Commit Graph

4775 Commits

Author SHA1 Message Date
suzuki toshiya
18a8f0d994 Fix Savannah bug #43540.
* src/base/ftmac.c (parse_fond): Prevent a buffer overrun
caused by a font including too many (> 63) strings to store
names[] table.
2014-11-26 17:56:30 +09:00
suzuki toshiya
453316792f * src/base/ftobjs.c (Mac_Read_POST_Resource): Use unsigned long
variables to read the lengths in POST fragments.  Suggested by
Mateusz Jurczyk <mjurczyk@google.com>.
2014-11-26 17:56:09 +09:00
suzuki toshiya
35252ae9aa Fix Savannah bug #43539.
* src/base/ftobjs.c (Mac_Read_POST_Resource): Fix integer overflow
by a broken POST table in resource-fork.
2014-11-26 17:55:55 +09:00
suzuki toshiya
240c94a185 Fix Savannah bug #43538.
* src/base/ftobjs.c (Mac_Read_POST_Resource): Fix integer overflow
by a broken POST table in resource-fork.
2014-11-26 17:55:41 +09:00
suzuki toshiya
5aff85301b * src/base/ftobjs.c (Mac_Read_POST_Resource): Avoid memory leak
by a broken POST table in resource-fork.  Return after freeing
the buffered POST table when it is found to be broken.
2014-11-26 17:55:30 +09:00
Werner Lemberg
02b8e7e8d7 */*: s/Invalid_Argument/Invalid_Size_Handle/ where appropriate. 2014-11-25 11:31:51 +01:00
Werner Lemberg
0d4aa23e7c */*: s/Invalid_Argument/Invalid_Stream_Handle/ where appropriate. 2014-11-25 11:26:14 +01:00
Werner Lemberg
f4f9e68800 */*: s/Invalid_Argument/Invalid_Library_Handle/ where appropriate. 2014-11-25 11:11:55 +01:00
Werner Lemberg
04c2aa18bf */*: s/Invalid_Argument/Invalid_Outline/ where appropriate. 2014-11-25 10:22:12 +01:00
Werner Lemberg
04edbbda3c */*: s/Invalid_Argument/Invalid_Face_Handle/ where appropriate. 2014-11-25 10:21:13 +01:00
Werner Lemberg
3e86711ebf [Savannah bug #43682] Adjust some renderer callbacks.
* src/raster/ftraster.c (ft_black_set_mode): Change return type to
`int' to stay in sync with `FT_Renderer_SetModeFunc' prototype.

* src/smooth/ftgrays.c (gray_raster_set_mode): New dummy function
for orthogonality.
(ft_grays_raster): Use it.
2014-11-25 09:01:07 +01:00
Werner Lemberg
6689a009ce [Savannah bug #43682] Properly handle missing return errors.
The functions in this patch *do* return non-trivial errors that must
be taken care of.

* src/autofit/afloader.c (af_loader_load_g), src/base/ftobjs.c
(FT_Render_Glyph_Internal), src/base/ftoutln.c (FT_Outline_Render),
src/cff/cffgload.c (cff_decoder_parse_charstrings) <cff_op_endchar>,
src/psaux/psobjs.c (ps_parser_load_field_table), src/psaux/t1decode
(t1_decoder_parse_charstrings) <op_endchar>, src/truetype/ttgload.c
(load_truetype_glyph <subglyph loop>, tt_loader_init,
TT_Load_Glyph), src/truetype/ttgxvar.c (TT_Set_MM_Blend),
src/truetype/ttobjs.c (tt_size_run_fpgm, tt_size_run_prep): Do it.
2014-11-25 08:53:09 +01:00
Werner Lemberg
b24e8ba28a [Savannah bug #43682] Add/remove `void' casts to some functions.
We use a cast to indicate that we intentionally ignore a function's
return value.  However, this doesn't apply to API functions where
errors can only happen for trivially invalid input.

* src/base/ftstroke.c (FT_Glyph_Stroke, FT_Glyph_StrokeBorder),
src/base/ftsynth.c (FT_GlyphSlot_Embolden), src/cff/cffgload.c
(cff_slot_load), src/pfr/pfrdrivr.c (pfr_get_kerning),
src/type1/t1load.c (parse_encoding), src/type42/t42parse.c
(t42_parse_encoding): Do it.
2014-11-25 08:30:49 +01:00
Werner Lemberg
ef439fd209 [Savannah bug #43682] Change some signatures to `void' return type.
* include/internal/pshints.h (PSH_Globals_SetScaleFunc),
include/internal/sfnt.h (TT_Get_Metrics_Func),
src/pshinter/pshglob.c (psh_globals_set_scale),
src/pshinter/pshrec.c (ps_hints_init), src/sfnt/ttmtx.c
(tt_face_get_metrics), src/truetype/ttinterp.c (TT_Goto_CodeRange,
TT_Set_CodeRange, TT_Clear_CodeRange, TT_Done_Context,
TT_Save_Context): Do it.

* src/pshinter/pshglob.h, src/pshinter/pshrec.h, src/sfnt/ttmtx.h,
src/truetype/ttgload.c (TT_Hint_Glyph), src/truetype/ttinterp.c
(TT_Run_Context), src/truetype/ttinterp.h, src/truetype/ttobjs.c
(tt_size_run_fpgm, tt_size_run_prep): Updated.
2014-11-25 08:14:15 +01:00
Werner Lemberg
6889f7b72d Remove all code related to FT_MAX_CHARMAP_CACHEABLE.
This is no longer used.

* src/base/ftobjs.c, src/cache/ftccmap.c, src/cff/cffobjs.c,
src/sfnt/ttcmap.c: Do it.
2014-11-24 17:16:08 +01:00
Werner Lemberg
f0292bb992 [sfnt] Fix Savannah bug #43680.
This adds an additional constraint to make the fix from 2013-01-25
really work.

* src/sfnt/ttsbit.c (tt_sbit_decoder_load_image) <index_format==4>:
Check `p' before `num_glyphs'.
2014-11-24 10:51:21 +01:00
Werner Lemberg
eca0f06706 [truetype] Fix Savannah bug #43679.
* src/truetype/ttpload.c (tt_face_load_hdmx): Check minimum size of
`record_size'.
2014-11-24 10:22:08 +01:00
Jarkko Pöyry
96341dc378 [cff, pfr, psaux, winfonts] Fix Savannah bug #43676.
Don't cast cmap init function pointers to an incompatible type.

Without this patch, the number of parameters between declaration and
the real signature differs.  Calling such a function results in
undefined behavior.

  ISO/IEC 9899:TC3 (Committee Draft September 7, 2007)
    6.5.2.2 Function calls
      9 If the function is defined with a type that is not
        compatible with the type (of the expression) pointed to by
        the expression that denotes the called function, the
        behavior is undefined.

On certain platforms (c -> js with emscripten) this causes
termination of execution or invalid calls because in the emscripten
implementation, function pointers of different types are stored in
different pointer arrays.  Incorrect pointer type here results in
indexing of an incorrect array.

* src/cff/cffcmap.c (cff_cmap_encoding_init, cff_cmap_unicode_init),
src/pfr/pfrcmap.c (pfr_cmap_init), src/psaux/t1cmap.c
t1_cmap_standard_init, t1_cmap_expert_init, t1_cmap_custom_init,
t1_cmap_unicode_init), src/winfonts/winfnt.c (fnt_cmap_init): Fix
signature.
2014-11-24 09:53:07 +01:00
Werner Lemberg
f70d9342e6 [sfnt] Fix Savannah bug #43672.
* src/sfnt/ttkern.c (tt_face_load_kern): Use correct value for
minimum table length test.
2014-11-24 09:31:32 +01:00
Werner Lemberg
73be9f9ab6 [type1, type42] Another fix for Savannah bug #43655.
* src/type1/t1load.c (parse_charstrings), src/type42/t42parse.c
(t42_parse_charstrings): Add another boundary testing.
2014-11-24 07:30:05 +01:00
Werner Lemberg
a7a4207d10 [docmaker] Formatting, copyright, improved documentation.
* src/tools/docmaker/*: No code changes besides trivial
modifications.
2014-11-24 06:44:45 +01:00
Werner Lemberg
f1094c0951 Minor documentation reordering. 2014-11-22 18:54:51 +01:00
Werner Lemberg
d26cd5ed27 The FT_LOAD_BITMAP_CROP flag is obsolete.
It's not used by any driver.
2014-11-22 18:49:25 +01:00
Werner Lemberg
af8346172a [bdf] Fix Savannah bug #43660.
* src/bdf/bdflib.c (_bdf_parse_glyphs) <"ENDFONT">: Check
`_BDF_GLYPH_BITS'.
2014-11-22 13:29:10 +01:00
Werner Lemberg
42fcd6693e [type42] Allow only embedded TrueType fonts.
This is a follow-up to Savannah bug #43659.

* src/type42/t42objs.c (T42_Face_Init): Exclusively use the
`truetype' font driver for loading the font contained in the `sfnts'
array.
2014-11-22 12:44:33 +01:00
Werner Lemberg
3788187e0c [type42] Fix Savannah bug #43659.
* src/type42/t42objs.c (T42_Open_Face): Initialize `face->ttf_size'.

* src/type42/t42parse.c (t42_parse_sfnts): Always set
`face->ttf_size' directly.  This ensures a correct stream size in
the call to `FT_Open_Face', which follows after parsing, even for
buggy input data.
Fix error messages.
2014-11-22 10:46:47 +01:00
Werner Lemberg
5f201ab5c2 [cff] Fix Savannah bug #43658.
* src/cff/cf2ft.c (cf2_builder_lineTo, cf2_builder_cubeTo): Handle
return values of point allocation routines.
2014-11-22 09:16:39 +01:00
Werner Lemberg
801b35fe81 Formatting. 2014-11-22 07:21:11 +01:00
Werner Lemberg
9bd20b7304 [sfnt] Fix Savannah bug #43656.
* src/sfnt/ttcmap.c (tt_cmap4_validate): Fix order of validity
tests.
2014-11-22 06:24:45 +01:00
Werner Lemberg
dd89710f0f [type1, type42] Fix Savannah bug #43655.
* src/type1/t1load.c (parse_charstrings), src/type42/t42parse.c
(t42_parse_charstrings): Fix boundary testing.
2014-11-21 22:19:28 +01:00
Werner Lemberg
b1fc00d5dc * src/pcf/pcfread.c (pcf_get_metrics): Sanitize invalid metrics. 2014-11-21 12:06:40 +01:00
Werner Lemberg
23c093fc38 Minor. 2014-11-21 08:41:39 +01:00
Werner Lemberg
9154dab815 [ftlcdfil] Obey flow direction.
* src/base/ftlcdfil.c (_ft_lcd_filter_fir, _ft_lcd_filter_legacy):
Handle `up' flow.
2014-11-21 08:03:51 +01:00
Werner Lemberg
644d6fab7e * src/base/ftbitmap.c (FT_Bitmap_Convert): Improve.
This commit completes argument checks and adds support for different
flow directions.
2014-11-21 07:28:50 +01:00
Werner Lemberg
6de761744c * src/base/ftbitmap.c (FT_Bitmap_Copy): Improve.
This commit adds argument checks and support for different flow
directions.
2014-11-21 06:38:46 +01:00
Werner Lemberg
1e6e1b8390 * src/base/ftbitmap.c (FT_Bitmap_New): Check argument. 2014-11-21 06:38:46 +01:00
Werner Lemberg
b3500af717 Change some fields in `FT_Bitmap' to unsigned type.
This doesn't break ABI.

* include/ftimage.h (FT_Bitmap): Make `rows', `width', `num_grays',
`pixel_mode', and `palette_mode' unsigned types.

* src/base/ftbitmap.c: Updated.
(FT_Bitmap_Copy): Fix casts.

* src/cache/ftcsbits.c, src/raster/ftraster.c, src/sfnt/pngshim.c:
Updated.
2014-11-21 06:38:46 +01:00
Werner Lemberg
df485774fb Make FT_Bitmap_Convert' correctly handle negative pitch' values.
* src/base/ftbitmap.c (FT_Bitmap_Convert): Always use positive value
for the pitch while copying data.
Correctly set pitch sign in target bitmap.
2014-11-21 06:38:46 +01:00
Werner Lemberg
d6061212c3 Minor code improvement in `FT_Bitmap_Embolden'.
* src/base/ftbitmap.c (FT_Bitmap_Embolden) <FT_PIXEL_MODE_GRAY[24]>:
Fix thinko.
2014-11-21 06:38:01 +01:00
Werner Lemberg
8d05486eab Minor documentation improvements and whitespace. 2014-11-21 06:10:25 +01:00
Alexei Podtelezhnikov
237c0abfdc Trailing space. 2014-11-19 22:10:29 -05:00
Alexei Podtelezhnikov
f841ad3ec2 * src/base/fttrigon.c: Use dedicated `FT_Angle' for arctan table. 2014-11-19 21:19:06 -05:00
Werner Lemberg
a67c43e1c8 Avoid compiler warnings on x86-64 for `FT_MulFix'.
`FT_MulFix' takes `FT_Long' parameters as defined in `freetype.h',
but several inline implementations of it in `ftcalc.h' take
`FT_Int32' arguments.  This is causing compiler warnings on x86-64:
If parameters of type `FT_Fixed' (= `FT_Long') are passed to the
inline implementation of this function, integer values are truncated
from 64bit to 32bit.

* include/internal/ftcalc.h (FT_MulFix) [FT_MULFIX_ASSEMBLER]: Add
casts.
2014-11-19 06:46:23 +01:00
Werner Lemberg
54abd22891 [sfnt] Fix Savannah bug #43597.
* src/sfnt/pngshim.c (Load_SBit_Png): Protect against too large
bitmaps.
2014-11-15 09:05:22 +01:00
Werner Lemberg
257c270bd2 [sfnt] Fix Savannah bug #43591.
* src/sfnt/ttsbit.c (tt_sbit_decoder_init): Protect against addition
and multiplication overflow.
2014-11-12 21:42:13 +01:00
Werner Lemberg
677ddf4f1d [sfnt] Fix Savannah bug #43590.
* src/sfnt/ttload.c (check_table_dir, tt_face_load_font_dir):
Protect against addition overflow.
2014-11-12 21:26:44 +01:00
Werner Lemberg
f46add1389 [sfnt] Fix Savannah bug #43589.
* src/sfnt/sfobjs.c (woff_open_font): Protect against addition
overflow.
2014-11-12 21:06:08 +01:00
Werner Lemberg
602040b111 [sfnt] Fix Savannah bug #43588.
* src/sfnt/ttcmap.c (tt_cmap8_validate, tt_cmap10_validate,
tt_cmap12_validate, tt_cmap13_validate, tt_cmap14_validate): Protect
against overflow in additions and multiplications.
2014-11-12 20:51:20 +01:00
Alexei Podtelezhnikov
2e73a1b4fd [base] CORDIC improvements.
The scaling between the hypotenuse and its CORDIC approximation is
based on regression analysis. The smaller padding for `theta' is
justifed by its maximum error of less than 6.

* src/base/fttrigon.c (ft_trig_downscale): Borrow code from
./ftcalc.c (ft_multo64), change linear intercept.
(ft_trig_pseudo_polarize): Decrease `theta' padding.
2014-11-09 23:22:43 -05:00
Werner Lemberg
c3e9f02605 Minor documentation fixes. 2014-11-09 23:21:37 +01:00