairo does it is defacto standard. */ - static int - multiply_alpha( int alpha, - int color ) + static unsigned int + multiply_alpha( unsigned int alpha, + unsigned int color ) { - int temp = ( alpha * color ) + 0x80; + unsigned int temp = alpha * color + 0x80; return ( temp + ( temp >> 8 ) ) >> 8; @@ -81,10 +82,10 @@ blue = multiply_alpha( alpha, blue ); } - base[0] = blue; - base[1] = green; - base[2] = red; - base[3] = alpha; + base[0] = (unsigned char)blue; + base[1] = (unsigned char)green; + base[2] = (unsigned char)red; + base[3] = (unsigned char)alpha; } } } @@ -109,9 +110,9 @@ unsigned int blue = base[2]; - base[0] = blue; - base[1] = green; - base[2] = red; + base[0] = (unsigned char)blue; + base[1] = (unsigned char)green; + base[2] = (unsigned char)red; base[3] = 0xFF; } } @@ -257,16 +258,16 @@ if ( populate_map_and_metrics ) { - FT_Long size; + FT_ULong size; - metrics->width = (FT_Int)imgWidth; - metrics->height = (FT_Int)imgHeight; + metrics->width = (FT_UShort)imgWidth; + metrics->height = (FT_UShort)imgHeight; map->width = metrics->width; map->rows = metrics->height; map->pixel_mode = FT_PIXEL_MODE_BGRA; - map->pitch = map->width * 4; + map->pitch = (int)( map->width * 4 ); map->num_grays = 256; /* reject too large bitmaps similarly to the rasterizer */ @@ -277,7 +278,7 @@ } /* this doesn't overflow: 0x7FFF * 0x7FFF * 4 < 2^32 */ - size = map->rows * map->pitch; + size = map->rows * (FT_ULong)map->pitch; error = ft_glyphslot_alloc_bitmap( slot, size ); if ( error ) diff --git a/freetype/src/sfnt/pngshim.h b/freetype/src/sfnt/pngshim.h index dc9ecaf91..ff0587133 100644 --- a/freetype/src/sfnt/pngshim.h +++ b/freetype/src/sfnt/pngshim.h @@ -4,7 +4,8 @@ /* */ /* PNG Bitmap glyph support. */ /* */ -/* Copyright 2013 by Google, Inc. */ +/* Copyright 2013-2016 by */ +/* Google, Inc. */ /* Written by Stuart Gill and Behdad Esfahbod. */ /* */ /* This file is part of the FreeType project, and may only be used, */ @@ -16,8 +17,8 @@ /***************************************************************************/ -#ifndef __PNGSHIM_H__ -#define __PNGSHIM_H__ +#ifndef PNGSHIM_H_ +#define PNGSHIM_H_ #include <ft2build.h> @@ -43,7 +44,7 @@ FT_BEGIN_HEADER FT_END_HEADER -#endif /* __PNGSHIM_H__ */ +#endif /* PNGSHIM_H_ */ /* END */ diff --git a/freetype/src/sfnt/rules.mk b/freetype/src/sfnt/rules.mk index a6c956ab6..e9fc42156 100644 --- a/freetype/src/sfnt/rules.mk +++ b/freetype/src/sfnt/rules.mk @@ -3,7 +3,7 @@ # -# Copyright 1996-2000, 2002-2007, 2009, 2011, 2013 by +# Copyright 1996-2016 by # David Turner, Robert Wilhelm, and Werner Lemberg. # # This file is part of the FreeType project, and may only be used, modified, @@ -20,7 +20,10 @@ SFNT_DIR := $(SRC_DIR)/sfnt # compilation flags for the driver # -SFNT_COMPILE := $(FT_COMPILE) $I$(subst /,$(COMPILER_SEP),$(SFNT_DIR)) +SFNT_COMPILE := $(CC) $(ANSIFLAGS) \ + $I$(subst /,$(COMPILER_SEP),$(SFNT_DIR)) \ + $(INCLUDE_FLAGS) \ + $(FT_CFLAGS) # SFNT driver sources (i.e., C files) diff --git a/freetype/src/sfnt/sfdriver.c b/freetype/src/sfnt/sfdriver.c index badb159dc..22332694b 100644 --- a/freetype/src/sfnt/sfdriver.c +++ b/freetype/src/sfnt/sfdriver.c @@ -4,7 +4,7 @@ /* */ /* High-level SFNT driver interface (body). */ /* */ -/* Copyright 1996-2007, 2009-2014 by */ +/* Copyright 1996-2016 by */ /* David Turner, Robert Wilhelm, and Werner Lemberg. */ /* */ /* This file is part of the FreeType project, and may only be used, */ @@ -139,9 +139,9 @@ FT_DEFINE_SERVICE_SFNT_TABLEREC( sfnt_service_sfnt_table, - (FT_SFNT_TableLoadFunc)tt_face_load_any, - (FT_SFNT_TableGetFunc) get_sfnt_table, - (FT_SFNT_TableInfoFunc)sfnt_table_info ) + (FT_SFNT_TableLoadFunc)tt_face_load_any, /* load_table */ + (FT_SFNT_TableGetFunc) get_sfnt_table, /* get_table */ + (FT_SFNT_TableInfoFunc)sfnt_table_info ) /* table_info */ #ifdef TT_CONFIG_OPTION_POSTSCRIPT_NAMES @@ -205,8 +205,8 @@ FT_DEFINE_SERVICE_GLYPHDICTREC( sfnt_service_glyph_dict, - (FT_GlyphDict_GetNameFunc) sfnt_get_glyph_name, - (FT_GlyphDict_NameIndexFunc)sfnt_get_name_index ) + (FT_GlyphDict_GetNameFunc) sfnt_get_glyph_name, /* get_name */ + (FT_GlyphDict_NameIndexFunc)sfnt_get_name_index ) /* name_index */ #endif /* TT_CONFIG_OPTION_POSTSCRIPT_NAMES */ @@ -266,7 +266,7 @@ { FT_Stream stream = face->name_table.stream; FT_String* r = (FT_String*)result; - FT_Byte* p; + FT_Char* p; if ( FT_STREAM_SEEK( name->stringOffset ) || @@ -280,11 +280,11 @@ goto Exit; } - p = (FT_Byte*)stream->cursor; + p = (FT_Char*)stream->cursor; for ( ; len > 0; len--, p += 2 ) { - if ( p[0] == 0 && p[1] >= 32 && p[1] < 128 ) + if ( p[0] == 0 && p[1] >= 32 ) *r++ = p[1]; } *r = '\0'; @@ -330,7 +330,7 @@ FT_DEFINE_SERVICE_PSFONTNAMEREC( sfnt_service_ps_name, - (FT_PsName_GetFunc)sfnt_get_ps_name ) + (FT_PsName_GetFunc)sfnt_get_ps_name ) /* get_ps_font_name */ /* @@ -338,7 +338,7 @@ */ FT_DEFINE_SERVICE_TTCMAPSREC( tt_service_get_cmap_info, - (TT_CMap_Info_GetFunc)tt_get_cmap_info ) + (TT_CMap_Info_GetFunc)tt_get_cmap_info ) /* get_cmap_info */ #ifdef TT_CONFIG_OPTION_BDF @@ -381,8 +381,8 @@ FT_DEFINE_SERVICE_BDFRec( sfnt_service_bdf, - (FT_BDF_GetCharsetIdFunc)sfnt_get_charset_id, - (FT_BDF_GetPropertyFunc) tt_face_find_bdf_prop ) + (FT_BDF_GetCharsetIdFunc)sfnt_get_charset_id, /* get_charset_id */ + (FT_BDF_GetPropertyFunc) tt_face_find_bdf_prop ) /* get_property */ #endif /* TT_CONFIG_OPTION_BDF */ @@ -459,53 +459,62 @@ FT_DEFINE_SFNT_INTERFACE( sfnt_interface, - tt_face_goto_table, + tt_face_goto_table, /* TT_Loader_GotoTableFunc goto_table */ - sfnt_init_face, - sfnt_load_face, - sfnt_done_face, - sfnt_get_interface, + sfnt_init_face, /* TT_Init_Face_Func init_face */ + sfnt_load_face, /* TT_Load_Face_Func load_face */ + sfnt_done_face, /* TT_Done_Face_Func done_face */ + sfnt_get_interface, /* FT_Module_Requester get_interface */ - tt_face_load_any, + tt_face_load_any, /* TT_Load_Any_Func load_any */ - tt_face_load_head, - tt_face_load_hhea, - tt_face_load_cmap, - tt_face_load_maxp, - tt_face_load_os2, - tt_face_load_post, + tt_face_load_head, /* TT_Load_Table_Func load_head */ + tt_face_load_hhea, /* TT_Load_Metrics_Func load_hhea */ + tt_face_load_cmap, /* TT_Load_Table_Func load_cmap */ + tt_face_load_maxp, /* TT_Load_Table_Func load_maxp */ + tt_face_load_os2, /* TT_Load_Table_Func load_os2 */ + tt_face_load_post, /* TT_Load_Table_Func load_post */ - tt_face_load_name, - tt_face_free_name, + tt_face_load_name, /* TT_Load_Table_Func load_name */ + tt_face_free_name, /* TT_Free_Table_Func free_name */ - tt_face_load_kern, - tt_face_load_gasp, - tt_face_load_pclt, + tt_face_load_kern, /* TT_Load_Table_Func load_kern */ + tt_face_load_gasp, /* TT_Load_Table_Func load_gasp */ + tt_face_load_pclt, /* TT_Load_Table_Func load_init */ /* see `ttload.h' */ PUT_EMBEDDED_BITMAPS( tt_face_load_bhed ), - + /* TT_Load_Table_Func load_bhed */ PUT_EMBEDDED_BITMAPS( tt_face_load_sbit_image ), + /* TT_Load_SBit_Image_Func load_sbit_image */ /* see `ttpost.h' */ PUT_PS_NAMES( tt_face_get_ps_name ), + /* TT_Get_PS_Name_Func get_psname */ PUT_PS_NAMES( tt_face_free_ps_names ), + /* TT_Free_Table_Func free_psnames */ /* since version 2.1.8 */ - tt_face_get_kerning, + tt_face_get_kerning, /* TT_Face_GetKerningFunc get_kerning */ /* since version 2.2 */ - tt_face_load_font_dir, - tt_face_load_hmtx, + tt_face_load_font_dir, /* TT_Load_Table_Func load_font_dir */ + tt_face_load_hmtx, /* TT_Load_Metrics_Func load_hmtx */ /* see `ttsbit.h' and `sfnt.h' */ PUT_EMBEDDED_BITMAPS( tt_face_load_sbit ), + /* TT_Load_Table_Func load_eblc */ PUT_EMBEDDED_BITMAPS( tt_face_free_sbit ), + /* TT_Free_Table_Func free_eblc */ PUT_EMBEDDED_BITMAPS( tt_face_set_sbit_strike ), + /* TT_Set_SBit_Strike_Func set_sbit_strike */ PUT_EMBEDDED_BITMAPS( tt_face_load_strike_metrics ), + /* TT_Load_Strike_Metrics_Func load_strike_metrics */ + + tt_face_get_metrics, /* TT_Get_Metrics_Func get_metrics */ - tt_face_get_metrics + tt_face_get_name /* TT_Get_Name_Func get_name */ ) diff --git a/freetype/src/sfnt/sfdriver.h b/freetype/src/sfnt/sfdriver.h index 5de25d51c..2694488e2 100644 --- a/freetype/src/sfnt/sfdriver.h +++ b/freetype/src/sfnt/sfdriver.h @@ -4,7 +4,7 @@ /* */ /* High-level SFNT driver interface (specification). */ /* */ -/* Copyright 1996-2001 by */ +/* Copyright 1996-2016 by */ /* David Turner, Robert Wilhelm, and Werner Lemberg. */ /* */ /* This file is part of the FreeType project, and may only be used, */ @@ -16,8 +16,8 @@ /***************************************************************************/ -#ifndef __SFDRIVER_H__ -#define __SFDRIVER_H__ +#ifndef SFDRIVER_H_ +#define SFDRIVER_H_ #include <ft2build.h> @@ -32,7 +32,7 @@ FT_BEGIN_HEADER FT_END_HEADER -#endif /* __SFDRIVER_H__ */ +#endif /* SFDRIVER_H_ */ /* END */ diff --git a/freetype/src/sfnt/sferrors.h b/freetype/src/sfnt/sferrors.h index e981e1d26..c2f9fdfea 100644 --- a/freetype/src/sfnt/sferrors.h +++ b/freetype/src/sfnt/sferrors.h @@ -4,7 +4,7 @@ /* */ /* SFNT error codes (specification only). */ /* */ -/* Copyright 2001, 2004, 2012, 2013 by */ +/* Copyright 2001-2016 by */ /* David Turner, Robert Wilhelm, and Werner Lemberg. */ /* */ /* This file is part of the FreeType project, and may only be used, */ @@ -22,12 +22,12 @@ /* */ /*************************************************************************/ -#ifndef __SFERRORS_H__ -#define __SFERRORS_H__ +#ifndef SFERRORS_H_ +#define SFERRORS_H_ #include FT_MODULE_ERRORS_H -#undef __FTERRORS_H__ +#undef FTERRORS_H_ #undef FT_ERR_PREFIX #define FT_ERR_PREFIX SFNT_Err_ @@ -35,6 +35,7 @@ #include FT_ERRORS_H -#endif /* __SFERRORS_H__ */ +#endif /* SFERRORS_H_ */ + /* END */ diff --git a/freetype/src/sfnt/sfnt.c b/freetype/src/sfnt/sfnt.c index d62ed4e0b..952d6d425 100644 --- a/freetype/src/sfnt/sfnt.c +++ b/freetype/src/sfnt/sfnt.c @@ -4,7 +4,7 @@ /* */ /* Single object library component. */ /* */ -/* Copyright 1996-2006, 2013 by */ +/* Copyright 1996-2016 by */ /* David Turner, Robert Wilhelm, and Werner Lemberg. */ /* */ /* This file is part of the FreeType project, and may only be used, */ diff --git a/freetype/src/sfnt/sfntpic.c b/freetype/src/sfnt/sfntpic.c index b3fb24b3f..1f596c093 100644 --- a/freetype/src/sfnt/sfntpic.c +++ b/freetype/src/sfnt/sfntpic.c @@ -4,7 +4,7 @@ /* */ /* The FreeType position independent code services for sfnt module. */ /* */ -/* Copyright 2009, 2010, 2012, 2013 by */ +/* Copyright 2009-2016 by */ /* Oran Agra and Mickey Gabel. */ /* */ /* This file is part of the FreeType project, and may only be used, */ diff --git a/freetype/src/sfnt/sfntpic.h b/freetype/src/sfnt/sfntpic.h index b09a9141e..5ce96d393 100644 --- a/freetype/src/sfnt/sfntpic.h +++ b/freetype/src/sfnt/sfntpic.h @@ -4,7 +4,7 @@ /* */ /* The FreeType position independent code services for sfnt module. */ /* */ -/* Copyright 2009, 2012 by */ +/* Copyright 2009-2016 by */ /* Oran Agra and Mickey Gabel. */ /* */ /* This file is part of the FreeType project, and may only be used, */ @@ -16,12 +16,10 @@ /***************************************************************************/ -#ifndef __SFNTPIC_H__ -#define __SFNTPIC_H__ +#ifndef SFNTPIC_H_ +#define SFNTPIC_H_ -FT_BEGIN_HEADER - #include FT_INTERNAL_PIC_H @@ -31,7 +29,6 @@ FT_BEGIN_HEADER #define SFNT_SERVICE_GLYPH_DICT_GET sfnt_service_glyph_dict #define SFNT_SERVICE_PS_NAME_GET sfnt_service_ps_name #define TT_SERVICE_CMAP_INFO_GET tt_service_get_cmap_info -#define SFNT_SERVICES_GET sfnt_services #define TT_CMAP_CLASSES_GET tt_cmap_classes #define SFNT_SERVICE_SFNT_TABLE_GET sfnt_service_sfnt_table #define SFNT_SERVICE_BDF_GET sfnt_service_bdf @@ -56,6 +53,8 @@ FT_BEGIN_HEADER #include "ttcmap.h" +FT_BEGIN_HEADER + typedef struct sfntModulePIC_ { FT_ServiceDescRec* sfnt_services; @@ -83,8 +82,6 @@ FT_BEGIN_HEADER ( GET_PIC( library )->sfnt_service_ps_name ) #define TT_SERVICE_CMAP_INFO_GET \ ( GET_PIC( library )->tt_service_get_cmap_info ) -#define SFNT_SERVICES_GET \ - ( GET_PIC( library )->sfnt_services ) #define TT_CMAP_CLASSES_GET \ ( GET_PIC( library )->tt_cmap_classes ) #define SFNT_SERVICE_SFNT_TABLE_GET \ @@ -102,13 +99,14 @@ FT_BEGIN_HEADER FT_Error sfnt_module_class_pic_init( FT_Library library ); + +FT_END_HEADER + #endif /* FT_CONFIG_OPTION_PIC */ /* */ -FT_END_HEADER - -#endif /* __SFNTPIC_H__ */ +#endif /* SFNTPIC_H_ */ /* END */ diff --git a/freetype/src/sfnt/sfobjs.c b/freetype/src/sfnt/sfobjs.c index 70b988d65..4413bbcf2 100644 --- a/freetype/src/sfnt/sfobjs.c +++ b/freetype/src/sfnt/sfobjs.c @@ -4,7 +4,7 @@ /* */ /* SFNT object management (base). */ /* */ -/* Copyright 1996-2008, 2010-2014 by */ +/* Copyright 1996-2016 by */ /* David Turner, Robert Wilhelm, and Werner Lemberg. */ /* */ /* This file is part of the FreeType project, and may only be used, */ @@ -120,27 +120,9 @@ FT_Memory memory ); - /*************************************************************************/ - /* */ - /* <Function> */ - /* tt_face_get_name */ - /* */ - /* <Description> */ - /* Returns a given ENGLISH name record in ASCII. */ - /* */ - /* <Input> */ - /* face :: A handle to the source face object. */ - /* */ - /* nameid :: The name id of the name record to return. */ - /* */ - /* <InOut> */ - /* name :: The address of a string pointer. NULL if no name is */ - /* present. */ - /* */ - /* <Return> */ - /* FreeType error code. 0 means success. */ - /* */ - static FT_Error + /* documentation is in sfnt.h */ + + FT_LOCAL_DEF( FT_Error ) tt_face_get_name( TT_Face face, FT_UShort nameid, FT_String** name ) @@ -376,8 +358,8 @@ FT_FREE( stream->base ); stream->size = 0; - stream->base = 0; - stream->close = 0; + stream->base = NULL; + stream->close = NULL; } @@ -469,10 +451,14 @@ woff.metaOrigLength != 0 ) ) || ( woff.metaLength != 0 && woff.metaOrigLength == 0 ) || ( woff.privOffset == 0 && woff.privLength != 0 ) ) + { + FT_ERROR(( "woff_font_open: invalid WOFF header\n" )); return FT_THROW( Invalid_Table ); + } - if ( FT_ALLOC( sfnt, woff.totalSfntSize ) || - FT_NEW( sfnt_stream ) ) + /* Don't trust `totalSfntSize' before thorough checks. */ + if ( FT_ALLOC( sfnt, 12 + woff.num_tables * 16UL ) || + FT_NEW( sfnt_stream ) ) goto Exit; sfnt_header = sfnt; @@ -539,6 +525,8 @@ if ( table->Tag <= old_tag ) { FT_FRAME_EXIT(); + + FT_ERROR(( "woff_font_open: table tags are not sorted\n" )); error = FT_THROW( Invalid_Table ); goto Exit; } @@ -573,6 +561,7 @@ sfnt_offset > woff.totalSfntSize - table->OrigLength || table->CompLength > table->OrigLength ) { + FT_ERROR(( "woff_font_open: invalid table offsets\n" )); error = FT_THROW( Invalid_Table ); goto Exit; } @@ -580,8 +569,8 @@ table->OrigOffset = sfnt_offset; /* The offsets must be multiples of 4. */ - woff_offset += ( table->CompLength + 3 ) & ~3; - sfnt_offset += ( table->OrigLength + 3 ) & ~3; + woff_offset += ( table->CompLength + 3 ) & ~3U; + sfnt_offset += ( table->OrigLength + 3 ) & ~3U; } /* @@ -598,6 +587,8 @@ if ( woff.metaOffset != woff_offset || woff.metaOffset + woff.metaLength > woff.length ) { + FT_ERROR(( "woff_font_open:" + " invalid `metadata' offset or length\n" )); error = FT_THROW( Invalid_Table ); goto Exit; } @@ -609,11 +600,12 @@ if ( woff.privOffset ) { /* ... if it isn't the last block. */ - woff_offset = ( woff_offset + 3 ) & ~3; + woff_offset = ( woff_offset + 3 ) & ~3U; if ( woff.privOffset != woff_offset || woff.privOffset + woff.privLength > woff.length ) { + FT_ERROR(( "woff_font_open: invalid `private' offset or length\n" )); error = FT_THROW( Invalid_Table ); goto Exit; } @@ -625,10 +617,19 @@ if ( sfnt_offset != woff.totalSfntSize || woff_offset != woff.length ) { + FT_ERROR(( "woff_font_open: invalid `sfnt' table structure\n" )); error = FT_THROW( Invalid_Table ); goto Exit; } + /* Now use `totalSfntSize'. */ + if ( FT_REALLOC( sfnt, + 12 + woff.num_tables * 16UL, + woff.totalSfntSize ) ) + goto Exit; + + sfnt_header = sfnt + 12; + /* Write the tables. */ for ( nn = 0; nn < woff.num_tables; nn++ ) @@ -669,6 +670,7 @@ goto Exit; if ( output_len != table->OrigLength ) { + FT_ERROR(( "woff_font_open: compressed table length mismatch\n" )); error = FT_THROW( Invalid_Table ); goto Exit; } @@ -839,13 +841,14 @@ FT_LOCAL_DEF( FT_Error ) sfnt_init_face( FT_Stream stream, TT_Face face, - FT_Int face_index, + FT_Int face_instance_index, FT_Int num_params, FT_Parameter* params ) { - FT_Error error; - FT_Library library = face->root.driver->root.library; - SFNT_Service sfnt; + FT_Error error; + FT_Library library = face->root.driver->root.library; + SFNT_Service sfnt; + FT_Int face_index; /* for now, parameters are unused */ @@ -878,24 +881,103 @@ /* Stream may have changed in sfnt_open_font. */ stream = face->root.stream; - FT_TRACE2(( "sfnt_init_face: %08p, %ld\n", face, face_index )); + FT_TRACE2(( "sfnt_init_face: %08p, %ld\n", face, face_instance_index )); - if ( face_index < 0 ) - face_index = 0; + face_index = FT_ABS( face_instance_index ) & 0xFFFF; if ( face_index >= face->ttc_header.count ) - return FT_THROW( Invalid_Argument ); + { + if ( face_instance_index >= 0 ) + return FT_THROW( Invalid_Argument ); + else + face_index = 0; + } if ( FT_STREAM_SEEK( face->ttc_header.offsets[face_index] ) ) return error; - /* check that we have a valid TrueType file */ + /* check whether we have a valid TrueType file */ error = sfnt->load_font_dir( face, stream ); if ( error ) return error; +#ifdef TT_CONFIG_OPTION_GX_VAR_SUPPORT + { + FT_ULong fvar_len; + + FT_ULong version; + FT_ULong offset; + + FT_UShort num_axes; + FT_UShort axis_size; + FT_UShort num_instances; + FT_UShort instance_size; + + FT_Int instance_index; + + + instance_index = FT_ABS( face_instance_index ) >> 16; + + /* test whether current face is a GX font with named instances */ + if ( face->goto_table( face, TTAG_fvar, stream, &fvar_len ) || + fvar_len < 20 || + FT_READ_ULONG( version ) || + FT_READ_USHORT( offset ) || + FT_STREAM_SKIP( 2 ) || + FT_READ_USHORT( num_axes ) || + FT_READ_USHORT( axis_size ) || + FT_READ_USHORT( num_instances ) || + FT_READ_USHORT( instance_size ) ) + { + version = 0; + offset = 0; + num_axes = 0; + axis_size = 0; + num_instances = 0; + instance_size = 0; + } + + /* check that the data is bound by the table length; */ + /* based on similar code in function `TT_Get_MM_Var' */ + if ( version != 0x00010000UL || + axis_size != 20 || + num_axes > 0x3FFE || + instance_size != 4 + 4 * num_axes || + num_instances > 0x7EFF || + offset + + axis_size * num_axes + + instance_size * num_instances > fvar_len ) + num_instances = 0; + + /* we don't support Multiple Master CFFs yet */ + if ( !face->goto_table( face, TTAG_CFF, stream, 0 ) ) + num_instances = 0; + + /* we support at most 2^15 - 1 instances */ + if ( num_instances >= ( 1U << 15 ) - 1 ) + { + if ( face_instance_index >= 0 ) + return FT_THROW( Invalid_Argument ); + else + num_instances = 0; + } + + /* instance indices in `face_instance_index' start with index 1, */ + /* thus `>' and not `>=' */ + if ( instance_index > num_instances ) + { + if ( face_instance_index >= 0 ) + return FT_THROW( Invalid_Argument ); + else + num_instances = 0; + } + + face->root.style_flags = (FT_Long)num_instances << 16; + } +#endif + face->root.num_faces = face->ttc_header.count; - face->root.face_index = face_index; + face->root.face_index = face_instance_index; return error; } @@ -946,7 +1028,7 @@ FT_LOCAL_DEF( FT_Error ) sfnt_load_face( FT_Stream stream, TT_Face face, - FT_Int face_index, + FT_Int face_instance_index, FT_Int num_params, FT_Parameter* params ) { @@ -962,7 +1044,7 @@ SFNT_Service sfnt = (SFNT_Service)face->sfnt; - FT_UNUSED( face_index ); + FT_UNUSED( face_instance_index ); /* Check parameters */ @@ -1284,7 +1366,7 @@ flags |= FT_STYLE_FLAG_ITALIC; } - root->style_flags = flags; + root->style_flags |= flags; /*********************************************************************/ /* */ @@ -1431,8 +1513,8 @@ root->ascender = face->horizontal.Ascender; root->descender = face->horizontal.Descender; - root->height = (FT_Short)( root->ascender - root->descender + - face->horizontal.Line_Gap ); + root->height = root->ascender - root->descender + + face->horizontal.Line_Gap; if ( !( root->ascender || root->descender ) ) { @@ -1443,23 +1525,24 @@ root->ascender = face->os2.sTypoAscender; root->descender = face->os2.sTypoDescender; - root->height = (FT_Short)( root->ascender - root->descender + - face->os2.sTypoLineGap ); + root->height = root->ascender - root->descender + + face->os2.sTypoLineGap; } else { root->ascender = (FT_Short)face->os2.usWinAscent; root->descender = -(FT_Short)face->os2.usWinDescent; - root->height = (FT_UShort)( root->ascender - root->descender ); + root->height = root->ascender - root->descender; } } } - root->max_advance_width = face->horizontal.advance_Width_Max; - root->max_advance_height = (FT_Short)( face->vertical_info - ? face->vertical.advance_Height_Max - : root->height ); + root->max_advance_width = + (FT_Short)face->horizontal.advance_Width_Max; + root->max_advance_height = + (FT_Short)( face->vertical_info ? face->vertical.advance_Height_Max + : root->height ); /* See http://www.microsoft.com/OpenType/OTSpec/post.htm -- */ /* Adjust underline position from top edge to centre of */ @@ -1569,7 +1652,7 @@ FT_FREE( face->postscript_name ); - face->sfnt = 0; + face->sfnt = NULL; } diff --git a/freetype/src/sfnt/sfobjs.h b/freetype/src/sfnt/sfobjs.h index 6241c93b3..60b5698ed 100644 --- a/freetype/src/sfnt/sfobjs.h +++ b/freetype/src/sfnt/sfobjs.h @@ -4,7 +4,7 @@ /* */ /* SFNT object management (specification). */ /* */ -/* Copyright 1996-2001, 2002 by */ +/* Copyright 1996-2016 by */ /* David Turner, Robert Wilhelm, and Werner Lemberg. */ /* */ /* This file is part of the FreeType project, and may only be used, */ @@ -16,8 +16,8 @@ /***************************************************************************/ -#ifndef __SFOBJS_H__ -#define __SFOBJS_H__ +#ifndef SFOBJS_H_ +#define SFOBJS_H_ #include <ft2build.h> @@ -31,24 +31,29 @@ FT_BEGIN_HEADER FT_LOCAL( FT_Error ) sfnt_init_face( FT_Stream stream, TT_Face face, - FT_Int face_index, + FT_Int face_instance_index, FT_Int num_params, FT_Parameter* params ); FT_LOCAL( FT_Error ) sfnt_load_face( FT_Stream stream, TT_Face face, - FT_Int face_index, + FT_Int face_instance_index, FT_Int num_params, FT_Parameter* params ); FT_LOCAL( void ) sfnt_done_face( TT_Face face ); + FT_LOCAL( FT_Error ) + tt_face_get_name( TT_Face face, + FT_UShort nameid, + FT_String** name ); + FT_END_HEADER -#endif /* __SFDRIVER_H__ */ +#endif /* SFDRIVER_H_ */ /* END */ diff --git a/freetype/src/sfnt/ttbdf.c b/freetype/src/sfnt/ttbdf.c index 9401dae5f..f89169111 100644 --- a/freetype/src/sfnt/ttbdf.c +++ b/freetype/src/sfnt/ttbdf.c @@ -4,7 +4,7 @@ /* */ /* TrueType and OpenType embedded BDF properties (body). */ /* */ -/* Copyright 2005, 2006, 2010, 2013 by */ +/* Copyright 2005-2016 by */ /* David Turner, Robert Wilhelm, and Werner Lemberg. */ /* */ /* This file is part of the FreeType project, and may only be used, */ diff --git a/freetype/src/sfnt/ttbdf.h b/freetype/src/sfnt/ttbdf.h index 48a10d6e9..ae521c60b 100644 --- a/freetype/src/sfnt/ttbdf.h +++ b/freetype/src/sfnt/ttbdf.h @@ -4,7 +4,7 @@ /* */ /* TrueType and OpenType embedded BDF properties (specification). */ /* */ -/* Copyright 2005 by */ +/* Copyright 2005-2016 by */ /* David Turner, Robert Wilhelm, and Werner Lemberg. */ /* */ /* This file is part of the FreeType project, and may only be used, */ @@ -16,8 +16,8 @@ /***************************************************************************/ -#ifndef __TTBDF_H__ -#define __TTBDF_H__ +#ifndef TTBDF_H_ +#define TTBDF_H_ #include <ft2build.h> @@ -40,7 +40,7 @@ FT_BEGIN_HEADER FT_END_HEADER -#endif /* __TTBDF_H__ */ +#endif /* TTBDF_H_ */ /* END */ diff --git a/freetype/src/sfnt/ttcmap.c b/freetype/src/sfnt/ttcmap.c index f54de7069..cd7467d4d 100644 --- a/freetype/src/sfnt/ttcmap.c +++ b/freetype/src/sfnt/ttcmap.c @@ -4,7 +4,7 @@ /* */ /* TrueType character mapping table (cmap) support (body). */ /* */ -/* Copyright 2002-2010, 2012-2014 by */ +/* Copyright 2002-2016 by */ /* David Turner, Robert Wilhelm, and Werner Lemberg. */ /* */ /* This file is part of the FreeType project, and may only be used, */ @@ -51,6 +51,13 @@ #define TT_NEXT_ULONG FT_NEXT_ULONG + /* Too large glyph index return values are caught in `FT_Get_Char_Index' */ + /* and `FT_Get_Next_Char' (the latter calls the internal `next' function */ + /* again in this case). To mark character code return values as invalid */ + /* it is sufficient to set the corresponding glyph index return value to */ + /* zero. */ + + FT_CALLBACK_DEF( FT_Error ) tt_cmap_init( TT_CMap cmap, FT_Byte* table ) @@ -199,7 +206,7 @@ /***** FORMAT 2 *****/ /***** *****/ /***** This is used for certain CJK encodings that encode text in a *****/ - /***** mixed 8/16 bits encoding along the following lines: *****/ + /***** mixed 8/16 bits encoding along the following lines. *****/ /***** *****/ /***** * Certain byte values correspond to an 8-bit character code *****/ /***** (typically in the range 0..127 for ASCII compatibility). *****/ @@ -209,19 +216,19 @@ /***** second byte of a 2-byte character). *****/ /***** *****/ /***** The following charmap lookup and iteration functions all *****/ - /***** assume that the value "charcode" correspond to following: *****/ + /***** assume that the value `charcode' fulfills the following. *****/ /***** *****/ - /***** - For one byte characters, "charcode" is simply the *****/ + /***** - For one byte characters, `charcode' is simply the *****/ /***** character code. *****/ /***** *****/ - /***** - For two byte characters, "charcode" is the 2-byte *****/ - /***** character code in big endian format. More exactly: *****/ + /***** - For two byte characters, `charcode' is the 2-byte *****/ + /***** character code in big endian format. More precisely: *****/ /***** *****/ /***** (charcode >> 8) is the first byte value *****/ /***** (charcode & 0xFF) is the second byte value *****/ /***** *****/ - /***** Note that not all values of "charcode" are valid according *****/ - /***** to these rules, and the function moderately check the *****/ + /***** Note that not all values of `charcode' are valid according *****/ + /***** to these rules, and the function moderately checks the *****/ /***** arguments. *****/ /***** *****/ /*************************************************************************/ @@ -249,7 +256,7 @@ /* table, i.e., it is the corresponding sub-header index multiplied */ /* by 8. */ /* */ - /* Each sub-header has the following format: */ + /* Each sub-header has the following format. */ /* */ /* NAME OFFSET TYPE DESCRIPTION */ /* */ @@ -264,11 +271,11 @@ /* according to the specification. */ /* */ /* If a character code is contained within a given sub-header, then */ - /* mapping it to a glyph index is done as follows: */ + /* mapping it to a glyph index is done as follows. */ /* */ /* * The value of `offset' is read. This is a _byte_ distance from the */ /* location of the `offset' field itself into a slice of the */ - /* `glyph_ids' table. Let's call it `slice' (it is a USHORT[] too). */ + /* `glyph_ids' table. Let's call it `slice' (it is a USHORT[], too). */ /* */ /* * The value `slice[char.lo - first]' is read. If it is 0, there is */ /* no glyph for the charcode. Otherwise, the value of `delta' is */ @@ -326,7 +333,7 @@ FT_ASSERT( p == table + 518 ); subs = p; - glyph_ids = subs + (max_subs + 1) * 8; + glyph_ids = subs + ( max_subs + 1 ) * 8; if ( glyph_ids > valid->limit ) FT_INVALID_TOO_SHORT; @@ -360,7 +367,7 @@ ids = p - 2 + offset; - if ( ids < glyph_ids || ids + code_count*2 > table + length ) + if ( ids < glyph_ids || ids + code_count * 2 > table + length ) FT_INVALID_OFFSET; /* check glyph IDs */ @@ -375,7 +382,7 @@ idx = TT_NEXT_USHORT( p ); if ( idx != 0 ) { - idx = ( idx + delta ) & 0xFFFFU; + idx = (FT_UInt)( (FT_Int)idx + delta ) & 0xFFFFU; if ( idx >= TT_VALID_GLYPH_COUNT( valid ) ) FT_INVALID_GLYPH_ID; } @@ -436,6 +443,7 @@ } result = sub; } + Exit: return result; } @@ -472,9 +480,10 @@ idx = TT_PEEK_USHORT( p ); if ( idx != 0 ) - result = (FT_UInt)( idx + delta ) & 0xFFFFU; + result = (FT_UInt)( (FT_Int)idx + delta ) & 0xFFFFU; } } + return result; } @@ -524,7 +533,7 @@ if ( idx != 0 ) { - gindex = ( idx + delta ) & 0xFFFFU; + gindex = (FT_UInt)( (FT_Int)idx + delta ) & 0xFFFFU; if ( gindex != 0 ) { result = charcode; @@ -754,6 +763,9 @@ static void tt_cmap4_next( TT_CMap4 cmap ) { + TT_Face face = (TT_Face)cmap->cmap.cmap.charmap.face; + FT_Byte* limit = face->cmap_table + face->cmap_size; + FT_UInt charcode; @@ -765,7 +777,7 @@ if ( charcode < cmap->cur_start ) charcode = cmap->cur_start; - for ( ;; ) + for (;;) { FT_Byte* values = cmap->cur_values; FT_UInt end = cmap->cur_end; @@ -779,15 +791,19 @@ FT_Byte* p = values + 2 * ( charcode - cmap->cur_start ); + /* if p > limit, the whole segment is invalid */ + if ( p > limit ) + goto Next_Segment; + do { FT_UInt gindex = FT_NEXT_USHORT( p ); - if ( gindex != 0 ) + if ( gindex ) { - gindex = (FT_UInt)( ( gindex + delta ) & 0xFFFFU ); - if ( gindex != 0 ) + gindex = (FT_UInt)( (FT_Int)gindex + delta ) & 0xFFFFU; + if ( gindex ) { cmap->cur_charcode = charcode; cmap->cur_gindex = gindex; @@ -800,10 +816,29 @@ { do { - FT_UInt gindex = (FT_UInt)( ( charcode + delta ) & 0xFFFFU ); + FT_UInt gindex = (FT_UInt)( (FT_Int)charcode + delta ) & 0xFFFFU; - if ( gindex != 0 ) + if ( gindex >= (FT_UInt)face->root.num_glyphs ) + { + /* we have an invalid glyph index; if there is an overflow, */ + /* we can adjust `charcode', otherwise the whole segment is */ + /* invalid */ + gindex = 0; + + if ( (FT_Int)charcode + delta < 0 && + (FT_Int)end + delta >= 0 ) + charcode = (FT_UInt)( -delta ); + + else if ( (FT_Int)charcode + delta < 0x10000L && + (FT_Int)end + delta >= 0x10000L ) + charcode = (FT_UInt)( 0x10000L - delta ); + + else + goto Next_Segment; + } + + if ( gindex ) { cmap->cur_charcode = charcode; cmap->cur_gindex = gindex; @@ -813,6 +848,7 @@ } } + Next_Segment: /* we need to find another range */ if ( tt_cmap4_set_range( cmap, cmap->cur_range + 1 ) < 0 ) break; @@ -973,7 +1009,7 @@ /* segment if it contains only a single character. */ /* */ /* We thus omit the test here, delaying it to the */ - /* routines which actually access the cmap. */ + /* routines that actually access the cmap. */ else if ( n != num_segs - 1 || !( start == 0xFFFFU && end == 0xFFFFU ) ) { @@ -993,7 +1029,7 @@ idx = FT_NEXT_USHORT( p ); if ( idx != 0 ) { - idx = (FT_UInt)( idx + delta ) & 0xFFFFU; + idx = (FT_UInt)( (FT_Int)idx + delta ) & 0xFFFFU; if ( idx >= TT_VALID_GLYPH_COUNT( valid ) ) FT_INVALID_GLYPH_ID; @@ -1026,12 +1062,17 @@ FT_UInt32* pcharcode, FT_Bool next ) { + TT_Face face = (TT_Face)cmap->cmap.charmap.face; + FT_Byte* limit = face->cmap_table + face->cmap_size; + + FT_UInt num_segs2, start, end, offset; FT_Int delta; FT_UInt i, num_segs; FT_UInt32 charcode = *pcharcode; FT_UInt gindex = 0; FT_Byte* p; + FT_Byte* q; p = cmap->data + 6; @@ -1045,65 +1086,106 @@ if ( next ) charcode++; + if ( charcode > 0xFFFFU ) + return 0; + /* linear search */ - for ( ; charcode <= 0xFFFFU; charcode++ ) - { - FT_Byte* q; + p = cmap->data + 14; /* ends table */ + q = cmap->data + 16 + num_segs2; /* starts table */ + for ( i = 0; i < num_segs; i++ ) + { + end = TT_NEXT_USHORT( p ); + start = TT_NEXT_USHORT( q ); - p = cmap->data + 14; /* ends table */ - q = cmap->data + 16 + num_segs2; /* starts table */ + if ( charcode < start ) + { + if ( next ) + charcode = start; + else + break; + } - for ( i = 0; i < num_segs; i++ ) + Again: + if ( charcode <= end ) { - end = TT_NEXT_USHORT( p ); - start = TT_NEXT_USHORT( q ); + FT_Byte* r; + - if ( charcode >= start && charcode <= end ) + r = q - 2 + num_segs2; + delta = TT_PEEK_SHORT( r ); + r += num_segs2; + offset = TT_PEEK_USHORT( r ); + + /* some fonts have an incorrect last segment; */ + /* we have to catch it */ + if ( i >= num_segs - 1 && + start == 0xFFFFU && end == 0xFFFFU ) { - p = q - 2 + num_segs2; - delta = TT_PEEK_SHORT( p ); - p += num_segs2; - offset = TT_PEEK_USHORT( p ); - - /* some fonts have an incorrect last segment; */ - /* we have to catch it */ - if ( i >= num_segs - 1 && - start == 0xFFFFU && end == 0xFFFFU ) + if ( offset && r + offset + 2 > limit ) { - TT_Face face = (TT_Face)cmap->cmap.charmap.face; - FT_Byte* limit = face->cmap_table + face->cmap_size; + delta = 1; + offset = 0; + } + } + if ( offset == 0xFFFFU ) + continue; - if ( offset && p + offset + 2 > limit ) - { - delta = 1; - offset = 0; - } - } + if ( offset ) + { + r += offset + ( charcode - start ) * 2; - if ( offset == 0xFFFFU ) + /* if r > limit, the whole segment is invalid */ + if ( next && r > limit ) continue; - if ( offset ) + gindex = TT_PEEK_USHORT( r ); + if ( gindex ) { - p += offset + ( charcode - start ) * 2; - gindex = TT_PEEK_USHORT( p ); - if ( gindex != 0 ) - gindex = (FT_UInt)( gindex + delta ) & 0xFFFFU; + gindex = (FT_UInt)( (FT_Int)gindex + delta ) & 0xFFFFU; + if ( gindex >= (FT_UInt)face->root.num_glyphs ) + gindex = 0; } - else - gindex = (FT_UInt)( charcode + delta ) & 0xFFFFU; + } + else + { + gindex = (FT_UInt)( (FT_Int)charcode + delta ) & 0xFFFFU; - break; + if ( next && gindex >= (FT_UInt)face->root.num_glyphs ) + { + /* we have an invalid glyph index; if there is an overflow, */ + /* we can adjust `charcode', otherwise the whole segment is */ + /* invalid */ + gindex = 0; + + if ( (FT_Int)charcode + delta < 0 && + (FT_Int)end + delta >= 0 ) + charcode = (FT_UInt)( -delta ); + + else if ( (FT_Int)charcode + delta < 0x10000L && + (FT_Int)end + delta >= 0x10000L ) + charcode = (FT_UInt)( 0x10000L - delta ); + + else + continue; + } + } + + if ( next && !gindex ) + { + if ( charcode >= 0xFFFFU ) + break; + + charcode++; + goto Again; } - } - if ( !next || gindex ) break; + } } - if ( next && gindex ) + if ( next ) *pcharcode = charcode; return gindex; @@ -1115,6 +1197,9 @@ FT_UInt32* pcharcode, FT_Bool next ) { + TT_Face face = (TT_Face)cmap->cmap.charmap.face; + FT_Byte* limit = face->cmap_table + face->cmap_size; + FT_UInt num_segs2, start, end, offset; FT_Int delta; FT_UInt max, min, mid, num_segs; @@ -1166,10 +1251,6 @@ if ( mid >= num_segs - 1 && start == 0xFFFFU && end == 0xFFFFU ) { - TT_Face face = (TT_Face)cmap->cmap.charmap.face; - FT_Byte* limit = face->cmap_table + face->cmap_size; - - if ( offset && p + offset + 2 > limit ) { delta = 1; @@ -1190,7 +1271,7 @@ mid = max + 1; /* search in segments before the current segment */ - for ( i = max ; i > 0; i-- ) + for ( i = max; i > 0; i-- ) { FT_UInt prev_end; FT_Byte* old_p; @@ -1292,12 +1373,39 @@ if ( offset ) { p += offset + ( charcode - start ) * 2; + + /* if p > limit, the whole segment is invalid */ + if ( next && p > limit ) + break; + gindex = TT_PEEK_USHORT( p ); - if ( gindex != 0 ) - gindex = (FT_UInt)( gindex + delta ) & 0xFFFFU; + if ( gindex ) + { + gindex = (FT_UInt)( (FT_Int)gindex + delta ) & 0xFFFFU; + if ( gindex >= (FT_UInt)face->root.num_glyphs ) + gindex = 0; + } } else - gindex = (FT_UInt)( charcode + delta ) & 0xFFFFU; + { + gindex = (FT_UInt)( (FT_Int)charcode + delta ) & 0xFFFFU; + + if ( next && gindex >= (FT_UInt)face->root.num_glyphs ) + { + /* we have an invalid glyph index; if there is an overflow, */ + /* we can adjust `charcode', otherwise the whole segment is */ + /* invalid */ + gindex = 0; + + if ( (FT_Int)charcode + delta < 0 && + (FT_Int)end + delta >= 0 ) + charcode = (FT_UInt)( -delta ); + + else if ( (FT_Int)charcode + delta < 0x10000L && + (FT_Int)end + delta >= 0x10000L ) + charcode = (FT_UInt)( 0x10000L - delta ); + } + } break; } @@ -1310,7 +1418,6 @@ /* if `charcode' is not in any segment, then `mid' is */ /* the segment nearest to `charcode' */ - /* */ if ( charcode > end ) { @@ -1443,7 +1550,7 @@ /* */ /* NAME OFFSET TYPE DESCRIPTION */ /* */ - /* format 0 USHORT must be 4 */ + /* format 0 USHORT must be 6 */ /* length 2 USHORT table length in bytes */ /* language 4 USHORT Mac language code */ /* */ @@ -1511,6 +1618,7 @@ p += 2 * idx; result = TT_PEEK_USHORT( p ); } + return result; } @@ -1531,7 +1639,7 @@ if ( char_code >= 0x10000UL ) - goto Exit; + return 0; if ( char_code < start ) char_code = start; @@ -1547,10 +1655,13 @@ result = char_code; break; } + + if ( char_code >= 0xFFFFU ) + return 0; + char_code++; } - Exit: *pchar_code = result; return gindex; } @@ -1602,7 +1713,7 @@ /***** *****/ /***** The purpose of this format is to easily map UTF-16 text to *****/ /***** glyph indices. Basically, the `char_code' must be in one of *****/ - /***** the following formats: *****/ + /***** the following formats. *****/ /***** *****/ /***** - A 16-bit value that isn't part of the Unicode Surrogates *****/ /***** Area (i.e. U+D800-U+DFFF). *****/ @@ -1615,7 +1726,7 @@ /***** The `is32' table embedded in the charmap indicates whether a *****/ /***** given 16-bit value is in the surrogates area or not. *****/ /***** *****/ - /***** So, for any given `char_code', we can assert the following: *****/ + /***** So, for any given `char_code', we can assert the following. *****/ /***** *****/ /***** If `char_hi == 0' then we must have `is32[char_lo] == 0'. *****/ /***** *****/ @@ -1770,7 +1881,10 @@ if ( char_code <= end ) { - result = (FT_UInt)( start_id + char_code - start ); + if ( start_id > 0xFFFFFFFFUL - ( char_code - start ) ) + return 0; + + result = (FT_UInt)( start_id + ( char_code - start ) ); break; } } @@ -1782,8 +1896,9 @@ tt_cmap8_char_next( TT_CMap cmap, FT_UInt32 *pchar_code ) { + FT_Face face = cmap->cmap.charmap.face; FT_UInt32 result = 0; - FT_UInt32 char_code = *pchar_code + 1; + FT_UInt32 char_code; FT_UInt gindex = 0; FT_Byte* table = cmap->data; FT_Byte* p = table + 8204; @@ -1791,6 +1906,11 @@ FT_UInt32 start, end, start_id; + if ( *pchar_code >= 0xFFFFFFFFUL ) + return 0; + + char_code = *pchar_code + 1; + p = table + 8208; for ( ; num_groups > 0; num_groups-- ) @@ -1802,18 +1922,38 @@ if ( char_code < start ) char_code = start; + Again: if ( char_code <= end ) { - gindex = (FT_UInt)( char_code - start + start_id ); - if ( gindex != 0 ) + /* ignore invalid group */ + if ( start_id > 0xFFFFFFFFUL - ( char_code - start ) ) + continue; + + gindex = (FT_UInt)( start_id + ( char_code - start ) ); + + /* does first element of group point to `.notdef' glyph? */ + if ( gindex == 0 ) { - result = char_code; - goto Exit; + if ( char_code >= 0xFFFFFFFFUL ) + break; + + char_code++; + goto Again; } + + /* if `gindex' is invalid, the remaining values */ + /* in this group are invalid, too */ + if ( gindex >= (FT_UInt)face->num_glyphs ) + { + gindex = 0; + continue; + } + + result = char_code; + break; } } - Exit: *pchar_code = result; return gindex; } @@ -1930,14 +2070,20 @@ FT_Byte* p = table + 12; FT_UInt32 start = TT_NEXT_ULONG( p ); FT_UInt32 count = TT_NEXT_ULONG( p ); - FT_UInt32 idx = (FT_ULong)( char_code - start ); + FT_UInt32 idx; + + + if ( char_code < start ) + return 0; + idx = char_code - start; if ( idx < count ) { p += 2 * idx; result = TT_PEEK_USHORT( p ); } + return result; } @@ -1947,7 +2093,7 @@ FT_UInt32 *pchar_code ) { FT_Byte* table = cmap->data; - FT_UInt32 char_code = *pchar_code + 1; + FT_UInt32 char_code; FT_UInt gindex = 0; FT_Byte* p = table + 12; FT_UInt32 start = TT_NEXT_ULONG( p ); @@ -1955,10 +2101,15 @@ FT_UInt32 idx; + if ( *pchar_code >= 0xFFFFFFFFUL ) + return 0; + + char_code = *pchar_code + 1; + if ( char_code < start ) char_code = start; - idx = (FT_UInt32)( char_code - start ); + idx = char_code - start; p += 2 * idx; for ( ; idx < count; idx++ ) @@ -1966,6 +2117,10 @@ gindex = TT_NEXT_USHORT( p ); if ( gindex != 0 ) break; + + if ( char_code >= 0xFFFFFFFFUL ) + return 0; + char_code++; } @@ -2134,6 +2289,7 @@ static void tt_cmap12_next( TT_CMap12 cmap ) { + FT_Face face = cmap->cmap.cmap.charmap.face; FT_Byte* p; FT_ULong start, end, start_id, char_code; FT_ULong n; @@ -2155,18 +2311,38 @@ if ( char_code < start ) char_code = start; - for ( ; char_code <= end; char_code++ ) + Again: + if ( char_code <= end ) { - gindex = (FT_UInt)( start_id + char_code - start ); + /* ignore invalid group */ + if ( start_id > 0xFFFFFFFFUL - ( char_code - start ) ) + continue; - if ( gindex ) + gindex = (FT_UInt)( start_id + ( char_code - start ) ); + + /* does first element of group point to `.notdef' glyph? */ + if ( gindex == 0 ) { - cmap->cur_charcode = char_code;; - cmap->cur_gindex = gindex; - cmap->cur_group = n; + if ( char_code >= 0xFFFFFFFFUL ) + goto Fail; - return; + char_code++; + goto Again; + } + + /* if `gindex' is invalid, the remaining values */ + /* in this group are invalid, too */ + if ( gindex >= (FT_UInt)face->num_glyphs ) + { + gindex = 0; + continue; } + + cmap->cur_charcode = char_code; + cmap->cur_gindex = gindex; + cmap->cur_group = n; + + return; } } @@ -2196,7 +2372,12 @@ end = 0xFFFFFFFFUL; if ( next ) + { + if ( char_code >= 0xFFFFFFFFUL ) + return 0; + char_code++; + } min = 0; max = num_groups; @@ -2217,20 +2398,24 @@ else { start_id = TT_PEEK_ULONG( p ); - gindex = (FT_UInt)( start_id + char_code - start ); + /* reject invalid glyph index */ + if ( start_id > 0xFFFFFFFFUL - ( char_code - start ) ) + gindex = 0; + else + gindex = (FT_UInt)( start_id + ( char_code - start ) ); break; } } if ( next ) { + FT_Face face = cmap->cmap.charmap.face; TT_CMap12 cmap12 = (TT_CMap12)cmap; /* if `char_code' is not in any group, then `mid' is */ /* the group nearest to `char_code' */ - /* */ if ( char_code > end ) { @@ -2243,6 +2428,9 @@ cmap12->cur_charcode = char_code; cmap12->cur_group = mid; + if ( gindex >= (FT_UInt)face->num_glyphs ) + gindex = 0; + if ( !gindex ) { tt_cmap12_next( cmap12 ); @@ -2253,8 +2441,7 @@ else cmap12->cur_gindex = gindex; - if ( gindex ) - *pchar_code = cmap12->cur_charcode; + *pchar_code = cmap12->cur_charcode; } return gindex; @@ -2274,11 +2461,8 @@ FT_UInt32 *pchar_code ) { TT_CMap12 cmap12 = (TT_CMap12)cmap; - FT_ULong gindex; - + FT_UInt gindex; - if ( cmap12->cur_charcode >= 0xFFFFFFFFUL ) - return 0; /* no need to search */ if ( cmap12->valid && cmap12->cur_charcode == *pchar_code ) @@ -2286,11 +2470,8 @@ tt_cmap12_next( cmap12 ); if ( cmap12->valid ) { - gindex = cmap12->cur_gindex; - - /* XXX: check cur_charcode overflow is expected */ - if ( gindex ) - *pchar_code = (FT_UInt32)cmap12->cur_charcode; + gindex = cmap12->cur_gindex; + *pchar_code = (FT_UInt32)cmap12->cur_charcode; } else gindex = 0; @@ -2298,8 +2479,7 @@ else gindex = tt_cmap12_char_map_binary( cmap, pchar_code, 1 ); - /* XXX: check gindex overflow is expected */ - return (FT_UInt32)gindex; + return gindex; } @@ -2458,6 +2638,7 @@ static void tt_cmap13_next( TT_CMap13 cmap ) { + FT_Face face = cmap->cmap.cmap.charmap.face; FT_Byte* p; FT_ULong start, end, glyph_id, char_code; FT_ULong n; @@ -2483,9 +2664,9 @@ { gindex = (FT_UInt)glyph_id; - if ( gindex ) + if ( gindex && gindex < (FT_UInt)face->num_glyphs ) { - cmap->cur_charcode = char_code;; + cmap->cur_charcode = char_code; cmap->cur_gindex = gindex; cmap->cur_group = n; @@ -2520,7 +2701,12 @@ end = 0xFFFFFFFFUL; if ( next ) + { + if ( char_code >= 0xFFFFFFFFUL ) + return 0; + char_code++; + } min = 0; max = num_groups; @@ -2548,6 +2734,7 @@ if ( next ) { + FT_Face face = cmap->cmap.charmap.face; TT_CMap13 cmap13 = (TT_CMap13)cmap; @@ -2565,6 +2752,9 @@ cmap13->cur_charcode = char_code; cmap13->cur_group = mid; + if ( gindex >= (FT_UInt)face->num_glyphs ) + gindex = 0; + if ( !gindex ) { tt_cmap13_next( cmap13 ); @@ -2575,8 +2765,7 @@ else cmap13->cur_gindex = gindex; - if ( gindex ) - *pchar_code = cmap13->cur_charcode; + *pchar_code = cmap13->cur_charcode; } return gindex; @@ -2599,18 +2788,14 @@ FT_UInt gindex; - if ( cmap13->cur_charcode >= 0xFFFFFFFFUL ) - return 0; - /* no need to search */ if ( cmap13->valid && cmap13->cur_charcode == *pchar_code ) { tt_cmap13_next( cmap13 ); if ( cmap13->valid ) { - gindex = cmap13->cur_gindex; - if ( gindex ) - *pchar_code = cmap13->cur_charcode; + gindex = cmap13->cur_gindex; + *pchar_code = cmap13->cur_charcode; } else gindex = 0; @@ -2836,12 +3021,17 @@ /* through the normal Unicode cmap, no GIDs, just check order) */ if ( defOff != 0 ) { - FT_Byte* defp = table + defOff; - FT_ULong numRanges = TT_NEXT_ULONG( defp ); + FT_Byte* defp = table + defOff; + FT_ULong numRanges; FT_ULong i; - FT_ULong lastBase = 0; + FT_ULong lastBase = 0; + if ( defp + 4 > valid->limit ) + FT_INVALID_TOO_SHORT; + + numRanges = TT_NEXT_ULONG( defp ); + /* defp + numRanges * 4 > valid->limit ? */ if ( numRanges > (FT_ULong)( valid->limit - defp ) / 4 ) FT_INVALID_TOO_SHORT; @@ -2865,13 +3055,18 @@ /* and the non-default table (these glyphs are specified here) */ if ( nondefOff != 0 ) { - FT_Byte* ndp = table + nondefOff; - FT_ULong numMappings = TT_NEXT_ULONG( ndp ); - FT_ULong i, lastUni = 0; + FT_Byte* ndp = table + nondefOff; + FT_ULong numMappings; + FT_ULong i, lastUni = 0; + + + if ( ndp + 4 > valid->limit ) + FT_INVALID_TOO_SHORT; + numMappings = TT_NEXT_ULONG( ndp ); - /* numMappings * 4 > (FT_ULong)( valid->limit - ndp ) ? */ - if ( numMappings > ( (FT_ULong)( valid->limit - ndp ) ) / 4 ) + /* numMappings * 5 > (FT_ULong)( valid->limit - ndp ) ? */ + if ( numMappings > ( (FT_ULong)( valid->limit - ndp ) ) / 5 ) FT_INVALID_TOO_SHORT; for ( i = 0; i < numMappings; ++i ) @@ -2962,7 +3157,7 @@ if ( char_code < start ) max = mid; - else if ( char_code > start+cnt ) + else if ( char_code > start + cnt ) min = mid + 1; else return TRUE; @@ -3316,7 +3511,7 @@ ni = 1; i = 0; - for ( ;; ) + for (;;) { if ( nuni > duni + dcnt ) { diff --git a/freetype/src/sfnt/ttcmap.h b/freetype/src/sfnt/ttcmap.h index 0fde1676b..2273cbd96 100644 --- a/freetype/src/sfnt/ttcmap.h +++ b/freetype/src/sfnt/ttcmap.h @@ -4,7 +4,7 @@ /* */ /* TrueType character mapping table (cmap) support (specification). */ /* */ -/* Copyright 2002-2005, 2009, 2012 by */ +/* Copyright 2002-2016 by */ /* David Turner, Robert Wilhelm, and Werner Lemberg. */ /* */ /* This file is part of the FreeType project, and may only be used, */ @@ -16,8 +16,8 @@ /***************************************************************************/ -#ifndef __TTCMAP_H__ -#define __TTCMAP_H__ +#ifndef TTCMAP_H_ +#define TTCMAP_H_ #include <ft2build.h> @@ -152,7 +152,7 @@ FT_BEGIN_HEADER FT_END_HEADER -#endif /* __TTCMAP_H__ */ +#endif /* TTCMAP_H_ */ /* END */ diff --git a/freetype/src/sfnt/ttcmapc.h b/freetype/src/sfnt/ttcmapc.h index 2ea204309..7c732fbd3 100644 --- a/freetype/src/sfnt/ttcmapc.h +++ b/freetype/src/sfnt/ttcmapc.h @@ -4,7 +4,7 @@ /* */ /* TT CMAP classes definitions (specification only). */ /* */ -/* Copyright 2009 by */ +/* Copyright 2009-2016 by */ /* Oran Agra and Mickey Gabel. */ /* */ /* This file is part of the FreeType project, and may only be used, */ diff --git a/freetype/src/sfnt/ttkern.c b/freetype/src/sfnt/ttkern.c index 455e7b5e3..6f9fa522d 100644 --- a/freetype/src/sfnt/ttkern.c +++ b/freetype/src/sfnt/ttkern.c @@ -5,7 +5,7 @@ /* Load the basic TrueType kerning table. This doesn't handle */ /* kerning data within the GPOS table at the moment. */ /* */ -/* Copyright 1996-2007, 2009, 2010, 2013 by */ +/* Copyright 1996-2016 by */ /* David Turner, Robert Wilhelm, and Werner Lemberg. */ /* */ /* This file is part of the FreeType project, and may only be used, */ @@ -108,8 +108,8 @@ p_next = p_limit; /* only use horizontal kerning tables */ - if ( ( coverage & ~8 ) != 0x0001 || - p + 8 > p_limit ) + if ( ( coverage & ~8U ) != 0x0001 || + p + 8 > p_limit ) goto NextTable; num_pairs = FT_NEXT_USHORT( p ); diff --git a/freetype/src/sfnt/ttkern.h b/freetype/src/sfnt/ttkern.h index df1da9b27..85dd5c31a 100644 --- a/freetype/src/sfnt/ttkern.h +++ b/freetype/src/sfnt/ttkern.h @@ -5,7 +5,7 @@ /* Load the basic TrueType kerning table. This doesn't handle */ /* kerning data within the GPOS table at the moment. */ /* */ -/* Copyright 1996-2001, 2002, 2005, 2007 by */ +/* Copyright 1996-2016 by */ /* David Turner, Robert Wilhelm, and Werner Lemberg. */ /* */ /* This file is part of the FreeType project, and may only be used, */ @@ -17,8 +17,8 @@ /***************************************************************************/ -#ifndef __TTKERN_H__ -#define __TTKERN_H__ +#ifndef TTKERN_H_ +#define TTKERN_H_ #include <ft2build.h> @@ -46,7 +46,7 @@ FT_BEGIN_HEADER FT_END_HEADER -#endif /* __TTKERN_H__ */ +#endif /* TTKERN_H_ */ /* END */ diff --git a/freetype/src/sfnt/ttload.c b/freetype/src/sfnt/ttload.c index 8338150ab..a653a7186 100644 --- a/freetype/src/sfnt/ttload.c +++ b/freetype/src/sfnt/ttload.c @@ -5,7 +5,7 @@ /* Load the basic TrueType tables, i.e., tables that can be either in */ /* TTF or OTF fonts (body). */ /* */ -/* Copyright 1996-2010, 2012-2014 by */ +/* Copyright 1996-2016 by */ /* David Turner, Robert Wilhelm, and Werner Lemberg. */ /* */ /* This file is part of the FreeType project, and may only be used, */ @@ -151,7 +151,8 @@ /* Here, we */ /* */ - /* - check that `num_tables' is valid (and adjust it if necessary) */ + /* - check that `num_tables' is valid (and adjust it if necessary); */ + /* also return the number of valid table entries */ /* */ /* - look for a `head' table, check its size, and parse it to check */ /* whether its `magic' field is correctly set */ @@ -167,7 +168,8 @@ /* */ static FT_Error check_table_dir( SFNT_Header sfnt, - FT_Stream stream ) + FT_Stream stream, + FT_UShort* valid ) { FT_Error error; FT_UShort nn, valid_entries = 0; @@ -208,13 +210,27 @@ /* we ignore invalid tables */ - /* table.Offset + table.Length > stream->size ? */ - if ( table.Length > stream->size || - table.Offset > stream->size - table.Length ) + if ( table.Offset > stream->size ) { FT_TRACE2(( "check_table_dir: table entry %d invalid\n", nn )); continue; } + else if ( table.Length > stream->size - table.Offset ) + { + /* Some tables have such a simple structure that clipping its */ + /* contents is harmless. This also makes FreeType less sensitive */ + /* to invalid table lengths (which programs like Acroread seem to */ + /* ignore in general). */ + + if ( table.Tag == TTAG_hmtx || + table.Tag == TTAG_vmtx ) + valid_entries++; + else + { + FT_TRACE2(( "check_table_dir: table entry %d invalid\n", nn )); + continue; + } + } else valid_entries++; @@ -262,11 +278,11 @@ has_meta = 1; } - sfnt->num_tables = valid_entries; + *valid = valid_entries; - if ( sfnt->num_tables == 0 ) + if ( !valid_entries ) { - FT_TRACE2(( "check_table_dir: no tables found\n" )); + FT_TRACE2(( "check_table_dir: no valid tables found\n" )); error = FT_THROW( Unknown_File_Format ); goto Exit; } @@ -322,8 +338,7 @@ SFNT_HeaderRec sfnt; FT_Error error; FT_Memory memory = stream->memory; - TT_TableRec* entry; - FT_Int nn; + FT_UShort nn, valid_entries; static const FT_Frame_Field offset_table_fields[] = { @@ -364,59 +379,114 @@ if ( sfnt.format_tag != TTAG_OTTO ) { /* check first */ - error = check_table_dir( &sfnt, stream ); + error = check_table_dir( &sfnt, stream, &valid_entries ); if ( error ) { FT_TRACE2(( "tt_face_load_font_dir:" " invalid table directory for TrueType\n" )); - goto Exit; } } + else + valid_entries = sfnt.num_tables; - face->num_tables = sfnt.num_tables; + face->num_tables = valid_entries; face->format_tag = sfnt.format_tag; if ( FT_QNEW_ARRAY( face->dir_tables, face->num_tables ) ) goto Exit; - if ( FT_STREAM_SEEK( sfnt.offset + 12 ) || - FT_FRAME_ENTER( face->num_tables * 16L ) ) + if ( FT_STREAM_SEEK( sfnt.offset + 12 ) || + FT_FRAME_ENTER( sfnt.num_tables * 16L ) ) goto Exit; - entry = face->dir_tables; - FT_TRACE2(( "\n" " tag offset length checksum\n" " ----------------------------------\n" )); + valid_entries = 0; for ( nn = 0; nn < sfnt.num_tables; nn++ ) { - entry->Tag = FT_GET_TAG4(); - entry->CheckSum = FT_GET_ULONG(); - entry->Offset = FT_GET_ULONG(); - entry->Length = FT_GET_ULONG(); + TT_TableRec entry; + FT_UShort i; + FT_Bool duplicate; + - /* ignore invalid tables */ + entry.Tag = FT_GET_TAG4(); + entry.CheckSum = FT_GET_ULONG(); + entry.Offset = FT_GET_ULONG(); + entry.Length = FT_GET_ULONG(); - /* entry->Offset + entry->Length > stream->size ? */ - if ( entry->Length > stream->size || - entry->Offset > stream->size - entry->Length ) + /* ignore invalid tables that can't be sanitized */ + + if ( entry.Offset > stream->size ) continue; + else if ( entry.Length > stream->size - entry.Offset ) + { + if ( entry.Tag == TTAG_hmtx || + entry.Tag == TTAG_vmtx ) + { +#ifdef FT_DEBUG_LEVEL_TRACE + FT_ULong old_length = entry.Length; +#endif + + + /* make metrics table length a multiple of 4 */ + entry.Length = ( stream->size - entry.Offset ) & ~3U; + + FT_TRACE2(( " %c%c%c%c %08lx %08lx %08lx" + " (sanitized; original length %08lx)", + (FT_Char)( entry.Tag >> 24 ), + (FT_Char)( entry.Tag >> 16 ), + (FT_Char)( entry.Tag >> 8 ), + (FT_Char)( entry.Tag ), + entry.Offset, + entry.Length, + entry.CheckSum, + old_length )); + } + else + continue; + } +#ifdef FT_DEBUG_LEVEL_TRACE else + FT_TRACE2(( " %c%c%c%c %08lx %08lx %08lx", + (FT_Char)( entry.Tag >> 24 ), + (FT_Char)( entry.Tag >> 16 ), + (FT_Char)( entry.Tag >> 8 ), + (FT_Char)( entry.Tag ), + entry.Offset, + entry.Length, + entry.CheckSum )); +#endif + + /* ignore duplicate tables – the first one wins */ + duplicate = 0; + for ( i = 0; i < valid_entries; i++ ) { - FT_TRACE2(( " %c%c%c%c %08lx %08lx %08lx\n", - (FT_Char)( entry->Tag >> 24 ), - (FT_Char)( entry->Tag >> 16 ), - (FT_Char)( entry->Tag >> 8 ), - (FT_Char)( entry->Tag ), - entry->Offset, - entry->Length, - entry->CheckSum )); - entry++; + if ( face->dir_tables[i].Tag == entry.Tag ) + { + duplicate = 1; + break; + } + } + if ( duplicate ) + { + FT_TRACE2(( " (duplicate, ignored)\n" )); + continue; + } + else + { + FT_TRACE2(( "\n" )); + + /* we finally have a valid entry */ + face->dir_tables[valid_entries++] = entry; } } + /* final adjustment to number of tables */ + face->num_tables = valid_entries; + FT_FRAME_EXIT(); FT_TRACE2(( "table directory loaded\n\n" )); @@ -705,15 +775,6 @@ maxProfile->maxTwilightPoints = 0xFFFFU - 4; } - - /* we arbitrarily limit recursion to avoid stack exhaustion */ - if ( maxProfile->maxComponentDepth > 100 ) - { - FT_TRACE0(( "tt_face_load_maxp:" - " abnormally large component depth (%d) set to 100\n", - maxProfile->maxComponentDepth )); - maxProfile->maxComponentDepth = 100; - } } FT_TRACE3(( "numGlyphs: %u\n", maxProfile->numGlyphs )); @@ -1123,8 +1184,8 @@ #define FT_STRUCTURE TT_Postscript FT_FRAME_START( 32 ), - FT_FRAME_ULONG( FormatType ), - FT_FRAME_ULONG( italicAngle ), + FT_FRAME_LONG ( FormatType ), + FT_FRAME_LONG ( italicAngle ), FT_FRAME_SHORT( underlinePosition ), FT_FRAME_SHORT( underlineThickness ), FT_FRAME_ULONG( isFixedPitch ), diff --git a/freetype/src/sfnt/ttload.h b/freetype/src/sfnt/ttload.h index 49a1aee16..bec42b94b 100644 --- a/freetype/src/sfnt/ttload.h +++ b/freetype/src/sfnt/ttload.h @@ -5,7 +5,7 @@ /* Load the basic TrueType tables, i.e., tables that can be either in */ /* TTF or OTF fonts (specification). */ /* */ -/* Copyright 1996-2001, 2002, 2005, 2006 by */ +/* Copyright 1996-2016 by */ /* David Turner, Robert Wilhelm, and Werner Lemberg. */ /* */ /* This file is part of the FreeType project, and may only be used, */ @@ -17,8 +17,8 @@ /***************************************************************************/ -#ifndef __TTLOAD_H__ -#define __TTLOAD_H__ +#ifndef TTLOAD_H_ +#define TTLOAD_H_ #include <ft2build.h> @@ -106,7 +106,7 @@ FT_BEGIN_HEADER FT_END_HEADER -#endif /* __TTLOAD_H__ */ +#endif /* TTLOAD_H_ */ /* END */ diff --git a/freetype/src/sfnt/ttmtx.c b/freetype/src/sfnt/ttmtx.c index bb319577e..186f873da 100644 --- a/freetype/src/sfnt/ttmtx.c +++ b/freetype/src/sfnt/ttmtx.c @@ -4,7 +4,7 @@ /* */ /* Load the metrics tables common to TTF and OTF fonts (body). */ /* */ -/* Copyright 2006-2009, 2011-2014 by */ +/* Copyright 2006-2016 by */ /* David Turner, Robert Wilhelm, and Werner Lemberg. */ /* */ /* This file is part of the FreeType project, and may only be used, */ diff --git a/freetype/src/sfnt/ttmtx.h b/freetype/src/sfnt/ttmtx.h index fb040394c..78395def3 100644 --- a/freetype/src/sfnt/ttmtx.h +++ b/freetype/src/sfnt/ttmtx.h @@ -4,7 +4,7 @@ /* */ /* Load the metrics tables common to TTF and OTF fonts (specification). */ /* */ -/* Copyright 2006, 2014 by */ +/* Copyright 2006-2016 by */ /* David Turner, Robert Wilhelm, and Werner Lemberg. */ /* */ /* This file is part of the FreeType project, and may only be used, */ @@ -16,8 +16,8 @@ /***************************************************************************/ -#ifndef __TTMTX_H__ -#define __TTMTX_H__ +#ifndef TTMTX_H_ +#define TTMTX_H_ #include <ft2build.h> @@ -49,7 +49,7 @@ FT_BEGIN_HEADER FT_END_HEADER -#endif /* __TTMTX_H__ */ +#endif /* TTMTX_H_ */ /* END */ diff --git a/freetype/src/sfnt/ttpost.c b/freetype/src/sfnt/ttpost.c index 99d800549..3277f1ec4 100644 --- a/freetype/src/sfnt/ttpost.c +++ b/freetype/src/sfnt/ttpost.c @@ -2,10 +2,10 @@ /* */ /* ttpost.c */ /* */ -/* Postcript name table processing for TrueType and OpenType fonts */ +/* PostScript name table processing for TrueType and OpenType fonts */ /* (body). */ /* */ -/* Copyright 1996-2003, 2006-2010, 2013, 2014 by */ +/* Copyright 1996-2016 by */ /* David Turner, Robert Wilhelm, and Werner Lemberg. */ /* */ /* This file is part of the FreeType project, and may only be used, */ @@ -52,7 +52,7 @@ #include FT_SERVICE_POSTSCRIPT_CMAPS_H -#define MAC_NAME( x ) ( (FT_String*)psnames->macintosh_name( x ) ) +#define MAC_NAME( x ) (FT_String*)psnames->macintosh_name( (FT_UInt)(x) ) #else /* FT_CONFIG_OPTION_POSTSCRIPT_NAMES */ @@ -62,7 +62,7 @@ /* table of Mac names. Thus, it is possible to build a version of */ /* FreeType without the Type 1 driver & PSNames module. */ -#define MAC_NAME( x ) ( (FT_String*)tt_post_default_names[x] ) +#define MAC_NAME( x ) (FT_String*)tt_post_default_names[x] /* the 258 default Mac PS glyph names; see file `tools/glnames.py' */ @@ -155,7 +155,7 @@ static FT_Error load_format_20( TT_Face face, FT_Stream stream, - FT_Long post_limit ) + FT_ULong post_limit ) { FT_Memory memory = stream->memory; FT_Error error; @@ -163,8 +163,8 @@ FT_Int num_glyphs; FT_UShort num_names; - FT_UShort* glyph_indices = 0; - FT_Char** name_strings = 0; + FT_UShort* glyph_indices = NULL; + FT_Char** name_strings = NULL; if ( FT_READ_USHORT( num_glyphs ) ) @@ -243,14 +243,17 @@ goto Fail1; } - if ( (FT_Int)len > post_limit || - FT_STREAM_POS() > post_limit - (FT_Int)len ) + if ( len > post_limit || + FT_STREAM_POS() > post_limit - len ) { + FT_Int d = (FT_Int)post_limit - (FT_Int)FT_STREAM_POS(); + + FT_ERROR(( "load_format_20:" " exceeding string length (%d)," " truncating at end of post table (%d byte left)\n", - len, post_limit - FT_STREAM_POS() )); - len = FT_MAX( 0, post_limit - FT_STREAM_POS() ); + len, d )); + len = (FT_UInt)FT_MAX( 0, d ); } if ( FT_NEW_ARRAY( name_strings[n], len + 1 ) || @@ -307,13 +310,13 @@ static FT_Error load_format_25( TT_Face face, FT_Stream stream, - FT_Long post_limit ) + FT_ULong post_limit ) { FT_Memory memory = stream->memory; FT_Error error; FT_Int num_glyphs; - FT_Char* offset_table = 0; + FT_Char* offset_table = NULL; FT_UNUSED( post_limit ); @@ -377,7 +380,7 @@ FT_Error error; FT_Fixed format; FT_ULong post_len; - FT_Long post_limit; + FT_ULong post_limit; /* get a stream for the face's resource */ @@ -547,10 +550,7 @@ } if ( idx < (FT_UInt)table->num_glyphs ) /* paranoid checking */ - { - idx += table->offsets[idx]; - *PSname = MAC_NAME( idx ); - } + *PSname = MAC_NAME( (FT_Int)idx + table->offsets[idx] ); } /* nothing to do for format == 0x00030000L */ diff --git a/freetype/src/sfnt/ttpost.h b/freetype/src/sfnt/ttpost.h index 6f06d75a7..ede45fd84 100644 --- a/freetype/src/sfnt/ttpost.h +++ b/freetype/src/sfnt/ttpost.h @@ -2,10 +2,10 @@ /* */ /* ttpost.h */ /* */ -/* Postcript name table processing for TrueType and OpenType fonts */ +/* PostScript name table processing for TrueType and OpenType fonts */ /* (specification). */ /* */ -/* Copyright 1996-2001, 2002 by */ +/* Copyright 1996-2016 by */ /* David Turner, Robert Wilhelm, and Werner Lemberg. */ /* */ /* This file is part of the FreeType project, and may only be used, */ @@ -17,8 +17,8 @@ /***************************************************************************/ -#ifndef __TTPOST_H__ -#define __TTPOST_H__ +#ifndef TTPOST_H_ +#define TTPOST_H_ #include <ft2build.h> @@ -40,7 +40,7 @@ FT_BEGIN_HEADER FT_END_HEADER -#endif /* __TTPOST_H__ */ +#endif /* TTPOST_H_ */ /* END */ diff --git a/freetype/src/sfnt/ttsbit.c b/freetype/src/sfnt/ttsbit.c index c2db96c6d..36c261dcc 100644 --- a/freetype/src/sfnt/ttsbit.c +++ b/freetype/src/sfnt/ttsbit.c @@ -4,7 +4,7 @@ /* */ /* TrueType and OpenType embedded bitmap support (body). */ /* */ -/* Copyright 2005-2009, 2013, 2014 by */ +/* Copyright 2005-2016 by */ /* David Turner, Robert Wilhelm, and Werner Lemberg. */ /* */ /* Copyright 2013 by Google, Inc. */ @@ -101,10 +101,11 @@ p = face->sbit_table; - version = FT_NEXT_ULONG( p ); + version = FT_NEXT_LONG( p ); num_strikes = FT_NEXT_ULONG( p ); - if ( ( version & 0xFFFF0000UL ) != 0x00020000UL ) + if ( ( (FT_ULong)version & 0xFFFF0000UL ) != 0x00020000UL && + ( (FT_ULong)version & 0xFFFF0000UL ) != 0x00030000UL ) { error = FT_THROW( Unknown_File_Format ); goto Exit; @@ -196,6 +197,27 @@ if ( !error ) FT_TRACE3(( "sbit_num_strikes: %u\n", face->sbit_num_strikes )); + face->ebdt_start = 0; + face->ebdt_size = 0; + + if ( face->sbit_table_type != TT_SBIT_TABLE_TYPE_NONE ) + { + FT_ULong ebdt_size; + + + error = face->goto_table( face, TTAG_CBDT, stream, &ebdt_size ); + if ( error ) + error = face->goto_table( face, TTAG_EBDT, stream, &ebdt_size ); + if ( error ) + error = face->goto_table( face, TTAG_bdat, stream, &ebdt_size ); + + if ( !error ) + { + face->ebdt_start = FT_STREAM_POS(); + face->ebdt_size = ebdt_size; + } + } + return FT_Err_Ok; Exit: @@ -247,6 +269,8 @@ case TT_SBIT_TABLE_TYPE_CBLC: { FT_Byte* strike; + FT_Char max_before_bl; + FT_Char min_after_bl; strike = face->sbit_table + 8 + strike_index * 48; @@ -254,25 +278,93 @@ metrics->x_ppem = (FT_UShort)strike[44]; metrics->y_ppem = (FT_UShort)strike[45]; - metrics->ascender = (FT_Char)strike[16] << 6; /* hori.ascender */ - metrics->descender = (FT_Char)strike[17] << 6; /* hori.descender */ - metrics->height = metrics->ascender - metrics->descender; + metrics->ascender = (FT_Char)strike[16] * 64; /* hori.ascender */ + metrics->descender = (FT_Char)strike[17] * 64; /* hori.descender */ + + /* Due to fuzzy wording in the EBLC documentation, we find both */ + /* positive and negative values for `descender'. Additionally, */ + /* many fonts have both `ascender' and `descender' set to zero */ + /* (which is definitely wrong). MS Windows simply ignores all */ + /* those values... For these reasons we apply some heuristics */ + /* to get a reasonable, non-zero value for the height. */ + + max_before_bl = (FT_Char)strike[24]; + min_after_bl = (FT_Char)strike[25]; + + if ( metrics->descender > 0 ) + { + /* compare sign of descender with `min_after_bl' */ + if ( min_after_bl < 0 ) + metrics->descender = -metrics->descender; + } + + else if ( metrics->descender == 0 ) + { + if ( metrics->ascender == 0 ) + { + FT_TRACE2(( "tt_face_load_strike_metrics:" + " sanitizing invalid ascender and descender\n" + " " + " values for strike (%d, %d)\n", + metrics->x_ppem, metrics->y_ppem )); + + /* sanitize buggy ascender and descender values */ + if ( max_before_bl || min_after_bl ) + { + metrics->ascender = max_before_bl * 64; + metrics->descender = min_after_bl * 64; + } + else + { + metrics->ascender = metrics->y_ppem * 64; + metrics->descender = 0; + } + } + } + +#if 0 + else + ; /* if we have a negative descender, simply use it */ +#endif + + metrics->height = metrics->ascender - metrics->descender; + if ( metrics->height == 0 ) + { + FT_TRACE2(( "tt_face_load_strike_metrics:" + " sanitizing invalid height value\n" + " " + " for strike (%d, %d)\n", + metrics->x_ppem, metrics->y_ppem )); + metrics->height = metrics->y_ppem * 64; + metrics->descender = metrics->ascender - metrics->height; + } /* Is this correct? */ metrics->max_advance = ( (FT_Char)strike[22] + /* min_origin_SB */ strike[18] + /* max_width */ (FT_Char)strike[23] /* min_advance_SB */ - ) << 6; + ) * 64; + + /* set the scale values (in 16.16 units) so advances */ + /* from the hmtx and vmtx table are scaled correctly */ + metrics->x_scale = FT_MulDiv( metrics->x_ppem, + 64 * 0x10000, + face->header.Units_Per_EM ); + metrics->y_scale = FT_MulDiv( metrics->y_ppem, + 64 * 0x10000, + face->header.Units_Per_EM ); + return FT_Err_Ok; } case TT_SBIT_TABLE_TYPE_SBIX: { FT_Stream stream = face->root.stream; - FT_UInt offset, upem; - FT_UShort ppem, resolution; + FT_UInt offset; + FT_UShort upem, ppem, resolution; TT_HoriHeader *hori; FT_ULong table_size; + FT_Pos ppem_; /* to reduce casts */ FT_Error error; FT_Byte* p; @@ -305,12 +397,17 @@ metrics->x_ppem = ppem; metrics->y_ppem = ppem; - metrics->ascender = ppem * hori->Ascender * 64 / upem; - metrics->descender = ppem * hori->Descender * 64 / upem; - metrics->height = ppem * ( hori->Ascender - - hori->Descender + - hori->Line_Gap ) * 64 / upem; - metrics->max_advance = ppem * hori->advance_Width_Max * 64 / upem; + ppem_ = (FT_Pos)ppem; + + metrics->ascender = + FT_MulDiv( hori->Ascender, ppem_ * 64, upem ); + metrics->descender = + FT_MulDiv( hori->Descender, ppem_ * 64, upem ); + metrics->height = + FT_MulDiv( hori->Ascender - hori->Descender + hori->Line_Gap, + ppem_ * 64, upem ); + metrics->max_advance = + FT_MulDiv( hori->advance_Width_Max, ppem_ * 64, upem ); return error; } @@ -348,17 +445,13 @@ FT_ULong strike_index, TT_SBit_MetricsRec* metrics ) { - FT_Error error; + FT_Error error = FT_ERR( Table_Missing ); FT_Stream stream = face->root.stream; - FT_ULong ebdt_size; - error = face->goto_table( face, TTAG_CBDT, stream, &ebdt_size ); - if ( error ) - error = face->goto_table( face, TTAG_EBDT, stream, &ebdt_size ); - if ( error ) - error = face->goto_table( face, TTAG_bdat, stream, &ebdt_size ); - if ( error ) + if ( !face->ebdt_size ) + goto Exit; + if ( FT_STREAM_SEEK( face->ebdt_start ) ) goto Exit; decoder->face = face; @@ -369,8 +462,8 @@ decoder->metrics_loaded = 0; decoder->bitmap_allocated = 0; - decoder->ebdt_start = FT_STREAM_POS(); - decoder->ebdt_size = ebdt_size; + decoder->ebdt_start = face->ebdt_start; + decoder->ebdt_size = face->ebdt_size; decoder->eblc_base = face->sbit_table; decoder->eblc_limit = face->sbit_table + face->sbit_table_size; @@ -420,7 +513,7 @@ FT_Error error = FT_Err_Ok; FT_UInt width, height; FT_Bitmap* map = decoder->bitmap; - FT_Long size; + FT_ULong size; if ( !decoder->metrics_loaded ) @@ -432,38 +525,38 @@ width = decoder->metrics->width; height = decoder->metrics->height; - map->width = (int)width; - map->rows = (int)height; + map->width = width; + map->rows = height; switch ( decoder->bit_depth ) { case 1: map->pixel_mode = FT_PIXEL_MODE_MONO; - map->pitch = ( map->width + 7 ) >> 3; + map->pitch = (int)( ( map->width + 7 ) >> 3 ); map->num_grays = 2; break; case 2: map->pixel_mode = FT_PIXEL_MODE_GRAY2; - map->pitch = ( map->width + 3 ) >> 2; + map->pitch = (int)( ( map->width + 3 ) >> 2 ); map->num_grays = 4; break; case 4: map->pixel_mode = FT_PIXEL_MODE_GRAY4; - map->pitch = ( map->width + 1 ) >> 1; + map->pitch = (int)( ( map->width + 1 ) >> 1 ); map->num_grays = 16; break; case 8: map->pixel_mode = FT_PIXEL_MODE_GRAY; - map->pitch = map->width; + map->pitch = (int)( map->width ); map->num_grays = 256; break; case 32: map->pixel_mode = FT_PIXEL_MODE_BGRA; - map->pitch = map->width * 4; + map->pitch = (int)( map->width * 4 ); map->num_grays = 256; break; @@ -472,7 +565,7 @@ goto Exit; } - size = map->rows * map->pitch; + size = map->rows * (FT_ULong)map->pitch; /* check that there is no empty image */ if ( size == 0 ) @@ -543,13 +636,16 @@ tt_sbit_decoder_load_image( TT_SBitDecoder decoder, FT_UInt glyph_index, FT_Int x_pos, - FT_Int y_pos ); + FT_Int y_pos, + FT_UInt recurse_count ); - typedef FT_Error (*TT_SBitDecoder_LoadFunc)( TT_SBitDecoder decoder, - FT_Byte* p, - FT_Byte* plimit, - FT_Int x_pos, - FT_Int y_pos ); + typedef FT_Error (*TT_SBitDecoder_LoadFunc)( + TT_SBitDecoder decoder, + FT_Byte* p, + FT_Byte* plimit, + FT_Int x_pos, + FT_Int y_pos, + FT_UInt recurse_count ); static FT_Error @@ -557,13 +653,17 @@ FT_Byte* p, FT_Byte* limit, FT_Int x_pos, - FT_Int y_pos ) + FT_Int y_pos, + FT_UInt recurse_count ) { FT_Error error = FT_Err_Ok; FT_Byte* line; - FT_Int bit_height, bit_width, pitch, width, height, line_bits, h; + FT_Int pitch, width, height, line_bits, h; + FT_UInt bit_height, bit_width; FT_Bitmap* bitmap; + FT_UNUSED( recurse_count ); + /* check that we can write the glyph into the bitmap */ bitmap = decoder->bitmap; @@ -577,8 +677,8 @@ line_bits = width * decoder->bit_depth; - if ( x_pos < 0 || x_pos + width > bit_width || - y_pos < 0 || y_pos + height > bit_height ) + if ( x_pos < 0 || (FT_UInt)( x_pos + width ) > bit_width || + y_pos < 0 || (FT_UInt)( y_pos + height ) > bit_height ) { FT_TRACE1(( "tt_sbit_decoder_load_byte_aligned:" " invalid bitmap dimensions\n" )); @@ -695,14 +795,18 @@ FT_Byte* p, FT_Byte* limit, FT_Int x_pos, - FT_Int y_pos ) + FT_Int y_pos, + FT_UInt recurse_count ) { FT_Error error = FT_Err_Ok; FT_Byte* line; - FT_Int bit_height, bit_width, pitch, width, height, line_bits, h, nbits; + FT_Int pitch, width, height, line_bits, h, nbits; + FT_UInt bit_height, bit_width; FT_Bitmap* bitmap; FT_UShort rval; + FT_UNUSED( recurse_count ); + /* check that we can write the glyph into the bitmap */ bitmap = decoder->bitmap; @@ -716,8 +820,8 @@ line_bits = width * decoder->bit_depth; - if ( x_pos < 0 || x_pos + width > bit_width || - y_pos < 0 || y_pos + height > bit_height ) + if ( x_pos < 0 || (FT_UInt)( x_pos + width ) > bit_width || + y_pos < 0 || (FT_UInt)( y_pos + height ) > bit_height ) { FT_TRACE1(( "tt_sbit_decoder_load_bit_aligned:" " invalid bitmap dimensions\n" )); @@ -732,6 +836,12 @@ goto Exit; } + if ( !line_bits || !height ) + { + /* nothing to do */ + goto Exit; + } + /* now do the blit */ /* adjust `line' to point to the first byte of the bitmap */ @@ -771,7 +881,7 @@ } *pwrite++ |= ( ( rval >> nbits ) & 0xFF ) & - ( ~( 0xFF << w ) << ( 8 - w - x_pos ) ); + ( ~( 0xFFU << w ) << ( 8 - w - x_pos ) ); rval <<= 8; w = line_bits - w; @@ -818,7 +928,8 @@ FT_Byte* p, FT_Byte* limit, FT_Int x_pos, - FT_Int y_pos ) + FT_Int y_pos, + FT_UInt recurse_count ) { FT_Error error = FT_Err_Ok; FT_UInt num_components, nn; @@ -852,8 +963,11 @@ /* NB: a recursive call */ - error = tt_sbit_decoder_load_image( decoder, gindex, - x_pos + dx, y_pos + dy ); + error = tt_sbit_decoder_load_image( decoder, + gindex, + x_pos + dx, + y_pos + dy, + recurse_count + 1 ); if ( error ) break; } @@ -885,11 +999,14 @@ FT_Byte* p, FT_Byte* limit, FT_Int x_pos, - FT_Int y_pos ) + FT_Int y_pos, + FT_UInt recurse_count ) { FT_Error error = FT_Err_Ok; FT_ULong png_len; + FT_UNUSED( recurse_count ); + if ( limit - p < 4 ) { @@ -931,7 +1048,8 @@ FT_ULong glyph_start, FT_ULong glyph_size, FT_Int x_pos, - FT_Int y_pos ) + FT_Int y_pos, + FT_UInt recurse_count ) { FT_Error error; FT_Stream stream = decoder->stream; @@ -941,7 +1059,8 @@ /* seek into the EBDT table now */ - if ( glyph_start + glyph_size > decoder->ebdt_size ) + if ( !glyph_size || + glyph_start + glyph_size > decoder->ebdt_size ) { error = FT_THROW( Invalid_Argument ); goto Exit; @@ -1057,7 +1176,7 @@ goto Fail; } - error = loader( decoder, p, p_limit, x_pos, y_pos ); + error = loader( decoder, p, p_limit, x_pos, y_pos, recurse_count ); } Fail: @@ -1072,13 +1191,9 @@ tt_sbit_decoder_load_image( TT_SBitDecoder decoder, FT_UInt glyph_index, FT_Int x_pos, - FT_Int y_pos ) + FT_Int y_pos, + FT_UInt recurse_count ) { - /* - * First, we find the correct strike range that applies to this - * glyph index. - */ - FT_Byte* p = decoder->eblc_base + decoder->strike_index_array; FT_Byte* p_limit = decoder->eblc_limit; FT_ULong num_ranges = decoder->strike_index_count; @@ -1086,6 +1201,17 @@ FT_ULong image_start = 0, image_end = 0, image_offset; + /* arbitrary recursion limit */ + if ( recurse_count > 100 ) + { + FT_TRACE4(( "tt_sbit_decoder_load_image:" + " recursion depth exceeded\n" )); + goto Failure; + } + + + /* First, we find the correct strike range that applies to this */ + /* glyph index. */ for ( ; num_ranges > 0; num_ranges-- ) { start = FT_NEXT_USHORT( p ); @@ -1250,7 +1376,8 @@ image_start, image_end, x_pos, - y_pos ); + y_pos, + recurse_count ); Failure: return FT_THROW( Invalid_Table ); @@ -1379,9 +1506,9 @@ metrics->horiBearingX = (FT_Short)originOffsetX; metrics->horiBearingY = (FT_Short)( -originOffsetY + metrics->height ); - metrics->horiAdvance = (FT_Short)( aadvance * - face->root.size->metrics.x_ppem / - face->header.Units_Per_EM ); + metrics->horiAdvance = (FT_UShort)( aadvance * + face->root.size->metrics.x_ppem / + face->header.Units_Per_EM ); } return error; @@ -1413,6 +1540,7 @@ error = tt_sbit_decoder_load_image( decoder, glyph_index, 0, + 0, 0 ); tt_sbit_decoder_done( decoder ); } @@ -1442,7 +1570,7 @@ FT_Library library = face->root.glyph->library; - FT_Bitmap_New( &new_map ); + FT_Bitmap_Init( &new_map ); /* Convert to 8bit grayscale. */ error = FT_Bitmap_Convert( library, map, &new_map, 1 ); diff --git a/freetype/src/sfnt/ttsbit.h b/freetype/src/sfnt/ttsbit.h index 695d0d8d0..d8a816708 100644 --- a/freetype/src/sfnt/ttsbit.h +++ b/freetype/src/sfnt/ttsbit.h @@ -4,7 +4,7 @@ /* */ /* TrueType and OpenType embedded bitmap support (specification). */ /* */ -/* Copyright 1996-2008, 2013 by */ +/* Copyright 1996-2016 by */ /* David Turner, Robert Wilhelm, and Werner Lemberg. */ /* */ /* This file is part of the FreeType project, and may only be used, */ @@ -16,8 +16,8 @@ /***************************************************************************/ -#ifndef __TTSBIT_H__ -#define __TTSBIT_H__ +#ifndef TTSBIT_H_ +#define TTSBIT_H_ #include <ft2build.h> @@ -57,7 +57,7 @@ FT_BEGIN_HEADER FT_END_HEADER -#endif /* __TTSBIT_H__ */ +#endif /* TTSBIT_H_ */ /* END */ |