Commit Graph

8068 Commits

Author SHA1 Message Date
Werner Lemberg ec378cecaf tttables.h (FT_Get_CMap_Format): Minor documentation improvement. 2024-08-07 21:23:44 +02:00
Alexei Podtelezhnikov 1f72a120a9 * src/truetype/ttgxvar.c (ft_var_readpacked*): Minor. 2024-08-05 13:05:51 +00:00
Alexei Podtelezhnikov e181911d87 * src/base/ftstream.c (FT_Stream_ReadFields): Switch to `FT_Offset`. 2024-08-05 13:02:04 +00:00
Alexei Podtelezhnikov a48cdddef3 * src/winfonts/winfnt.c (fnt_face_get_dll_font): Unwrap arithmetic. 2024-08-01 21:15:46 -04:00
Alexei Podtelezhnikov 72e199e8d3 * src/base/ftstream.c (FT_Stream_ReadFields): Update condition. 2024-08-01 21:12:41 -04:00
Alexei Podtelezhnikov 7c75b8a7bd [truetype/GX] Use more robust conditions.
* src/truetype/ttgxvar.c (ft_var_readpacked{points,deltas}): Rewrite
conditions to avoid undefined behavior.
2024-08-01 19:14:44 -04:00
Alexei Podtelezhnikov 5e116bb0dc [truetype/GX] Read points and deltas more carefully.
Hopefully fixes newly introduced buffer overflows:
  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=70807
  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=70809

* src/truetype/ttgxvar.c (ft_var_readpacked{points,deltas}): Explicitly
check stream frame limits and modify run counting.
2024-07-30 21:51:51 -04:00
Alexei Podtelezhnikov 104f85448d [truetype/GX] Read stream more aggressively.
With ample checks against the table size, we should be able to use
macros without the limit checks and functional calls.

* src/truetype/ttgxvar.c (ft_var_readpacked{points,deltas}):
Use FT_NEXT_* instead of FT_GET_*.
2024-07-29 20:26:00 -04:00
Alexei Podtelezhnikov 3f8edd234d * src/sfnt/ttload.c (tt_face_load_name): Shorten dereference. 2024-07-28 20:56:07 -04:00
Alexei Podtelezhnikov d42bffd4a0 * src/autofit/afmodule.c (af_autofitter_load_glyph): Shorten deref. 2024-07-28 20:32:41 -04:00
Alexei Podtelezhnikov 2488854056 [bdf,pcf,winfonts,sfnt] Remove barely used marcros.
* include/freetype/internal/ftobjs.h (FT_FACE_SIZE, FT_SIZE_FACE):
Removed.
* src/bdf/bdfdrivr.c (BDF_Glyph_Load): Updated.
* src/pcf/pcfdrivr.c (PCF_Glyph_Load): Ditto.
* src/winfonts/winfnt.c (FNT_Load_Glyph): Ditto
* src/sfnt/ttbdf.c (tt_face_find_bdf_prop): Ditto.
2024-07-28 19:42:49 -04:00
Dan Rosser 97069edd16 * include/freetype/internal/ftcalc.h (FT_MSB)[_M_ARM64EC]: Added. 2024-07-27 20:41:25 +00:00
Werner Lemberg 1452355de9 * src/truetype/ttobjs.c (tt_size_run_prep): Correct scaling of CVT values.
This reverts the scaling behaviour introduced in commit 37580053.

Fixes issue #1005.
2024-07-19 22:35:37 +02:00
Philip Race 37cefe33b2 * psobjs.c (ps_table_add): Check length before calling `FT_MEM_CPY`.
Fixes issue #1280.
2024-06-29 05:17:14 +02:00
Don Olmstead 2280346192 CMakeLists.txt: Respect FT_DISABLE_ZLIB value
The CMake build uses `find_package` to look for dependencies. Before calling `find_package` it looks to see if the dependency was disabled. If not the associated `_FOUND` variable will be set. This value is then checked to determine if the dependency is added.

However `find_package(PNG)` calls `find_package(ZLIB)` within its find module. So in the case of `FT_DISABLE_ZLIB=TRUE` and `FT_DISABLE_PNG=FALSE` the `ZLIB_FOUND` value can be set and even though `FT_DISABLE_ZLIB` is turned on.

Unset the value of `ZLIB_FOUND` after the call to `find_package(PNG)` so the value is only set when `FT_DISABLE_ZLIB` is turned off.
2024-06-28 17:46:15 -07:00
Werner Lemberg bab9564a97 Make 'multi' build work again.
* src/psaux/psobjs.c: Include `psft.h`.

* src/sfnt/rules.mk (SFNT_DRV_SRC): Add `ttgpos.c`.

Fixes issue #1284.
2024-06-26 05:41:36 +02:00
Alexei Podtelezhnikov 73720c7c99 * src/truetype/ttgload.c (load_truetype_glyph): Unsigned fix. 2024-06-23 10:58:00 -04:00
Alexei Podtelezhnikov 044d142be7 Use unsigned tags `FT_Outline`.
This change comes along with 2a7bb4596f ans is only meant to reduce
pointer casting in the code.

* include/freetype/ftimage.h (FT_Outline): Do it.
* src/*: Update `FT_Outline` users.
2024-06-20 22:16:51 -04:00
Ben Wagner b1cbcb2045 [ttgxvar] Avoid "applying zero offset to null pointer"
In C it is undefined behavior to do arithmetic on a null pointer, including
adding zero. When using NotoSansKhmer[wdth,wght].ttf UBSAN produces a report
like

ttgxvar.c:1052:31: runtime error: applying zero offset to null pointer

when adding zero to `varData->deltaSet` (which is null) to produce `bytes`.
Protect against all the potential issues of this kind by returning early if
`varData->regionIdxCount == 0`.

* src/truetype/ttgxvar.c (tt_var_get_item_delta): early return on no regions
2024-06-21 01:41:40 +00:00
Alexei Podtelezhnikov 2a7bb4596f Use unsigned point and contour indexing in `FT_Outline`.
This doubles the number or allowed points, see
    https://github.com/harfbuzz/harfbuzz/issues/4752

Although it is hardly practical to use more than 32767 points,
other font engines seem to support it.

* docs/CHANGES: Announce it.
* include/freetype/ftimage.h (FT_Outline): Do it and update limits.
* src/*: Update `FT_Outline` users.
2024-06-20 20:49:56 -04:00
Alexei Podtelezhnikov 2b9fdec5fa * src/pfr/pfrgload.c (pfr_glyph_curve_to): Avoid casting. 2024-06-19 21:38:58 -04:00
Alexei Podtelezhnikov 7a753c9653 * src/base/ftgloadr.c (FT_GlyphLoader_Prepare): Minor refactoring. 2024-06-18 21:14:58 -04:00
Alexei Podtelezhnikov 93a067e312 [base, autofit, psaux] Remove unnecessary casting.
* src/autofit/afhints.c (af_glyph_hints_reload): Remove (short) casting.
* src/base/ftgloadr.c (FT_GlyphLoader_Add): Ditto.
* src/psaux/psobjs.c ({t1,cff,ps}_builder_{add,close}_contour): Ditto.
2024-06-18 17:48:41 +00:00
Alexei Podtelezhnikov deba7feb57 * include/freetype/ftimage.h: Explain standard types. 2024-06-18 14:01:58 +00:00
Ben Wagner d41a855aab [ttgxvar] Replace tabs with spaces
Also clarify comments around conversion and clamping.

* src/truetype/ttgxvar.c (ft_var_to_normalized): doit
2024-05-29 17:01:29 -04:00
Alexei Podtelezhnikov 7ff43d3e9f [truetype/GX] Consolidate memory allocations.
* src/truetype/ttgxvar.c (tt_face_vary_cvt, TT_Vary_Apply_Glyph_Deltas):
Allocate and split bigger memory blocks, avoid unnecessary zeroing,
do not copy shared tuples, revise error exit paths.
2024-05-26 19:40:20 -04:00
Alexei Podtelezhnikov 3416ac16d0 Whitespace. 2024-05-26 08:10:21 -04:00
Alexei Podtelezhnikov b6dbbd9630 * src/truetype/ttgxvar.c (ft_var_apply_tuple): Reduce checks. 2024-05-24 17:38:14 +00:00
Alexei Podtelezhnikov 70299c924f Revert "[truetype] Reduce allocation scope."
This reverts commit 9ff4153cbf.
2024-05-23 22:50:32 -04:00
Alexei Podtelezhnikov 9ff4153cbf [truetype] Reduce allocation scope.
* src/truetype/ttgxvar.c (TT_Vary_Apply_Glyph_Deltas): Reduce scope
of `points_org` and 'points_out`.
2024-05-22 23:38:34 -04:00
Alexei Podtelezhnikov (Алексей Подтележников) a498873652 * .gitlab-ci.yml: Disable UWP compilation. 2024-05-23 03:05:59 +00:00
Alexei Podtelezhnikov 42d406ab04 * include/freetype/internal/ftmemory.h (FT_MEM_DUP): Fix g++ error. 2024-05-22 21:08:34 -04:00
Alexei Podtelezhnikov 5f131cfd20 [cff, truetype] Validate variation axes immediately.
Instead of validating variation axes in every access, OpenType specs
suggest that peak = 0 be used to tag invalid ranges.  This implements
just that once during loading.

* src/cff/cffload.c (cff_blend_build_vector): Move the range checks...
(cff_vstore_load): ... here.
* src/truetype/ttgxvar.c (tt_var_get_item_delta): Ditto...
(tt_var_load_item_variation_store): ... ditto.
2024-05-21 16:24:43 -04:00
Alexei Podtelezhnikov 99be2b3154 [cff, truetype] Rearrange variation range checks.
This should achieve quicker results for common cases.

* src/cff/cffload.c (cff_blend_build_vector): Rearrange conditionals.
* src/truetype/ttgxvar.c (tt_var_get_item_delta): Ditto.
2024-05-21 18:26:09 +00:00
Alexei Podtelezhnikov 347276c1f6 * src/truetype/ttgxvar.c (tt_var_get_item_delta): Align with specs. 2024-05-21 13:12:45 +00:00
Alexei Podtelezhnikov 39f2fbf80c * src/truetype/ttgxvar.c (tt_var_get_item_delta): Minor refactoring. 2024-05-20 22:47:14 -04:00
Alexei Podtelezhnikov 4ccdc9f982 [cff] Optimize the blend vector computations.
* src/cff/cffload.c (cff_blend_build_vector): Use FT_MulDiv and skip
multiplying by 1.
2024-05-20 18:53:57 -04:00
Alexei Podtelezhnikov b25265fe55 [bdf] Use concise macros.
* src/bdf/bdflib.c (bdf_create_property): Use FT_STRDUP.
(bdf_parse_glyphs_, bdf_parse_start_): Use FT_DUP for brevity.
2024-05-19 22:58:23 -04:00
Alexei Podtelezhnikov 026fd5d4f0 [cache] Use FT_DUP to duplicate data.
* src/cache/ftcsbits.c (ftc_sbit_copy_bitmap): Use concise FT_MEM_DUP.
2024-05-19 22:54:57 -04:00
Alexei Podtelezhnikov d7cf931ac6 [truetype, type1] Use FT_DUP to duplicate data.
* src/truetype/ttgload.c (TT_Load_Simple_Glyph): Use concise FT_DUP.
* src/truetype/ttgxvar.c (TT_Get_MM_Var): Ditto.
* src/type1/t1load.c (parse_subrs): Ditto.
2024-05-19 22:48:13 -04:00
Alexei Podtelezhnikov cdd3572e52 * builds/windows/ftsystem.c: Use _WINRT_DLL to check for UWP.
Fixes compilation using Windows GDK, reported by Erin Melucci.
2024-05-17 22:25:00 -04:00
Alexei Podtelezhnikov 68399b4244 * include/freetype/ftmm.h: Include `freetype.h`.
Reported by Ben Wagner, see !326.
2024-05-13 16:57:35 +00:00
Alexei Podtelezhnikov b8db819768 [type1/MM] Safer handle arrays of different types.
* src/type1/t1load.c (parse_blend_design_map): Separately allocate...
(T1_Done_Blend): ... and free `design_points` and `blend_points`.
2024-05-12 22:38:38 -04:00
Alexei Podtelezhnikov 5b1cde804d * src/type1/t1load.c (parse_blend_design_map): Add risky cast. 2024-05-11 23:27:34 -04:00
Alexei Podtelezhnikov e834786b34 * docs/CHANGES: Mention the last commit. 2024-05-11 23:25:37 -04:00
Alexei Podtelezhnikov 4a85db7e31 [type1/MM] Tighten headers.
* include/freetype/internal/t1types.h: Host PS_DesignMap and PS_Blend.
* include/freetype/ftmm.h: Host and document TT_MAX_MM_XXX.
* include/freetype/t1tables.h: Remove them from here.
2024-05-11 22:19:25 -04:00
Alexei Podtelezhnikov b875924a6f * src/pshinter/pshrec.c (ps_hints_stem): Correct argument. 2024-05-10 23:01:23 -04:00
Ben Wagner a46424228f [psaux] Fix location and type order in initializer
`T1_FIELD_ZERO` is used to zero initialize a `T1_FieldRec`.
`T1_FIELD_ZERO` is currently initilizing `T1_FieldRec::location` with a
`T1_FieldType` and `T1_FieldRec::type` with a `T1_FieldLocation`. This
was detected with `-Wenum-conversion`.

* include/freetype/internal/psaux.h (T1_FIELD_ZERO): correct order of
initalizers
2024-05-08 11:36:18 -04:00
Alexei Podtelezhnikov 1264b84c08 * include/freetype/internal/psaux.h: Fix g++ warning.
Reported by Hin-Tak Leung.
2024-05-07 23:35:59 -04:00
Ben Wagner 5858fa16ca [colr] Avoid overflow in range checks
In 32 bit builds `FT_ULong` is 32 bits and can silently overflow when a
large number is read into one and then it is summed or multiplied with
another number.  Checks for range overflow must be written so that they
themselves do not overflow.  Also ensure that the table_size is always the
first part of the range check and consistently use `<` or `<=`.

* src/sfnt/ttcolr.c (tt_face_load_colr): Avoid overflow.
(find_base_glyph_v1_record): Remove old work-around.

Bug: https://issues.chromium.org/issues/41495455
Bug: https://issues.chromium.org/issues/40945818
2024-05-08 05:01:16 +02:00