Commit Graph

2224 Commits

Author SHA1 Message Date
Werner Lemberg
e017639710 Make ftgrays.c compile stand-alone again.
* src/smooth/ftgrays.c [_STANDALONE_]: Include `stddef.h'.
(FT_INT_MAX, FT_PtrDist)[_STANDALONE_]: Define.
2010-07-03 15:31:38 +02:00
suzuki toshiya
b2ea64bcc6 Additional fix for Savannah bug #30306.
* src/base/ftobjs.c (Mac_Read_POST_Resource): If the type
of the POST fragment is 0, the segment is completely ignored.
The declared length of the segment is not cared at all.
According to Adobe Technical Note 5040, type 0 segment is
comment only and should not be loaded for the interpreter.
Reported by Robert Swiecki.
2010-07-02 18:19:39 +09:00
Werner Lemberg
c2dabdeed0 Merge branch 'master' of git.sv.gnu.org:/srv/git/freetype/freetype2
Conflicts:
	ChangeLog
2010-07-02 01:27:49 +02:00
suzuki toshiya
5ef20c8c1d Initial fix for Savannah bug #30306.
* src/base/ftobjs.c (Mac_Read_POST_Resource): Check `rlen'
the length of fragment declared in the POST fragment header
and prevent an underflow in length calculation. Some fonts
set the length to zero in spite of the exist of following
16bit `type'. Reported by Robert Swiecki.
2010-07-01 18:39:04 +09:00
Werner Lemberg
a2d225e322 [truetype] Protect against code range underflow.
* src/truetype/ttinterp.c (DO_JROT, DO_JMPR, DO_JROF): Don't allow
negative IP values.
2010-07-01 11:37:09 +02:00
Werner Lemberg
462ddb4072 [truetype] Add rudimentary tracing for bytecode instructions.
* src/truetype/ttinterp.c (opcode_name) [FT_DEBUG_LEVEL_TRACE]: New
array.
(TT_RunIns): Trace opcodes.
2010-07-01 11:28:43 +02:00
suzuki toshiya
f29f741efb Additional fix for Savannah bug #30248 and #30249.
* src/base/ftobjs.c (Mac_Read_POST_Resource): Check the buffer
size during gathering PFB fragments embedded in LaserWriter PS
font for Macintosh. Reported by Robert Swiecki.
2010-07-01 17:32:40 +09:00
Werner Lemberg
6305b869d8 Fix Savannah bug #30263.
* src/smooth/ftgrays.c (gray_render_span): Use cast to `unsigned
int' to avoid integer overflow.

* src/smooth/ftsmooth.c (ft_smooth_render_generic): Use smaller
threshold values for `width' and `height'.  This is not directly
related to the bug fix but makes sense anyway.
2010-06-30 18:24:33 +02:00
Werner Lemberg
0ae6cf214f Minor optimizations by avoiding divisions.
* src/sfnt/ttkern.c (tt_face_load_kern, tt_face_get_kerning):
Replace divisions with multiplication in comparisons.
2010-06-30 10:26:48 +02:00
Werner Lemberg
ae425e5189 Fix minor tracing issues.
* src/cff/cffgload.c, src/truetype/ttgload.c: Adjust tracing levels.
2010-06-29 12:31:08 +02:00
Werner Lemberg
18b552f6ae [cff] Really fix hintmask' and cntrmask' limit check.
* src/cff/cffgload.c (cff_decoder_parse_charstrings)
<cff_op_hintmask>: Fix thinko and handle tracing also.
2010-06-27 15:41:02 +02:00
Werner Lemberg
8bebaa74cc Fix valgrind warning.
* src/base/ftoutln.c (FT_Outline_Get_Orientation): Initialize
`result' array.
2010-06-27 15:10:15 +02:00
Werner Lemberg
4f7851e3d2 [cff] Fix memory leak.
* src/cff/cffgload.c (cff_operator_seac): Free charstrings even in
case of errors.
2010-06-27 13:03:54 +02:00
Werner Lemberg
e9f0cdb6c0 [cff] Protect against invalid hintmask' and cntrmask' operators.
* src/cff/cffgload.c (cff_decoder_parse_charstrings)
<cff_op_hintmask>: Ensure that we don't exceed `limit' while parsing
the bit masks of the `hintmask' and `cntrmask' operators.
2010-06-27 12:34:19 +02:00
Werner Lemberg
1c70fcbc0a Fix PFR change 2010-06-24.
* src/pfr/pfrgload.c (pfr_glyph_load_simple): Really protect against
invalid indices.
2010-06-27 00:43:23 +02:00
Werner Lemberg
91ea0bf80d Improve PFR tracing messages.
* src/pfr/pfrgload.c (pfr_glyph_load_rec): Emit tracing messages for
simple and compound glyph offsets.
2010-06-26 22:46:38 +02:00
Werner Lemberg
82ad8ab242 Fix last PFR change.
* src/pfr/pfrobjs.c (pfr_face_init): Fix rejection logic.
2010-06-26 09:45:41 +02:00
Werner Lemberg
7d91173643 Fix Savannah bug #30262.
* src/sfnt/ttload.c (tt_face_load_maxp): Limit `maxComponentDepth'
arbitrarily to 100 to avoid stack exhaustion.
2010-06-26 09:29:51 +02:00
Werner Lemberg
75787c19ea Add some memory checks (mainly for debugging).
* src/base/ftstream.c (FT_Stream_EnterFrame): Exit with error
if the frame size is larger than the stream size.

* src/base/ftsystem.c (ft_ansi_stream_io): Exit with error if
seeking a position larger than the stream size.
2010-06-26 09:24:08 +02:00
Werner Lemberg
ea5babaa67 Fix Savannah bug #30261.
* src/pfr/pfrobjs.c (pfr_face_init): Reject fonts which contain
neither outline nor bitmap glyphs.
2010-06-25 22:44:37 +02:00
Werner Lemberg
e23ba91af7 Fix Savannah bug #30254.
* src/cff/cffload.c (cff_index_get_pointers): Do sanity check for
first offset also.
2010-06-25 21:55:14 +02:00
suzuki toshiya
c69891a134 Initial fix for Savannah bug #30248 and #30249.
* src/base/ftobjs.c (Mac_Read_POST_Resource): Check the error during
reading a PFB fragment embedded in LaserWriter PS font for Macintosh.
Reported by Robert Swiecki.
2010-06-25 10:48:12 +09:00
Werner Lemberg
6fc12943e9 Fix Savannah bug #30247.
* src/pcf/pcfread.c (pcf_get_metrics): Disallow (invalid) fonts with
zero metrics.
2010-06-24 20:20:26 +02:00
Graham Asher
e419f48b40 * src/smooth/ftgrays.c (gray_render_cubic): Fix algorithm.
The previous version was too aggressive, as demonstrated in
http://lists.gnu.org/archive/html/freetype-devel/2010-06/msg00020.html.
2010-06-24 12:50:46 +02:00
Werner Lemberg
f765e4403c */*: Use module specific error names where appropriate. 2010-06-24 10:34:29 +02:00
Werner Lemberg
8b1c34da4c Fix Savannah bug #30236.
* src/sfnt/ttcmap.c (tt_face_build_cmaps): Improve check for pointer
to `cmap_table'.
2010-06-24 08:48:10 +02:00
Werner Lemberg
3cf87f4d27 Fix Savannah bug #30235.
* src/pfr/pfrgload.c (pfr_glyph_load_simple): Protect against
invalid indices if there aren't any coordinates for indexing.
2010-06-24 08:20:56 +02:00
Werner Lemberg
b21d7bc567 [bdf]: Font properties are optional.
* src/bdf/bdflib.c (_bdf_readstream): Use special error code to
indicate a redo operation.
(_bdf_parse_start): Handle `CHARS' keyword here too and pass current
input line to `_bdf_parse_glyph'.
2010-06-24 07:40:49 +02:00
Werner Lemberg
fb69029a7a Fix Savannah bug #30220.
* include/freetype/fterrdef.h
(BDF_Err_Missing_Fontboundingbox_Field): New error code.

* src/bdf/bdflib.c (_bdf_parse_start): Check for missing
`FONTBOUNDINGBOX' field.
Avoid memory leak if there are multiple `FONT' lines (which is
invalid but doesn't hurt).
2010-06-23 10:00:52 +02:00
Werner Lemberg
ddc4b136d6 Fix Savannah bug #30168.
* src/pfr/pfrgload.c (pfr_glyph_load_compound): Limit the number of
subglyphs to avoid endless recursion.
2010-06-21 09:28:32 +02:00
Werner Lemberg
90b07bd541 Fix Savannah bug #30145.
* src/psaux/psobjs.c (t1_builder_add_contour): Protect against
`outline == NULL' which might happen in invalid fonts.
2010-06-20 16:27:36 +02:00
Werner Lemberg
f4c94d4b5f Fix Savannah bug #30135.
* src/bdf/bdflib.c (_bdf_list_join): Don't modify value in static
string `empty'.
(_bdf_parse_glyph): Avoid memory leak in case of error.
2010-06-19 16:08:31 +02:00
Werner Lemberg
5d86cdce7e Fix Savannah bug #30108.
* src/autofit/afglobal.c (af_face_globals_compute_script_coverage):
Properly mask AF_DIGIT bit in comparison.
2010-06-15 08:29:30 +02:00
Werner Lemberg
8d22746c9e Fix Savannah bug #30106.
Point numbers for FreeType's implementation of hinting masks are
collected before the final number of points of a glyph has been
determined; in particular, the code for handling the `endchar'
opcode can reduce the number of points.

* src/pshinter/pshalgo.c (psh_glyph_find_strong_points): Assure that
`end_point' is not larger than `glyph->num_points'.
2010-06-12 01:32:20 +02:00
Werner Lemberg
3624110cc2 [cff]: Improve debugging output.
* src/cff/cffgload.c (cff_decoder_parse_charstrings)
<cff_op_hintmask>: Implement it.
2010-06-11 23:00:22 +02:00
Graham Asher
7fb3ef64a2 ftgrays: Speed up rendering of small cubic splines.
* src/smooth/ftgrays.c (gray_render_cubic): Implement new,
simplified algorithm to find out whether the spline can be replaced
with two straight lines.  See this thread for more:

  http://lists.gnu.org/archive/html/freetype-devel/2010-06/msg00000.html
2010-06-10 08:10:57 +02:00
Werner Lemberg
7d3d2cc4fe Fix Savannah bug #30082.
* src/cff/cffgload.c (cff_decoder_parse_charstrings)
<cff_op_callothersubr>: Protect against stack underflow.
2010-06-09 09:14:09 +02:00
Werner Lemberg
a4124bf088 Fix Savannah bug #30053.
* src/cff/cffparse (cff_parse_real): Handle border case where
`fraction_length' has value 10.
2010-06-08 09:21:39 +02:00
Werner Lemberg
d087199f2c Fix Savannah bug #30052.
This bug has been introduced with commit 2415cbf3.

* src/base/ftobjs.c (FT_Get_First_Char, FT_Get_Next_Char): Protect
against endless loop in case of corrupted font header data.
2010-06-07 08:46:01 +02:00
Werner Lemberg
c217bf19f0 Remove unused variable.
Found by Graham.

* src/autofit/afhints.c (af_glyph_hints_reload): Remove unused
variable `first' in first block.
2010-05-26 16:16:34 +02:00
Werner Lemberg
e30de299f2 Fix various memory problems found by linuxtesting.org.
* src/base/ftgxval.c (FT_TrueTypeGX_Free, FT_ClassicKern_Free),
src/base/ftotval.c (FT_OpenType_Free), src/base/ftpfr.c
(ft_pfr_check): Check `face'.

* src/base/ftobjs.c (FT_Get_Charmap_Index): Check `charmap' and
`charmap->face'.
(FT_Render_Glyph): Check `slot->face'.
(FT_Get_SubGlyph_Info): Check `glyph->subglyphs'.

Improve API documentation.
2010-05-22 20:03:41 +02:00
Werner Lemberg
09344385ee autofit: Remove dead code.
Suggested by Graham.

* src/autofit/afhints.c (af_glyph_hints_compute_inflections):
Removed.
(af_glyph_hints_reload): Remove third argument.
Update all callers.
2010-05-22 07:43:22 +02:00
Bram Tassyns
d7cc8f499a Fix Savannah bug #27987.
* src/cff/cffobjs.c (remove_subset_prefix): New function.
(cff_face_init): Use it to adjust `cffface->family_name'.
2010-05-21 10:14:58 +02:00
Werner Lemberg
6da023d1ff TrueType: Make FreeType ignore maxSizeOfInstructions in `maxp'.
Acroread does the same.

* src/truetype/ttgload.c (TT_Process_Composite_Glyph): Call
`Update_Max' to adjust size of instructions array if necessary and
add a rough safety check.

(load_truetype_glyph): Save `loader->byte_len' before recursive
call.

* src/truetype/ttinterp.h, src/truetype/ttinterp.c (Update_Max):
Declare it as FT_LOCAL.
2010-05-20 15:38:00 +02:00
Hongbo Ni
236fc8e15a Apply patch #7196.
* src/cff/cffgload.c (cff_slot_load): Prevent crash if CFF subfont
index is out of range.
2010-05-18 11:00:39 +02:00
Werner Lemberg
4c66924440 * docs/formats.txt: Give pointer to PCF documentation.
Information provided by Alan Coopersmith
<alan.coopersmith@oracle.com>.
2010-05-11 07:24:28 +02:00
Ken Sharp
88169b107a Fix Savannah bug #29846.
Previously we discovered fonts which used `setcurrentpoint' to set
the initial point of a contour to 0,0.  This caused FreeType to
raise an error, because the `setcurrentpoint' operator is only
supposed to be used with the results from an OtherSubr subroutine.

This was fixed by simply ignoring the error and carrying on.

Now we have found a font which uses setcurrentpoint to actually
establish a non-zero point for a contour during the course of a
glyph program.  FWIW, these files may be produced by an application
called `Intaglio' on the Mac, when converting TrueType fonts to
Type 1.

The fix allows the new invalid behaviour, the old invalid behaviour
and real proper usage of the operator to work the same way as Adobe
interpreters apparently do.

(t1_decoder_parse_charstrings): Make `setcurrentpoint' use the top
two elements of the stack to establish unconditionally the current x
and y coordinates.

Make the `flex' subroutine handling (OtherSubr 0) put the current
x,y coordinates onto the stack, instead of two dummy uninitialised
values.
2010-05-11 00:03:33 +02:00
Ken Sharp
54e63755f3 Fix Savannah bug #29444.
* src/psaux/psobjs.c (t1_builder_start_point): Accept (invalid)
`lineto' immediately after `hsbw', in accordance with Acrobat, GS,
and others.
2010-04-14 23:38:35 +02:00
Michał Cichoń
08e254e0a6 Fix Savannah bug #27999.
* src/cache/ftcmanag.c (FTC_Manager_RemoveFaceID): Only remove
selected entry, not all.
2010-04-14 21:25:30 +02:00
Jonathan Kew
25e742c573 Add overflow check to `fvar' table.
* src/truetype/ttgxvar.c (TT_Get_MM_Var): Check axis and instance
count.
2010-04-06 16:42:56 +02:00