Commit 6862024854c64d7f7bbb80d4909c19a45c4f7d9a
2016-12-16T11:15:17
[cff, truetype] Remove compiler warnings; fix `make multi'. * src/cff/cf2font.h: Include `cffload.h'. * src/cff/cffload.c: Include FT_MULTIPLE_MASTERS_H and FT_SERVICE_MULTIPLE_MASTERS_H. (cff_vstore_load): Eliminate `vsSize'. (cff_load_private_dict): Tag as `FT_LOCAL_DEF'. * src/cff/cffload.h: Include `cffobjs.h'. Provide declaration for `cff_load_private_dict'. * src/truetype/ttgxvar.c (ft_var_load_hvar): Eliminate `minorVersion' and `map_offset'.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146
diff --git a/ChangeLog b/ChangeLog
index 1243bd4..8fed6a2 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,22 @@
2016-12-16 Werner Lemberg <wl@gnu.org>
+ [cff, truetype] Remove compiler warnings; fix `make multi'.
+
+ * src/cff/cf2font.h: Include `cffload.h'.
+
+ * src/cff/cffload.c: Include FT_MULTIPLE_MASTERS_H and
+ FT_SERVICE_MULTIPLE_MASTERS_H.
+ (cff_vstore_load): Eliminate `vsSize'.
+ (cff_load_private_dict): Tag as `FT_LOCAL_DEF'.
+
+ * src/cff/cffload.h: Include `cffobjs.h'.
+ Provide declaration for `cff_load_private_dict'.
+
+ * src/truetype/ttgxvar.c (ft_var_load_hvar): Eliminate
+ `minorVersion' and `map_offset'.
+
+2016-12-16 Werner Lemberg <wl@gnu.org>
+
[cff] Fix heap buffer overflow (#49858).
* src/cff/cffparse.c (cff_parser_run): Add one more stack size
diff --git a/src/cff/cf2font.h b/src/cff/cf2font.h
index 1b62417..17ecd17 100644
--- a/src/cff/cf2font.h
+++ b/src/cff/cf2font.h
@@ -42,6 +42,7 @@
#include "cf2ft.h"
#include "cf2blues.h"
+#include "cffload.h"
FT_BEGIN_HEADER
diff --git a/src/cff/cffload.c b/src/cff/cffload.c
index e930bbc..b9e052d 100644
--- a/src/cff/cffload.c
+++ b/src/cff/cffload.c
@@ -23,6 +23,11 @@
#include FT_TRUETYPE_TAGS_H
#include FT_TYPE1_TABLES_H
+#ifdef TT_CONFIG_OPTION_GX_VAR_SUPPORT
+#include FT_MULTIPLE_MASTERS_H
+#include FT_SERVICE_MULTIPLE_MASTERS_H
+#endif
+
#include "cffload.h"
#include "cffparse.h"
@@ -1126,15 +1131,15 @@
/* no offset means no vstore to parse */
if ( offset )
{
- FT_UInt vsSize; /* currently unused */
FT_UInt vsOffset;
FT_UInt format;
FT_ULong regionListOffset;
- /* we need to parse the table to determine its size */
+ /* we need to parse the table to determine its size; */
+ /* skip table length */
if ( FT_STREAM_SEEK( base_offset + offset ) ||
- FT_READ_USHORT( vsSize ) )
+ FT_STREAM_SKIP( 2 ) )
goto Exit;
/* actual variation store begins after the length */
@@ -1824,7 +1829,7 @@
/* so NDV has not been set for CFF2 variation. */
/* */
/* `cff_slot_load' must call this function each time NDV changes. */
- static FT_Error
+ FT_LOCAL_DEF( FT_Error )
cff_load_private_dict( CFF_Font font,
CFF_SubFont subfont,
FT_UInt lenNDV,
diff --git a/src/cff/cffload.h b/src/cff/cffload.h
index 9924a8a..2da726c 100644
--- a/src/cff/cffload.h
+++ b/src/cff/cffload.h
@@ -23,6 +23,7 @@
#include <ft2build.h>
#include "cfftypes.h"
#include "cffparse.h"
+#include "cffobjs.h" /* for CFF_Face */
FT_BEGIN_HEADER
@@ -72,6 +73,12 @@ FT_BEGIN_HEADER
cff_font_done( CFF_Font font );
+ FT_LOCAL( FT_Error )
+ cff_load_private_dict( CFF_Font font,
+ CFF_SubFont subfont,
+ FT_UInt lenNDV,
+ FT_Fixed* NDV );
+
FT_LOCAL( FT_Byte )
cff_fd_select_get( CFF_FDSelect fdselect,
FT_UInt glyph_index );
diff --git a/src/truetype/ttgxvar.c b/src/truetype/ttgxvar.c
index 8df6b11..dae0cb7 100644
--- a/src/truetype/ttgxvar.c
+++ b/src/truetype/ttgxvar.c
@@ -433,11 +433,9 @@
FT_Error error;
FT_UShort majorVersion;
- FT_UShort minorVersion;
FT_ULong table_len;
FT_ULong table_offset;
FT_ULong store_offset;
- FT_ULong map_offset;
FT_ULong* dataOffsetArray = NULL;
@@ -455,8 +453,9 @@
table_offset = FT_STREAM_POS();
+ /* skip minor version */
if ( FT_READ_USHORT( majorVersion ) ||
- FT_READ_USHORT( minorVersion ) )
+ FT_STREAM_SKIP( 2 ) )
goto Exit;
if ( majorVersion != 1 )
{
@@ -465,8 +464,9 @@
goto Exit;
}
+ /* skip map offset */
if ( FT_READ_ULONG( store_offset ) ||
- FT_READ_ULONG( map_offset ) )
+ FT_STREAM_SKIP( 4 ) )
goto Exit;
/* parse item variation store */