* src/autofit/afblue.dat: Add blue zone data for Glagolitic.
* src/autofit/afblue.c, src/autofit/afblue.h: Regenerated.
* src/autofit/afscript.h: Add Glagolitic standard characters.
* src/autofit/afranges.c, src/autofit/afstyles.h: Add Glagolitic data.
* src/autofit/afblue.dat: Add blue zone data for Tai Viet.
* src/autofit/afblue.c, src/autofit/afblue.h: Regenerated.
* src/autofit/afscript.h: Add Tai Viet standard characters.
* src/autofit/afranges.c, src/autofit/afstyles.h: Add Tai Viet data.
* src/autofit/afblue.dat: Add blue zone data for Tifinagh.
* src/autofit/afblue.c, src/autofit/afblue.h: Regenerated.
* src/autofit/afscript.h: Add Tifinagh standard characters.
* src/autofit/afranges.c, src/autofit/afstyles.h: Add Tifinagh data.
* src/autofit/afblue.dat: Add blue zone data for N'Ko.
* src/autofit/afblue.c, src/autofit/afblue.h: Regenerated.
* src/autofit/afscript.h: Add N'Ko standard characters.
* src/autofit/afranges.c, src/autofit/afstyles.h: Add N'Ko data.
* src/autofit/afblue.dat: Add blue zone data for Adlam.
* src/autofit/afblue.c, src/autofit/afblue.h: Regenerated.
* src/autofit/afscript.h: Add Adlam standard characters.
* src/autofit/afranges.c, src/autofit/afstyles.h: Add Adlam data.
* src/autofit/afblue.dat: Add blue zone data for Ol Chiki.
* src/autofit/afblue.c, src/autofit/afblue.h: Regenerated.
* src/autofit/afscript.h: Add Ol Chiki standard character.
* src/autofit/afranges.c, src/autofit/afstyles.h: Add Ol Chiki data.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=981
* include/freetype/fterrdef.h (FT_Err_DEF_In_Glyf_Bytecode): New
error code.
* src/truetype/ttinterp.c (Ins_FDEF, Ins_IDEF): Prohibit execution
of these two opcodes in `glyf' bytecode.
(TT_RunIns): Don't enforce reexecution of `fpgm' and `prep' bytecode
in case of error since function tables can no longer be modified
(due to the changes in `Ins_FDEF' and `Ins_IDEF'). This change can
enormously speed up handling of broken fonts.
* src/truetype/ttdriver.c (tt_size_request): Revert change from
2011-07-16; the intended metrics fix seems now to be implemented in
a different way, making the patch unnecessary. Note that this
change was usually patched out by all major GNU/Linux distributions
due to heavy side effects.
* src/truetype/ttgload.c (compute_glyph_metrics, TT_Load_Glyph):
Refer to the metrics of the `TT_Size' object.
At least on FreeBSD there is a global declaration of `index' in file
`/usr/include/strings.h'.
* src/cff/cf2intrp.c, src/truetype/ttgload.c: s/index/idx/ where
appropriate.
* src/sfnt/ttkern.c (tt_face_load_kern): Don't check for
cross-stream kerning tables since we reject format 2 tables later
on anyways.
Modify code for limit test...
(tt_face_get_kerning): ... to avoid a limit test here.
Reported by Alexander Hedges <ahedges@student.ethz.ch>.
* src/pcf/pcfdrivr.c (pcf_property_set, pcf_property_get): Tag
`property_name' with `FT_UNUSED' where necessary.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=935
* src/psaux/t1decode.c (t1_decoder_parse_charstrings)
<callothersubr>: Since there is not a single flex operator but a
series of subroutine calls, malformed fonts can call arbitrary other
operators after the start of a flex, possibly adding points. For
this reason we have to check the available number of points before
inserting a point.
* src/base/ftmm.c (FT_Set_Var_Design_Coordinates,
FT_Set_MM_Blend_Coordinates, FT_Set_Var_Blend_Coordinates): Ignore
return value of `ft_face_get_mvar_service'; instead, check whether a
service is actually returned.
Too much local variables holding different structures were called
`metrics'.
* src/truetype/ttdriver.c (tt_size_select): s/metrics/size_metrics/.
* src/truetype/ttgload.c (tt_get_metrics_incr_overrids,
compute_glyph_metrics): s/metrics/incr_metrics/.
(load_sbit_image): s/metrics/sbit_metrics/.
* src/truetype/ttobjs.c (tt_size_run_fpgm): s/metrics/size_metrics/.
(tt_size_init_bytecode): s/metrics/tt_metrics/.
(tt_size_reset): s/metrics/size_metrics/.
We have to make a separate case for Windows 64's LLP64 data model.
* builds/unix/ftconfig.in, builds/vms/ftconfig.h,
include/freetype/config/ftconfig.h (FT_UINT_TO_POINTER): New macro.
* src/truetype/ttgload.c (load_truetype_glyph): Use it.
* src/autofit/afcjk.c, src/autofit/afindic.c: Include `afcjk.h'
earlier.
* src/sfnt/sfobjs.c (sfnt_init_face): Put `memory' variable into
TT_CONFIG_OPTION_GX_VAR_SUPPORT block.
(sfnt_done_face): Protect some code with
TT_CONFIG_OPTION_GX_VAR_SUPPORT.
* src/sfnt/ttsbit.c (tt_face_load_sbix_image): Remove compiler
warning.
* src/truetype/ttgload.c (TT_Load_Simple_Glyph): Put `tmp' variable
into TT_USE_BYTECODE_INTERPRETER block.
(tt_loader_init): Put `error' variable into
TT_USE_BYTECODE_INTERPRETER block.
* src/base/ftsnames.c: Include FT_INTERNAL_DEBUG_H.
* src/cff/cffobjs.c [TT_CONFIG_OPTION_GX_VAR_SUPPORT]: Include
FT_MULTIPLE_MASTERS_H and FT_SERVICE_MULTIPLE_MASTERS_H.
* src/sfnt/sfdriver.c [TT_CONFIG_OPTION_GX_VAR_SUPPORT]: Include
FT_MULTIPLE_MASTERS_H and FT_SERVICE_MULTIPLE_MASTERS_H.
(get_win_string, get_apple_string): Initialize `result'.
* src/cff/cffload.c (cff_blend_build_vector): Explicitly build blend
vector when `lenNDV' is zero; don't rely on zero-init.
Save `lenNDV' as part of cache key even when `lenNDV' is zero.
This is inspired by the discussion in and analysis of
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=859
* src/tools/ftfuzzer/ftfuzzer.cc (LLVMFuzzerTestOneInput): Use only
up to 20 face indices.
Use only up to 20 instance indices.
Everything is guarded with TT_CONFIG_OPTION_GX_VAR_SUPPORT.
* include/freetype/internal/tttypes.h (TT_FaceRec): New fields
`var_postscript_prefix' and `var_postscript_prefix_len'.
* src/sfnt/sfdriver.c: Include FT_TRUETYPE_IDS_H.
(sfnt_is_alphanumeric): New wrapperfunction for `ft_isalnum'.
(get_win_string, get_apple_string): Remove `const' from return
value.
(MAX_VALUE_DESCRIPTOR_LEN, MAX_PS_NAME_LEN): New macros.
(hexdigits): New array.
(sfnt_get_var_ps_name): New function, implementing Adobe TechNote
5902 to construct a PS name for a variation font instance.
(sfnt_get_ps_name): Call `sfnt_get_var_ps_name' for font instances.
* src/sfnt/sfobjs.c (sfnt_done_face): Updated.
* src/truetype/ttgxvar.c (tt_set_mm_blend): Reset
`face->postscript_name' to trigger recalculation for new instance
parameters.
Add 128bit MurmurHash 3 function.
Everything is guarded with TT_CONFIG_OPTION_GX_VAR_SUPPORT.
* src/sfnt/sfdriver.c (ROTL32): New macro.
(fmix32, murmur_hash_3_128): New functions.
* include/freetype/internal/services/svmm.h (FT_Get_Var_Blend_Func):
Add `normalizedcoords' argument.
* src/truetype/ttgxvar.h (GX_BlendRec): Add `coords' field to store
the design coordinates of the current instance.
Updated.
* src/truetype/ttgxvar.c (TT_Set_MM_Blend): Move functionality to...
(tt_set_mm_blend): ... New function.
Convert data in `normalizedcoords' array to `coords' array on
demand.
(TT_Set_Var_Design): Store argument data in `coords' array.
(TT_Get_Var_Design): Get data from `coords' array.
(tt_get_var_blend): Updated.
(tt_done_blend): Updated.
* src/cff/cffload.c, src/cff/cffload.h (cff_get_var_blend): Updated.
* src/cff/cf2ft.c (cf2_getNormalizedVector): Updated.
* src/cff/cffobjs.c (cff_face_init): Updated.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=759
* src/sfnt/sfobjs.c (sfnt_init_face): While setting number of
instances to zero for `CFF' fonts table, ensure that there is no
`CFF2' present also (which gets priority).