Fallout reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=40027
* src/bdf/bdflib.c (_bdf_add_property): Cosmetic NULL.
(bdf_create_property): Limit allocations to customary signed
FT_Long and NULL-initialize unused storage.
(bdf_free_font): Do not free unused storage.
FT_QNEW_ARRAY and FT_QRENEW_ARRAY were using the non-Q
FT_MEM_NEW_ARRAY and FT_MEM_RENEW_ARRAY. Change these to use the Q
versions. Also fix the one issue discovered in tt_face_load_name
where table->names is created with FT_QNEW_ARRAY but the extra
string member is not initialized to NULL.
* include/freetype/internal/ftmemory.h (FT_Q(RE)NEW_ARRAY):
Use FT_MEM_Q(RE)NEW_ARRAY as needed.
* src/sfnt/ttload.c (tt_face_load_name): Initialize `entry->string`.
When a different hinting mode from the current is selected, the `prep` table
must be re-executed with the new mode. After this happens the context must
be re-loaded in preparation for the glyph program to be run.
Fixes#1104.
* truetype/ttgload.c (tt_loader_init): Add call to `TT_Load_Context`.
These two are not equal when FreeType is used as a subproject, such as in
`freetype-demos`. In that case, `source_root` points at the root project,
causing the docs build to fail.
* builds/unix/ftsystem.c (FT_Stream_Open): Check for MAP_FAILED.
* builds/vms/ftsystem.c (FT_Stream_Open): Ditto.
This should cover https://savannah.nongnu.org/patch/?5909 as well.
`autogen.sh` fails if building from a standard source tarball. Firstly, git
expects to be called in a git repository, then `copy_submodule_files`
blindly attempts to copy files.
Debian, Ubuntu, Linux Mint, and other derivatives all run `autogen.sh`
before compiling to regenerate build files.
This patch ensures that various git commands are only called and 'dlg' files
are only copied if `autogen.sh` is called from a git repository.
It is easier to check directions using flags than integer values.
* src/pshinter/pshalgo.h (PSH_Dir): Redefine directions.
(PSH_PointRec): Use them as an enum type.
* src/pshinter/pshalgo.c (psh_compute_dir): Modify return type.
(psh_glyph_init, psh_hint_table_find_strong_points,
psh_glyph_find_blue_points): Update users.
* builds/unix/ftconfig.h.in [FT_USE_AUTOCONF_SIZEOF_TYPES]: Removed.
* builds/unix/configure.raw: Remove AC_CHECK_SIZEOF and update.
After this commit, autoconf builds will fully rely on <limits.h>
rather than falling back on it if AC_CHECK_SIZEOF failed for some
reason. There is a risk that misconfigured cross-compilation might
have wrong headers. Note that Meson and CMake builds always relied on
<limits.h> for sizes and availability of integer types.
Signed 24-bit values are extremely rare. FreeType only reads them in
PFR fonts with bitmap strikes conditionally. They have not been seen
in the known fonts. That is why this bug could never be discovered.
`FT_FRAME_OFF3` propagates sign correctly.
* include/freetype/internal/ftstream.h (FT_PEEK_OFF3, FT_PEEK_OFF3_LE):
Propagate sign into 32-bit value.
(FT_GET_OFF3, FT_READ_OFF3): Needed fixing but removed as unused.
BDF comments are neither actually collected nor retrieved. There is
no need to be fancy with delimiters.
* src/bdf/bdflib.c (_add_bdf_comment): Delimit comments with zeros...
(bdf_load_font): ...and do not null-terminate comments additionally.
(_bdf_parse_glyphs): Check if comments are kept, which they are not.
(_bdf_parse_start): Minor clean up.
* src/pcf/pcfread.c (pcf_load_font): Do not call `FT_MulDiv` for a
small job.
* src/bdf/bdfdrivr.c (BDF_Face_Init): Ditto.
* src/bdf/bdflib.c (_bdf_parse_glyphs): Fix a comment.
With Windows memory management tracking heap, it is important to use
it during the stream opening fallback. In Unix, the argument is
unused, but it is better to set it correctly.
* src/base/ftobjs.c (FT_Stream_New): Set memory before calling
`FT_Stream_Open`.
* builds/windows/ftsystem.c, builds/unix/ftsystem.c (FT_Stream_Open,
ft_close_stream_by_free): Call `ft_alloc` and `ft_free` with proper
memory argumment.
Calling `CreateFileW` without making sure that the patname is really
`wchar_t` is a bad idea and can lead to unpredictable overreads. For
Windows CE, we impelemnt the missing API.
Fixes#1098 and !76 again.
* builds/windows/ftsystem.c (FT_Stream_Open): Call `CreateFileA`.
[_WIN32_WCE] (CreateFileA, FileSizeEx): Implement missing interfaces.
Windows handles wchar_t* UTF-16 and char* ANSI (presently UTF-8)
filenames using alternative -A and -W API. We'll try them both
when opening a file. This means that you should not worry about
about conversions.
Fixes#1098 and !76.
* builds/windows/ftsystem.c (FT_Stream_Open): Call alternative
`CreateFile` in the case of failure.
Werner Lemberg