|
39ce3ac4
|
2017-09-16T19:08:17
|
|
* Version 2.8.1 released.
=========================
Tag sources with `VER-2-8-1'.
* docs/VERSION.TXT: Add entry for version 2.8.1.
* docs/CHANGES: Updated.
* README, Jamfile (RefDoc), builds/windows/vc2005/freetype.vcproj,
builds/windows/vc2005/index.html,
builds/windows/vc2008/freetype.vcproj,
builds/windows/vc2008/index.html,
builds/windows/vc2010/freetype.vcxproj,
builds/windows/vc2010/index.html,
builds/windows/visualc/freetype.dsp,
builds/windows/visualc/freetype.vcproj,
builds/windows/visualc/index.html,
builds/windows/visualce/freetype.dsp,
builds/windows/visualce/freetype.vcproj,
builds/windows/visualce/index.html,
builds/wince/vc2005-ce/freetype.vcproj,
builds/wince/vc2005-ce/index.html,
builds/wince/vc2008-ce/freetype.vcproj,
builds/wince/vc2008-ce/index.html: s/2.8/2.8.1/, s/28/281/.
* include/freetype/freetype.h (FREETYPE_PATCH): Set to 1.
* builds/unix/configure.raw (version_info): Set to 21:0:15.
* CMakeLists.txt (VERSION_PATCH): Set to 1.
|
|
c28e9c9b
|
2017-09-15T22:23:01
|
|
Typos.
|
|
1264d9a6
|
2017-09-15T21:49:34
|
|
Minor.
|
|
17eb2406
|
2017-09-14T22:39:51
|
|
Update fuzzer-bot URL.
|
|
7cb6f217
|
2017-09-14T12:09:37
|
|
Formatting.
|
|
b757ddb1
|
2017-09-13T22:17:03
|
|
[sfnt] lowest gcc for vectors ( e1d0249e ) is changed to 4.7.
__builtin_shuffle() was introduced in gcc-4.7. The lowest
gcc to enable vector operation is delayed from 4.6 to 4.7.
* src/sfnt/pngshim.c (premultiply_data): Fix cpp-macro to
enable the vector operation, to change the lowest gcc version
from 4.6 to 4.7.
|
|
5ad84577
|
2017-09-13T15:49:15
|
|
[cache] Fix a possible overflow by signed integer comparison.
Improve the code by 5d3ff05615dda6d1325ed612381a17a0df04c975 ,
issues are found by Behdad Esfahbod and Werner Lemberg.
* src/cache/ftcbasic.c (FTC_ImageCache_Lookup): Replace
a subtraction to check higher bit by a bit operation,
and cpp-conditionalize for appropriate systems. Add better
documentation to the comment.
(FTC_ImageCache_LookupScaler): Ditto.
(FTC_SBitCache_Lookup): Ditto.
(FTC_SBitCache_LookupScaler): Ditto.
|
|
96dcc8ad
|
2017-09-13T08:16:23
|
|
[autofit] Really fix #41334 (#52000).
* src/autofit/aflatin.c (af_latin_hints_compute_segments): Set
`segment->delta' everywhere.
|
|
21658c31
|
2017-09-12T15:59:18
|
|
[autofit, sfnt] Fix for `make multi'.
* src/autofit/afshaper.c: Include FT_ADVANCE_H, to use
FT_Get_Advance() in it.
* src/sfnt/ttcmap.c: Include FT_SERVICE_POSTSCRIPT_CMAPS_H
to use PS_Unicodes in it, also include `ttpost.h' to use
tt_face_get_ps_name() in it.
|
|
babe13ec
|
2017-09-11T10:47:29
|
|
[build] Improve builds with different MS Visual Studio versions.
* builds/windows/vc2010/freetype.vcxproj: Switch platform toolset
according to the Visual Studio version.
|
|
3e4b7997
|
2017-09-11T08:51:44
|
|
* src/sfnt/ttkern.c (tt_face_load_kern): Reject format 2 tables.
Reported by Behdad.
|
|
d1b6c6e2
|
2017-09-10T22:35:21
|
|
Typo.
|
|
0683f0df
|
2017-09-09T13:01:11
|
|
Warping CHANGES.
|
|
0ab2b62d
|
2017-09-09T08:08:47
|
|
[autofit] Improve communication with ftgrid.
* src/autofit/afhints.c (af_glyph_hints_get_segment_offset):
Provide values in font units.
|
|
e2e56f9d
|
2017-09-09T06:31:03
|
|
Officially announce end of 16bit compiler support.
|
|
33b390a6
|
2017-09-08T21:34:47
|
|
Warping documentation updates.
|
|
3ef59e59
|
2017-09-09T01:28:24
|
|
[base] Remove a check for resource ID in the resource fork driver.
LastResort.dfont has a marginal resource ID 0xFFFF for sfnt
resource. Inside Macintosh: More Macintosh Toolbox, `Resource IDs'
(1-46), tells that some IDs are reserved and should not be used.
FreeType2 just uses resource ID to sort the fragmented resource.
To accept the marginal fonts, the checking is removed.
* src/base/ftrfork.c (FT_Raccess_Get_DataOffsets): Remove res_id
validity check, fix a trace message format.
|
|
71f66180
|
2017-09-09T01:05:44
|
|
ChangeLog for last commit.
|
|
5c4e40d7
|
2017-09-09T00:59:33
|
|
[sfnt, truetype] Register the tags for marginal fonts.
The first 32bit of standard TrueType variants is 0x00010000,
`OTTO', `ttcf', `true' or `typ1'. 2 marginal dfonts on legacy Mac
OS X, Keyboard.dfont and LastResort.dfont, have the sfnt resources
starting 0xA5 followed by `kbd' or `lst'. Considering the following
data could be parsed as conventional TrueType fonts, the header
checking is updated to allow these tags. It seems that recent Mac
OS X has already switched to normal TTF for these fonts.
See the discussion at
http://u88.n24.queensu.ca/exiftool/forum/index.php?topic=3931.0
* include/freetype/tttags.h (TTAG_0xA5kbd, TTAG_0xA5lst): New header
tags for Keyboard.dfont and LastResort.dfont.
* src/sfnt/sfobjs.c (sfnt_open_font): Accept the sfnt resource
starts with TTAG_0xA5kbd or TTAG_0xA5lst.
* src/truetype/ttobjs.c (tt_face_init): Accept the face with the
format tag is TTAG_0xA5kbd or TTAG_0xA5lst.
|
|
22a7f5b8
|
2017-09-07T22:36:02
|
|
Branding fixes.
|
|
e0b480d1
|
2017-09-06T21:21:14
|
|
s/ /~/
|
|
a3dd6d99
|
2017-09-05T23:02:04
|
|
Fix multiple calls of `FT_Bitmap_Convert'.
The documentation of `FT_Bitmap_Convert' says that multiple calls do
proper reallocation of the target FT_Bitmap object. However, this
failed for the sequence
non-empty bitmap
empty bitmap
non-empty bitmap
Reason was that `FT_Bitmap_Convert' only reallocated the bitmap
buffer if it became too small; it didn't make the buffer smaller.
For an empty bitmap following a non-empty one, only the buffer
dimension got set to zero, without deallocation. If the next call
was a non-empty buffer again, an assertion in `ft_mem_qrealloc' was
triggered.
* src/base/ftbitmap.c (FT_Bitmap_Convert): Always reallocate target
buffer to the correct size.
* docs/CHANGES: Document it.
|
|
7d017ba8
|
2017-09-05T15:28:21
|
|
[bdf] Fix size and resolution handling.
* src/bdf/bdfdrivr.c (BDF_Face_Init): Use `SIZE' values if
`POINT_SIZE', `RESOLUTION_X', or `RESOLUTION_Y' properties are
missing.
* docs/CHANGES: Document it.
|
|
f0898b92
|
2017-08-25T21:40:01
|
|
Swap `ALLOC_MULT' arguments (#51833).
* src/base/ftbitmap.c (ft_bitmap_assure_buffer): Updated.
* src/winfonts/winfnt.c (FNT_Load_Glyph): Updated.
* src/raster/ftrend1.c (ft_raster1_render): Updated.
|
|
587264cf
|
2017-08-23T09:14:14
|
|
Typo.
|
|
e1d0249e
|
2017-08-23T08:18:22
|
|
[sfnt] Fix clang compilation (#51788).
* src/sfnt/pngshim.c (premultiply_data): Use vectors instead of
scalars.
(vector_shuffle): New macro to take of a different built-in function
name on clang.
|
|
bd28952e
|
2017-08-22T08:41:03
|
|
[base] Don't zero out allocated memory twice (#51816).
Patch applied from bug report.
* src/base/ftutil.c (ft_mem_qrealloc): Use low-level allocation to
avoid unnecessary overhead.
|
|
0aca17cf
|
2017-08-22T08:25:14
|
|
[truetype] Integer overflow.
Changes triggered by
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3107
* src/truetype/ttinterp.c (Ins_MDRP, Ins_MIRP, Ins_ALIGNPTS): Use
NEG_LONG.
|
|
7653c765
|
2017-08-17T21:28:32
|
|
[sfnt] Avoid synthetic unicode for symbol fonts with PUA.
Reported as
https://bugs.chromium.org/p/chromium/issues/detail?id=754574
* src/sfnt/sfobjs.c (sfnt_load_face): Check for FT_ENCODING_MS_SYMBOL.
|
|
cadd29de
|
2017-08-16T13:32:17
|
|
* src/sfnt/pngshim.c (premultiply_data): Fix compiler warnings.
|
|
f53ccf6f
|
2017-08-15T07:17:42
|
|
Minor comment fix.
|
|
c9d7c03f
|
2017-08-15T08:48:17
|
|
[sfnt] Speed up PNG image loading.
This reduces the overhead of `premultiply_data' by 60%.
* src/sfnt/pngshim.c (premultiply_data): Provide code which uses
gcc's (and clang's) `vector_byte' attribute to process 4 pixels at a
time.
|
|
10ad11ab
|
2017-08-13T23:08:39
|
|
Harmony CHANGES.
|
|
9f5783bb
|
2017-08-13T09:40:18
|
|
Minor.
|
|
b45043c4
|
2017-08-11T09:34:20
|
|
[sfnt, truetype] Improve handling of missing sbits.
Requested by Behdad.
Modern bitmap-only SFNTs like `NotoColorEmoji.ttf' don't contain
entries in the bitmap strike(s) for empty glyphs. Instead, they
rely that a space glyph gets created from the font's metrics data.
This commit makes FreeType behave accordingly.
* include/freetype/fterrdef.h (FT_Err_Missing_Bitmap): New error
code.
* src/sfnt/ttsbit.c (tt_sbit_decoder_load_image): Change error codes
to make a distinction between a missing bitmap in a composite and a
simple missing bitmap.
* src/truetype/ttgload.c (TT_Load_Glyph): For a missing bitmap (in a
bitmap-only font), synthesize an empty bitmap glyph if metrics are
available.
|
|
e77ee789
|
2017-08-11T07:11:43
|
|
CHANGES: Minor update.
|
|
f2e121ab
|
2017-08-10T12:56:50
|
|
[base] Minor API improvement for default variation axis setting.
* src/base/ftmm.c (FT_Set_MM_Design_Coordinates,
FT_Set_Var_Design_Coordinates, FT_Set_MM_Blend_Coordinates,
FT_Set_Var_Blend_Coordinates): Allow coords==NULL if num_coords==0.
* docs/CHANGES: Updated.
|
|
c87fec02
|
2017-08-09T07:45:12
|
|
[psnames] Really fix issue #49949.
We now use a separate preprocessor macro to handle both definition
and declaration of the glyph name arrays.
* src/psnames/psmodule.c (DEFINE_PS_TABLE_DATA): New macro.
* src/tools/glnames.py (StringTable::dump,
StringTable::dump_sublist): Use `DEFINE_PS_TABLE_DATA'.
(dump_encoding): Ditto.
(main): Use `wb' mode for writing the output file, which works on
Windows also.
* src/psnames/pstables.h: Regenerated.
|
|
410f3799
|
2017-03-09T00:08:38
|
|
[smooth] Harmony LCD rendering.
This is a new technology for LCD-optimized rendering. It capitalizes
on the fact that each color channel grid is shifted by a third of a
pixel. Therefore it is logical to render 3 separate monochrome
bitmaps shifting the outline by 1/3 pixel, and then combine them.
Importantly, the resulting output does not require additional LCD
filtering.
* src/smooth/ftsmooth.c (ft_smooth_render_generic)
[!FT_CONFIG_OPTION_SUBPIXEL_RENDERING]: Implement new LCD-optimized
rendering.
* include/freetype/ftlcdfil.h, include/freetype/freetype.h,
include/freetype/config/ftoption.h, devel/ftoption.h: Updated
documentation.
|
|
5710ef98
|
2017-08-08T22:00:35
|
|
* src/smooth/ftsmooth.c (ft_smooth_render_generic): Clean up.
|
|
a9d8e90c
|
2017-08-08T21:42:37
|
|
* src/sftnt/ttpost.c (format): Use otspec-compliant versions.
|
|
986a21b7
|
2017-08-06T06:35:19
|
|
CHANGES update suggested by Nikolaus.
|
|
17196b7c
|
2017-08-05T18:58:34
|
|
[truetype] Integer overflow.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2868
* src/truetype/ttinterp.c (Ins_ALIGNRP): Use NEG_LONG.
|
|
f43b3094
|
2017-08-05T18:22:17
|
|
[base, truetype] New function `FT_Get_Var_Axis_Flags'.
The reserved `flags' field got a value in OpenType version 1.8.2;
unfortunately, the public `FT_Var_Axis' structure misses the
corresponding element. Since we can't add a new field, we add an
access function.
* src/base/ftmm.c (FT_Get_Var_Axis_Flags): New function.
* include/freetype/ftmm.h (FT_VAR_AXIS_FLAG_HIDDEN): New macro.
Updated.
* src/truetype/ttgxvar.c (TT_Get_MM_Var): Increase allocated memory
of `mmvar' to hold axis flags.
Fill the axis flags array.
* docs/CHANGES: Updated.
|
|
24e256ab
|
2017-08-04T08:25:31
|
|
[truetype] Fix metrics of B/W hinting in v40 mode.
Phantom points are now saved outside v40 backwards compatibility
mode. This fixes the jumping glyphs when switching between v35 and
v40 monochrome mode.
* src/truetype/ttgload.c (TT_Hint_Glyph): Fix inversed bool logic.
|
|
7f44c2db
|
2017-08-03T06:15:30
|
|
[truetype] Do not set any ClearType flags in v40 monochrome mode.
This fixes weird behavior of instructions that resulted in rendering
differences between v35 and v40 in monochrome mode, e.g., in
`timesbi.ttf'.
* src/truetype/ttinterp.c (Ins_GETINFO)
[TT_SUPPORT_SUBPIXEL_HINTING_MINIMAL]: Check
`subpixel_hinting_lean'.
|
|
7e508242
|
2017-08-01T12:44:35
|
|
* src/truetype/ttgxvar.c (TT_Get_MM_Var): Fix thinko.
|
|
e6b9b6ba
|
2017-08-01T09:34:24
|
|
Update CHANGES file.
|
|
55bbb98f
|
2017-08-01T09:17:02
|
|
[truetype] Fix loading of named instances.
* src/truetype/ttgxvar.c (TT_Get_MM_Var): Preserve file position
while loading the `avar' table.
|
|
ce367774
|
2017-08-01T08:24:51
|
|
[sfnt, truetype] Minor adjustments for OpenType 1.8.2.
* src/sfnt/sfobjs.c (sfnt_load_face): The units per EM value has now
(tighter) limits.
* src/truetype/ttgload.c (load_truetype_glyph): The new OpenType
version explicitly allows all negative values for the number of
contours if we have a composite glyph (this is for better backwards
compatibility I guess), but it still recommends value -1.
|
|
933f4cbe
|
2017-07-26T23:32:32
|
|
[cff] Integer overflow.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2738
* src/cff/cf2hints.c (cf2_glyphpath_computeOffset,
cf2_glyphpath_curveTo): Use ADD_INT32.
|
|
38bdf22b
|
2017-07-13T10:28:09
|
|
[truetype] Improve code comment.
|
|
fe0a7d9d
|
2017-07-13T10:25:42
|
|
[base] Fix memory leak.
Reported as
https://bugs.chromium.org/p/chromium/issues/detail?id=738362
* src/base/ftglyph.c (FT_Get_Glyph): Do proper deallocation in case
of error.
|
|
134de096
|
2017-07-12T22:16:37
|
|
[base] Integer overflow.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2573
* src/base/ftobjs.c (ft_glyphslot_grid_fit_metrics): Use
FT_PIX_CEIL_LONG and FT_PIX_ROUND_LONG.
|
|
b5cab5c9
|
2017-07-12T21:58:35
|
|
Document how to scale manually.
|
|
229a5535
|
2017-07-12T10:48:41
|
|
CHANGES: Add information on global metrics rounding.
I missed to add this important information.
|
|
3d083fc2
|
2017-07-12T00:24:48
|
|
* src/truetype/ttpload.c (tt_face_get_location): Off-by-one typo.
Also improve tracing message.
Problem reported as
https://bugs.chromium.org/p/chromium/issues/detail?id=738919
|
|
39af82eb
|
2017-07-11T01:53:01
|
|
Changelog: typo, chromium issue id is 2276 instead of 2278
Signed-off-by: Hin-Tak Leung <htl10@users.sourceforge.net>
|
|
9ea83c78
|
2017-07-07T17:09:43
|
|
[cff] Integer overflow.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2517
* src/cff/cf2blues.c (cf2_blues_capture): Use SUB_INT32.
|
|
762de5e2
|
2017-07-06T22:31:57
|
|
Tweak suggested use of `lsb_delta' and `rsb_delta'.
|
|
cf8d9b4c
|
2017-07-05T23:07:01
|
|
* src/sfnt/ttcmap.c (tt_cmap_unicode_class_rec): Fix warning.
|
|
4261e497
|
2017-07-05T23:00:23
|
|
* src/truetype/ttgxvar.c (FT_Stream_SeekSet): Fix warning (#51395).
|
|
1c85479d
|
2017-07-04T08:08:54
|
|
[truetype] Prevent address overflow (#51365).
* src/truetype/ttgxvar.c (FT_Stream_SeekSet): Add guard.
|
|
c56d8851
|
2017-07-03T22:49:07
|
|
* src/base/ftlcdfil.c (ft_lcd_filter_fir): Improve code.
|
|
ca799e9b
|
2017-07-03T06:27:52
|
|
[truetype] Integer overflow.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2455
* src/truetype/ttinterp.c (Ins_SCFS): Use SUB_LONG.
|
|
abeb28f1
|
2017-07-01T16:48:32
|
|
* src/sfnt/sfobjs.c (sfnt_load_face): Ignore No_Unicode_Glyph_Name.
|
|
7819aeb6
|
2017-06-28T22:57:41
|
|
Avoid Microsoft compiler warnings (#51331).
While clang's sanitizer recommends a cast to unsigned for safe
negation (to handle -INT_MIN), both MSVC and Visualc emit warning
C4146 if an unsigned value gets negated.
* include/freetype/internal/ftcalc.h (NEG_LONG, NEG_INT32),
src/base/ftcalc.c (FT_MOVE_SIGN): Replace negation with a
subtraction.
|
|
2e7bb5e8
|
2017-06-27T16:56:38
|
|
* src/cff/cffparse.c (do_fixed): Fix typo.
Spotted by chris <chris@gcjd.org>.
|
|
dde8f5ab
|
2017-06-27T06:16:04
|
|
[truetype] Integer overflows.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2384
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2391
* src/base/ftcalc.c (FT_MulDiv, FT_MulDiv_No_Round, FT_DivFix): Use
NEG_LONG.
* src/truetype/ttinterp.c (Ins_SxVTL): Use NEG_LONG.
|
|
b27cef27
|
2017-06-24T20:17:46
|
|
[truetype] Integer overflows.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2364
* src/truetype/ttinterp.c (Ins_ISECT): Use NEG_LONG.
|
|
298e2ea5
|
2017-06-22T11:52:43
|
|
[cff, truetype] Integer overflows.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2323
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2328
* src/cff/cf2blues.c (cf2_blues_capture): Use ADD_INT32 and
SUB_INT32.
* src/truetype/ttinterp.c (Ins_SDPVTL): Use SUB_LONG and NEG_LONG.
|
|
75cb071b
|
2017-06-21T22:52:37
|
|
[sfnt] Synthesize a Unicode charmap if one is missing.
* src/sfnt/ttcmap.h (tt_cmap_unicode_class_rec): Declare it.
* src/sfnt/ttcmap.c (tt_get_glyph_name, tt_cmap_unicode_init,
tt_cmap_unicode_done, tt_cmap_unicode_char_index,
tt_cmap_unicode_char_next, tt_cmap_unicode_class_rec): Implement
synthetic Unicode charmap class.
(tt_get_cmap_info): Make sure the callback is available.
* src/sfnt/sfobjs.c (sfnt_load_face)
[FT_CONFIG_OPTION_POSTSCRIPT_NAMES]: If Unicode charmap is missing,
synthesize one.
* include/freetype/config/ftoption.h: Document it.
* devel/ftoption.h: Ditto.
|
|
390048fa
|
2017-06-20T18:03:20
|
|
Remove deprecated comment.
|
|
c8829e4b
|
2017-06-20T12:24:05
|
|
Fix pkg-config in freetype-config for cross-compiling (#51274).
* builds/unix/unix-def.in (PKG_CONFIG): New variable.
(freetype-config): Use it in sed expression.
* builds/unix/freetype-config.in: s/pkg-config/%PKG_CONFIG%/.
|
|
8c763fb1
|
2017-06-20T07:49:52
|
|
[cff, truetype] Integer overflows.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2300
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2313
* src/cff/cf2hints.c (cf2_hintmap_adjustHints): Use ADD_INT32.
* src/truetype/ttinterp.c (Ins_ABS): Avoid FT_ABS.
|
|
7b727833
|
2017-06-17T23:28:14
|
|
[base, smooth] LCD filtering cleanups.
* src/base/ftlcdlil.c (ft_lcd_filter_fir, _ft_lcd_filter_legacy):
Clean up, start filtering from the bottom-left origin.
* src/smooth/ftsmooth.c (ft_smooth_render_generic): Updated.
|
|
4dc00cf5
|
2017-06-16T13:33:09
|
|
[truetype] Integer overflows.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2270
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2278
* src/truetype/ttinterp.c (Ins_MDRP, _iup_worker_interpolate): Use
ADD_LONG and SUB_LONG.
|
|
dbeb7bce
|
2017-06-15T19:39:50
|
|
[bdf, cff] Integer overflows.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2244
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2261
* src/bdf/bdfdrivr.c (BDF_Face_Init): Replace calls to FT_ABS with
direct code to avoid value negation.
* src/cff/cf2blues.c (cf2_blues_capture): Use SUB_INT32 and
ADD_INT32.
|
|
79e3789f
|
2017-06-14T07:51:04
|
|
* src/winfonts/winfnt.c (FNT_Face_Init): Don't set active encoding.
FreeType only sets a default active encoding for Unicode.
|
|
5c402d97
|
2017-06-13T06:56:48
|
|
[cff, truetype] Integer overflows.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2216
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2218
* src/cff/cf2fixed.h (cf2_fixedAbs): Use NEG_INT32.
* src/truetype/ttinterp.c (Ins_IP): Use SUB_LONG.
|
|
3ed3a961
|
2017-06-11T13:50:37
|
|
[cff] Integer overflows.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2200
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2210
* src/cff/cf2hints.c (cf2_hintmap_insertHint): Use SUB_INT32 and
ADD_INT32.
* src/cff/cf2intrp.c (cf2_interpT2CharString) <cf2_cmdVMOVETO>: Use
ADD_INT32.
|
|
5f2a72cb
|
2017-06-10T11:29:24
|
|
[truetype] Fix TT_Set_Var_Design.
Reported by Nikolaus Waxweiler <madigens@gmail.com>.
* src/truetype/ttgxvar.c (TT_Set_Var_Design): Correctly handle the
case where we have less input coordinates than axes.
|
|
2c4fba9c
|
2017-06-10T11:03:41
|
|
* src/base/ftcalc.c (FT_DivFix): Fix embarrassing typo.
Bug introduced 2017-05-28.
|
|
9038837e
|
2017-06-09T20:42:46
|
|
[cff, truetype] Integer overflows.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2144
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2151
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2153
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2173
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2186
* src/cff/cf2blues.c (cf2_blues_init): Use SUB_INT32.
* src/truetype/ttinterp.c (Round_None, Round_To_Grid,
Round_To_Half_Grid, Round_Down_To_Grid, Round_Up_To_Grid,
Round_To_Double_Grid, Round_Super, Round_Super_45): Use ADD_LONG,
SUB_LONG, NEG_LONG, FT_PIX_ROUND_LONG, FT_PIX_CEIL_LONG,
FT_PAD_ROUND_LONG
(Ins_SxVTL, Ins_MIRP): Use SUB_LONG.
(_iup_worker_shift): Use SUB_LONG and ADD_LONG.
|
|
96d26926
|
2017-06-09T20:34:28
|
|
Provide more macros for flooring, ceiling, and rounding.
These versions don't produce run-time errors due to integer
overflow.
* include/freetype/internal/ftobjs.h: Include FT_INTERNAL_CALC_H.
(FT_PAD_ROUND_LONG, FT_PAD_CEIL_LONG, FT_PIX_ROUND_LONG,
FT_PIX_CEIL_LONG): New macros.
(FT_PAD_ROUND_INT32, FT_PAD_CEIL_INT32, FT_PIX_ROUND_INT32,
FT_PIX_CEIL_INT32): New macros.
|
|
faf34d29
|
2017-06-09T20:31:24
|
|
Remove unused macros.
* include/freetype/internal/ftcalc.h (ADD_INT, SUB_INT, MUL_INT,
NEG_INT): Deleted.
|
|
dcd8de27
|
2017-06-09T11:21:58
|
|
*/*: Remove `OVERFLOW_' prefix.
This increases readability.
|
|
7bffeacd
|
2017-06-07T17:08:01
|
|
[cff, truetype] Integer overflows.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2133
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2137
* src/cff/cf2hints.c (cf2_hint_init): Use OVERFLOW_SUB_INT32.
* src/truetype/ttinterp.c (PROJECT, DUALPROJ): Use
OVERFLOW_SUB_LONG.
|
|
24848a3d
|
2017-06-06T12:05:04
|
|
[cff] Integer overflow.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2109
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2110
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2122
* src/cff/cf2blues.c (cf2_blues_init): Use OVERFLOW_SUB_INT32.
* src/cff/cf2hints.c (cf2_hintmap_map): Synchronize if-else
branches.
|
|
86670429
|
2017-06-05T06:20:53
|
|
[cff] Integer overflow.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2089
* src/cff/cffload.c (cff_blend_doBlend): User OVERFLOW_ADD_INT32.
|
|
9fa8a299
|
2017-06-04T20:43:08
|
|
[cff, truetype] Integer overflows.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2075
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2088
* src/cff/cf2font.c (cf2_font_setup): Use OVERFLOW_MUL_INT32.
* src/truetype/ttinterp.c (Ins_ISECT): Use OVERFLOW_MUL_LONG,
OVERFLOW_ADD_LONG, and OVERFLOW_SUB_LONG.
|
|
addb2ddd
|
2017-06-03T21:05:42
|
|
[base, cff, truetype] Integer overflows.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2060
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2062
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2063
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2068
* src/base/ftobjs.c (ft_glyphslot_grid_fit_metrics): Use
OVERFLOW_ADD_LONG and OVERFLOW_SUB_LONG.
* src/cff/cf2blues.c (cf2_blues_capture), src/cff/cf2hints.c
(cf2_hintmap_adjustHints): Use OVERFLOW_SUB_INT32.
* src/truetype/ttgload.c (compute_glyph_metrics): User
OVERFLOW_SUB_LONG.
* src/truetype/ttinterp.c (Direct_Move, Direct_Move_Orig,
Direct_Move_X, Direct_Move_Y, Direct_Move_Orig_X,
Direct_Move_Orig_Y, Move_Zp2_Point, Ins_MSIRP): Use
OVERFLOW_ADD_LONG and OVERFLOW_SUB_LONG.
|
|
c9a9cf59
|
2017-06-03T09:41:50
|
|
* builds/unix/freetype-config.in: Fix pkg-config test (#51162).
Patch directly taken from bug report.
|
|
2c2e6403
|
2017-06-03T07:38:11
|
|
[bdf] Synchronize sanity checks with pcf driver.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2054
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2058
* src/bdf/bdfdrivr.c (BDF_Face_Init): Check font ascent and descent.
Check AVERAGE_WIDTH, POINT_SIZE, PIXEL_SIZE, RESOLUTION_X, and
RESOLUTION_Y properties.
|
|
1ea34322
|
2017-06-03T06:52:13
|
|
[cff, truetype] Integer overflows.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2047
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2057
* src/cff/cf2hints.c (cf2_hintmap_map): Use OVERFLOW_SUB_INT32.
* src/truetype/ttinterp.c (Ins_ADD): Use OVERFLOW_ADD_LONG.
(Ins_SUB): Use OVERFLOW_SUB_LONG.
(Ins_NEG): Use NEG_LONG.
|
|
c5a22541
|
2017-06-03T06:13:10
|
|
ftcalc.h: Avoid left-shift of negative numbers.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2055
* include/freetype/internal/ftcalc.h (INT_TO_F26DOT6,
INT_TO_F2DOT14, INT_TO_FIXED, F2DOT14_TO_FIXED): Use multiplication.
|
|
0716c6ab
|
2017-06-02T19:24:03
|
|
[cff] Even more integer overflows.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2046
* src/cff/cf2intrp.c (cf2_doStems, cf2_interpT2CharString): Use
OVERFLOW_ADD_INT32.
|
|
7a4276fb
|
2017-06-02T09:21:37
|
|
[cff] More integer overflows.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2032
* src/cff/cf2blues.c (cf2_blues_init): Use OVERFLOW_SUB_INT32.
|
|
03b0cc2e
|
2017-06-02T09:16:52
|
|
[bdf] Don't left-shift negative numbers.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2031
* src/bdf/bdfdrivr.c (BDF_Face_Init): Use multiplication.
|
|
47a03e9b
|
2017-06-02T09:06:36
|
|
[bdf] Fix integer scanning routines.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2029
* src/bdf/bdflib.c (_bdf_atoul, _bdf_atol, _bdf_atous, _bdf_atos):
Stop scanning if result would overflow.
|