Commit Graph

3532 Commits

Author SHA1 Message Date
Werner Lemberg
2dc76a4650 [cff] Next try to fix hintmask' and cntrmask' limit check.
Problem reported by malc <av1474@comtv.ru>.

* src/cff/cffgload.c (cff_decoder_parse_charstrings)
<cff_op_hintmask>: It is possible that there is just a single byte
after the `hintmask' or `cntrmask', e.g., a `return' instruction.
2010-07-05 06:40:02 +02:00
suzuki toshiya
0ae3271814 Restrict the number of the charmaps in a rogue-compatible mode.
Fix for Savannah bug #30059.

* src/cache/ftccmap.c (FTC_CMapCache_Lookup): Replace `16' the
minimum character code passed by a legacy rogue client by...
* include/freetype/config/ftoption.h (FT_MAX_CHARMAP_CACHEABLE):
This.  It is undefined when FT_CONFIG_OPTION_OLD_INTERNALS is
undefined (thus the rogue client compatibility is not required).

* src/cff/cffobjs.c (cff_face_init): Abort the automatic
selection or synthesis of Unicode cmap subtable when the charmap
index exceeds FT_MAX_CHARMAP_CACHEABLE.
* src/sfnt/ttcmap.c (tt_face_build_cmaps): Issue error message
when the charmap index exceeds FT_MAX_CHARMAP_CACHEABLE.

* src/base/ftobjs.c (find_unicode_charmap): When Unicode charmap
is found after FT_MAX_CHARMAP_CACHEABLE, ignore it and search
earlier one.
(find_variant_selector_charmap): When UVS charmap is found after
FT_MAX_CHARMAP_CACHEABLE, ignore it and search earlier one.
(FT_Select_Charmap): When a charmap matching with requested
encoding but after FT_MAX_CHARMAP_CACHEABLE, ignore and search
earlier one.
(FT_Set_Charmap): When a charmap matching with requested
charmap but after FT_MAX_CHARMAP_CACHEABLE, ignore and search
earlier one.
(FT_Get_Charmap_Index): When a requested charmap is found
after FT_MAX_CHARMAP_CACHEABLE, return the inverted charmap
index.
2010-07-05 09:59:03 +09:00
Werner Lemberg
8a6f3280f5 Version number update. 2010-07-04 07:49:03 +02:00
Werner Lemberg
6bbbbc1523 TrueType hinting is no longer patented.
* include/freetype/config/ftoption.h, devel/ftoption.h
(TT_CONFIG_OPTION_BYTECODE_INTERPRETER): Define.
(TT_CONFIG_OPTION_UNPATENTED_HINTING): Undefine.

* docs/CHANGES, docs/INSTALL, include/freetype/freetype.h: Updated.
* docs/TRUETYPE, docs/PATENTS: Removed.
2010-07-04 07:37:56 +02:00
Werner Lemberg
ce27fd56fa Cosmetic changes. 2010-07-04 07:09:10 +02:00
suzuki toshiya
a874c7ecca Check error value by `FT_CMap_New'.
* src/cff/cffobjs.c (cff_face_init): Check error value by
`FT_CMap_New'.
* src/pfr/pfrobjs.c (pfr_face_init): Ditto.
* src/type1/t1jobjs.c (T1_Face_Init): Ditto.
* src/type42/t42jobjs.c (T42_Face_Init): Ditto.
2010-07-04 12:08:41 +09:00
Werner Lemberg
e017639710 Make ftgrays.c compile stand-alone again.
* src/smooth/ftgrays.c [_STANDALONE_]: Include `stddef.h'.
(FT_INT_MAX, FT_PtrDist)[_STANDALONE_]: Define.
2010-07-03 15:31:38 +02:00
suzuki toshiya
b2ea64bcc6 Additional fix for Savannah bug #30306.
* src/base/ftobjs.c (Mac_Read_POST_Resource): If the type
of the POST fragment is 0, the segment is completely ignored.
The declared length of the segment is not cared at all.
According to Adobe Technical Note 5040, type 0 segment is
comment only and should not be loaded for the interpreter.
Reported by Robert Swiecki.
2010-07-02 18:19:39 +09:00
Werner Lemberg
c2dabdeed0 Merge branch 'master' of git.sv.gnu.org:/srv/git/freetype/freetype2
Conflicts:
	ChangeLog
2010-07-02 01:27:49 +02:00
suzuki toshiya
5ef20c8c1d Initial fix for Savannah bug #30306.
* src/base/ftobjs.c (Mac_Read_POST_Resource): Check `rlen'
the length of fragment declared in the POST fragment header
and prevent an underflow in length calculation. Some fonts
set the length to zero in spite of the exist of following
16bit `type'. Reported by Robert Swiecki.
2010-07-01 18:39:04 +09:00
Werner Lemberg
a2d225e322 [truetype] Protect against code range underflow.
* src/truetype/ttinterp.c (DO_JROT, DO_JMPR, DO_JROF): Don't allow
negative IP values.
2010-07-01 11:37:09 +02:00
Werner Lemberg
462ddb4072 [truetype] Add rudimentary tracing for bytecode instructions.
* src/truetype/ttinterp.c (opcode_name) [FT_DEBUG_LEVEL_TRACE]: New
array.
(TT_RunIns): Trace opcodes.
2010-07-01 11:28:43 +02:00
suzuki toshiya
f29f741efb Additional fix for Savannah bug #30248 and #30249.
* src/base/ftobjs.c (Mac_Read_POST_Resource): Check the buffer
size during gathering PFB fragments embedded in LaserWriter PS
font for Macintosh. Reported by Robert Swiecki.
2010-07-01 17:32:40 +09:00
Werner Lemberg
6305b869d8 Fix Savannah bug #30263.
* src/smooth/ftgrays.c (gray_render_span): Use cast to `unsigned
int' to avoid integer overflow.

* src/smooth/ftsmooth.c (ft_smooth_render_generic): Use smaller
threshold values for `width' and `height'.  This is not directly
related to the bug fix but makes sense anyway.
2010-06-30 18:24:33 +02:00
Werner Lemberg
0ae6cf214f Minor optimizations by avoiding divisions.
* src/sfnt/ttkern.c (tt_face_load_kern, tt_face_get_kerning):
Replace divisions with multiplication in comparisons.
2010-06-30 10:26:48 +02:00
Werner Lemberg
ae425e5189 Fix minor tracing issues.
* src/cff/cffgload.c, src/truetype/ttgload.c: Adjust tracing levels.
2010-06-29 12:31:08 +02:00
Werner Lemberg
18b552f6ae [cff] Really fix hintmask' and cntrmask' limit check.
* src/cff/cffgload.c (cff_decoder_parse_charstrings)
<cff_op_hintmask>: Fix thinko and handle tracing also.
2010-06-27 15:41:02 +02:00
Werner Lemberg
8bebaa74cc Fix valgrind warning.
* src/base/ftoutln.c (FT_Outline_Get_Orientation): Initialize
`result' array.
2010-06-27 15:10:15 +02:00
Werner Lemberg
4f7851e3d2 [cff] Fix memory leak.
* src/cff/cffgload.c (cff_operator_seac): Free charstrings even in
case of errors.
2010-06-27 13:03:54 +02:00
Werner Lemberg
e9f0cdb6c0 [cff] Protect against invalid hintmask' and cntrmask' operators.
* src/cff/cffgload.c (cff_decoder_parse_charstrings)
<cff_op_hintmask>: Ensure that we don't exceed `limit' while parsing
the bit masks of the `hintmask' and `cntrmask' operators.
2010-06-27 12:34:19 +02:00
Werner Lemberg
1c70fcbc0a Fix PFR change 2010-06-24.
* src/pfr/pfrgload.c (pfr_glyph_load_simple): Really protect against
invalid indices.
2010-06-27 00:43:23 +02:00
Werner Lemberg
91ea0bf80d Improve PFR tracing messages.
* src/pfr/pfrgload.c (pfr_glyph_load_rec): Emit tracing messages for
simple and compound glyph offsets.
2010-06-26 22:46:38 +02:00
Werner Lemberg
82ad8ab242 Fix last PFR change.
* src/pfr/pfrobjs.c (pfr_face_init): Fix rejection logic.
2010-06-26 09:45:41 +02:00
Werner Lemberg
7d91173643 Fix Savannah bug #30262.
* src/sfnt/ttload.c (tt_face_load_maxp): Limit `maxComponentDepth'
arbitrarily to 100 to avoid stack exhaustion.
2010-06-26 09:29:51 +02:00
Werner Lemberg
75787c19ea Add some memory checks (mainly for debugging).
* src/base/ftstream.c (FT_Stream_EnterFrame): Exit with error
if the frame size is larger than the stream size.

* src/base/ftsystem.c (ft_ansi_stream_io): Exit with error if
seeking a position larger than the stream size.
2010-06-26 09:24:08 +02:00
Werner Lemberg
ea5babaa67 Fix Savannah bug #30261.
* src/pfr/pfrobjs.c (pfr_face_init): Reject fonts which contain
neither outline nor bitmap glyphs.
2010-06-25 22:44:37 +02:00
Werner Lemberg
e23ba91af7 Fix Savannah bug #30254.
* src/cff/cffload.c (cff_index_get_pointers): Do sanity check for
first offset also.
2010-06-25 21:55:14 +02:00
suzuki toshiya
c69891a134 Initial fix for Savannah bug #30248 and #30249.
* src/base/ftobjs.c (Mac_Read_POST_Resource): Check the error during
reading a PFB fragment embedded in LaserWriter PS font for Macintosh.
Reported by Robert Swiecki.
2010-06-25 10:48:12 +09:00
Werner Lemberg
6fc12943e9 Fix Savannah bug #30247.
* src/pcf/pcfread.c (pcf_get_metrics): Disallow (invalid) fonts with
zero metrics.
2010-06-24 20:20:26 +02:00
Graham Asher
e419f48b40 * src/smooth/ftgrays.c (gray_render_cubic): Fix algorithm.
The previous version was too aggressive, as demonstrated in
http://lists.gnu.org/archive/html/freetype-devel/2010-06/msg00020.html.
2010-06-24 12:50:46 +02:00
Werner Lemberg
f765e4403c */*: Use module specific error names where appropriate. 2010-06-24 10:34:29 +02:00
Werner Lemberg
8b1c34da4c Fix Savannah bug #30236.
* src/sfnt/ttcmap.c (tt_face_build_cmaps): Improve check for pointer
to `cmap_table'.
2010-06-24 08:48:10 +02:00
Werner Lemberg
3cf87f4d27 Fix Savannah bug #30235.
* src/pfr/pfrgload.c (pfr_glyph_load_simple): Protect against
invalid indices if there aren't any coordinates for indexing.
2010-06-24 08:20:56 +02:00
Werner Lemberg
b21d7bc567 [bdf]: Font properties are optional.
* src/bdf/bdflib.c (_bdf_readstream): Use special error code to
indicate a redo operation.
(_bdf_parse_start): Handle `CHARS' keyword here too and pass current
input line to `_bdf_parse_glyph'.
2010-06-24 07:40:49 +02:00
Werner Lemberg
8c2c2556af Whitespace. 2010-06-24 07:36:21 +02:00
Werner Lemberg
fb69029a7a Fix Savannah bug #30220.
* include/freetype/fterrdef.h
(BDF_Err_Missing_Fontboundingbox_Field): New error code.

* src/bdf/bdflib.c (_bdf_parse_start): Check for missing
`FONTBOUNDINGBOX' field.
Avoid memory leak if there are multiple `FONT' lines (which is
invalid but doesn't hurt).
2010-06-23 10:00:52 +02:00
Werner Lemberg
ddc4b136d6 Fix Savannah bug #30168.
* src/pfr/pfrgload.c (pfr_glyph_load_compound): Limit the number of
subglyphs to avoid endless recursion.
2010-06-21 09:28:32 +02:00
Werner Lemberg
90b07bd541 Fix Savannah bug #30145.
* src/psaux/psobjs.c (t1_builder_add_contour): Protect against
`outline == NULL' which might happen in invalid fonts.
2010-06-20 16:27:36 +02:00
Werner Lemberg
f4c94d4b5f Fix Savannah bug #30135.
* src/bdf/bdflib.c (_bdf_list_join): Don't modify value in static
string `empty'.
(_bdf_parse_glyph): Avoid memory leak in case of error.
2010-06-19 16:08:31 +02:00
Werner Lemberg
5d86cdce7e Fix Savannah bug #30108.
* src/autofit/afglobal.c (af_face_globals_compute_script_coverage):
Properly mask AF_DIGIT bit in comparison.
2010-06-15 08:29:30 +02:00
Werner Lemberg
8d22746c9e Fix Savannah bug #30106.
Point numbers for FreeType's implementation of hinting masks are
collected before the final number of points of a glyph has been
determined; in particular, the code for handling the `endchar'
opcode can reduce the number of points.

* src/pshinter/pshalgo.c (psh_glyph_find_strong_points): Assure that
`end_point' is not larger than `glyph->num_points'.
2010-06-12 01:32:20 +02:00
Werner Lemberg
3624110cc2 [cff]: Improve debugging output.
* src/cff/cffgload.c (cff_decoder_parse_charstrings)
<cff_op_hintmask>: Implement it.
2010-06-11 23:00:22 +02:00
Graham Asher
7fb3ef64a2 ftgrays: Speed up rendering of small cubic splines.
* src/smooth/ftgrays.c (gray_render_cubic): Implement new,
simplified algorithm to find out whether the spline can be replaced
with two straight lines.  See this thread for more:

  http://lists.gnu.org/archive/html/freetype-devel/2010-06/msg00000.html
2010-06-10 08:10:57 +02:00
Werner Lemberg
ad61f178e2 Oops, revert unwanted previous commit for ftgrays.c. 2010-06-09 15:18:57 +02:00
Werner Lemberg
7d3d2cc4fe Fix Savannah bug #30082.
* src/cff/cffgload.c (cff_decoder_parse_charstrings)
<cff_op_callothersubr>: Protect against stack underflow.
2010-06-09 09:14:09 +02:00
Werner Lemberg
a4124bf088 Fix Savannah bug #30053.
* src/cff/cffparse (cff_parse_real): Handle border case where
`fraction_length' has value 10.
2010-06-08 09:21:39 +02:00
Werner Lemberg
370aea802c Formatting. 2010-06-08 08:37:11 +02:00
Werner Lemberg
d087199f2c Fix Savannah bug #30052.
This bug has been introduced with commit 2415cbf3.

* src/base/ftobjs.c (FT_Get_First_Char, FT_Get_Next_Char): Protect
against endless loop in case of corrupted font header data.
2010-06-07 08:46:01 +02:00
Werner Lemberg
c217bf19f0 Remove unused variable.
Found by Graham.

* src/autofit/afhints.c (af_glyph_hints_reload): Remove unused
variable `first' in first block.
2010-05-26 16:16:34 +02:00
Werner Lemberg
e30de299f2 Fix various memory problems found by linuxtesting.org.
* src/base/ftgxval.c (FT_TrueTypeGX_Free, FT_ClassicKern_Free),
src/base/ftotval.c (FT_OpenType_Free), src/base/ftpfr.c
(ft_pfr_check): Check `face'.

* src/base/ftobjs.c (FT_Get_Charmap_Index): Check `charmap' and
`charmap->face'.
(FT_Render_Glyph): Check `slot->face'.
(FT_Get_SubGlyph_Info): Check `glyph->subglyphs'.

Improve API documentation.
2010-05-22 20:03:41 +02:00