|
02cfd714
|
2015-10-29T20:50:57
|
|
* src/autofit/afhints.c (af_glyph_hints_dump_points): Minor.
|
|
017db03e
|
2015-10-29T05:52:09
|
|
* CMakeLists.txt: Remove code to set MSVC's /FD compiler switch.
Problem reported by David Capello <davidcapello@gmail.com>; see
http://lists.nongnu.org/archive/html/freetype-devel/2015-10/msg00108.html
for details.
|
|
fba29fab
|
2015-10-27T21:04:48
|
|
[pfr] Add some safety guards (#46302).
* src/pfr/pfrload.h (PFR_CHECK): Rename to...
(PFR_CHECK_SIZE): ... this.
(PFR_SIZE): [!PFR_CONFIG_NO_CHECKS]: Define to PFR_CHECK_SIZE.
* src/pfr/pfrload.c (pfr_log_font_count): Check `count'.
(pfr_extra_item_load_kerning_pairs): Remove tracing message.
(pfr_phy_font_load): Use PFR_CHECK_SIZE where appropriate.
Allocate `chars' after doing a size checks.
* src/pfr/pfrsbit.c (pfr_load_bitmap_bits): Move test for invalid
bitmap format to...
(pfr_slot_load_bitmap): ... this function.
Check bitmap size.
|
|
6a19a7d3
|
2015-10-26T15:40:22
|
|
[truetype] Fix sanitizing logic for `loca' (#46223).
* src/truetype/ttpload.c (tt_face_load_loca): A thinko caused an
incorrect adjustment of the number of glyphs, most often using far
too large values.
|
|
7f00fa64
|
2015-10-25T10:59:59
|
|
[autofit] Improve tracing.
* src/autofit/afhints.c (af_print_idx, af_get_segment_index,
af_get_edge_index): New functions.
(af_glyph_hints_dump_points): Remove unnecessary `|', `[', and `]'.
Add segment and edge index for each point.
Slightly change printing order of some elements.
Don't print `-1' but `--' for missing elements.
(af_glyph_hints_dump_segments, af_glyph_hints_dump_edges): Remove
unnecessary `|', `[', and `]'.
Don't print `-1' but `--' for missing elements.
|
|
6f09011f
|
2015-10-24T10:10:22
|
|
[sfnt] Sanitize bitmap strike glyph height.
Problem reported by Nikolay Sivov <bunglehead@gmail.com>.
* src/sfnt/ttsbit.c (tt_face_load_strike_metrics): Avoid zero value
for `metrics->height' by applying some heuristics.
|
|
e93d326c
|
2015-10-22T10:17:20
|
|
[sfnt, type42] Fix clang compiler warnings.
* src/sfnt/sfobjs.c (sfnt_init_face): Initialize `offset'.
* src/type42/t42parse.c (t42_parse_sfnts): Use proper cast.
|
|
f1c93439
|
2015-10-22T10:11:23
|
|
[cff] Avoid overflow/module arithmetic.
This modifies the addition of subroutine number to subroutine bias
from unsigned to signed, but does not change any results.
* src/cff/cf2ft.c (cf2_initGlobalRegionBuffer,
cf2_initLocalRegionBuffer): Change variable names from (unsigned)
`idx' to (signed) `subrNum', since it is not an index until after
the bias is added.
* src/cff/cf2ft.h: Updated.
* src/cff/cf2intrp.c (cf2_interpT2CharString) <cf2_cmdCALLSUBR>:
Updated similarly.
|
|
59ae73fe
|
2015-10-22T09:26:00
|
|
[cid] Better check of `SubrCount' dictionary entry (#46272).
* src/cid/cidload.c (cid_face_open): Add more sanity tests for
`fd_bytes', `gd_bytes', `sd_bytes', and `num_subrs'.
|
|
e484d36b
|
2015-10-21T20:48:27
|
|
[base] Pacify compiler (#46266).
* src/base/ftoutln.c (FT_Outline_EmboldenXY): Initialize `in' and
`anchor'.
|
|
87fefc59
|
2015-10-21T20:29:12
|
|
[type42] Fix heap buffer overflow (#46269).
* src/type42/t42parse.c (t42_parse_sfnts): Fix off-by-one error in
bounds checking.
|
|
3cfd5123
|
2015-10-21T14:07:25
|
|
[cff] Fix limit in assert for max hints.
* src/cff/cf2interp.c (cf2_hintmask_setAll): Allow mask equal to the
limit (96 bits).
|
|
748e3681
|
2015-10-21T13:58:43
|
|
[cff] Remove an assert (#46107).
* src/cff/cf2hints.c (cf2_hintmap_insertHint): Ignore paired edges
in wrong order.
|
|
e6593389
|
2015-10-21T08:04:29
|
|
[sfnt] Avoid unnecessarily large allocation for WOFFs (#46257).
* src/sfnt/sfobjs.c (woff_open_font): Use WOFF's `totalSfntSize'
only after thorough checks.
Add tracing messages.
|
|
649ca556
|
2015-10-21T07:01:45
|
|
[type42] Better check invalid `sfnts' array data (#46255).
* src/type42/t42parse.c (t42_parse_sfnts): Table lengths must be
checked individually against available data size.
|
|
3eccc3a3
|
2015-10-20T22:31:57
|
|
[cid] Add a bunch of safety checks.
* src/cid/cidload.c (parse_fd_array): Check `num_dicts' against
stream size.
(cid_read_subrs): Check largest offset against stream size.
(cid_parse_dict): Move safety check to ...
(cid_face_open): ... this function.
Also test length of binary data and values of `SDBytes',
`SubrMapOffset', `SubrCount', `CIDMapOffset', and `CIDCount'.
|
|
d47d372c
|
2015-10-20T12:24:36
|
|
[cid] Avoid segfault with malformed input (#46250).
* src/cid/cidload.c (cid_read_subrs): Return a proper error code for
unsorted offsets.
|
|
5cf83a53
|
2015-10-20T07:19:44
|
|
* CMakeLists.txt: Enable shared library builds on MinGW (#46233).
|
|
3c582060
|
2015-10-20T06:57:28
|
|
* src/type1/t1afm.c (T1_Read_Metrics): Fix memory leak (#46229).
|
|
ba8a528b
|
2015-10-19T23:27:06
|
|
[cid] Better handle invalid glyph stream offsets (#46221).
* src/cid/cidgload.c (cid_load_glyph): Check minimum size of glyph
length.
|
|
24cee3a8
|
2015-10-19T23:00:28
|
|
[psaux] Fix tracing of negative numbers.
Due to incorrect casting negative numbers were shown as very large
(positive) integers on 64bit systems.
* src/psaux/t1decode.c (t1_decoder_parse_charstrings) <op_none>:
Use division instead of shift.
|
|
14213b54
|
2015-10-18T18:15:04
|
|
[truetype] Improve TT_CONFIG_OPTION_MAX_RUNNABLE_OPCODES (#46223).
* devel/ftoption.h, include/freetype/config/ftoption.h: Surround it
with #ifndef ... #endif, as suggested in the tracker issue.
|
|
dcfc4d9c
|
2015-10-18T16:47:06
|
|
[truetype] Better protection against malformed `fpgm' (#46223).
* src/truetype/ttobjs.c (tt_size_init_bytecode): Don't execute a
malformed `fpgm' table more than once.
|
|
7643b583
|
2015-10-17T15:51:29
|
|
* src/cid/cidgload.c (cid_load_glyph): Fix memory leak.
Reported by Kostya Serebryany <kcc@google.com>.
|
|
b185747d
|
2015-10-17T14:21:41
|
|
[bdf] Prevent memory leak (#46217).
* src/bdf/bdflib.c (_bdf_parse_glyphs) <STARTCHAR>: Check
_BDF_GLYPH_BITS.
|
|
e1ca18d4
|
2015-10-17T11:51:27
|
|
[bdf] Use stream size to adjust number of glyphs.
* src/bdf/bdflib.c (ACMSG17): New message macro.
(_bdf_parse_t): Add member `size'.
(bdf_load_font): Set `size'.
(_bdf_parse_glyphs): Adjust `cnt' if necessary.
|
|
0af21dcf
|
2015-10-17T09:29:52
|
|
* src/cid/cidload.c (cid_parse_dict): Check `[FG]DBytes' size.
|
|
0ba98da4
|
2015-10-17T09:11:02
|
|
* src/cid/cidgload.c (cid_glyph_load): Check file offsets (#46222).
|
|
8edfcbed
|
2015-10-17T08:11:16
|
|
[psaux] Fix heap buffer overflow (#46221).
* src/psaux/t1decode.c (t1_decoder_parse_charstring) <operator 12>:
Fix limit check.
|
|
a5ecfb4c
|
2015-10-17T06:15:55
|
|
* src/cid/cidload.c (cid_parse_dict): Handle invalid input (#46220).
|
|
266976b1
|
2015-10-15T22:15:53
|
|
add src/tools/ftfuzzer/README
|
|
65d89804
|
2015-10-15T23:50:16
|
|
[bdf] Fix memory leak (#46213).
* src/bdf/bdflib.c (bdf_load_font): Always go to label `Fail' in
case of error.
|
|
24a1fcdf
|
2015-10-15T21:50:15
|
|
[truetype] Add TT_CONFIG_OPTION_MAX_RUNNABLE_OPCODES (#46208).
* devel/ftoption.h, include/freetype/config/ftoption.h
(TT_CONFIG_OPTION_MAX_RUNNABLE_OPCODES): New configuration macro.
* src/truetype/ttinterp.c (MAX_RUNNABLE_OPCODES): Removed.
(TT_RunIns): Updated.
|
|
837ad9d4
|
2015-10-15T21:15:45
|
|
* src/truetype/ttinterp.c (TT_RunIns): Fix bytecode stack tracing.
The used indices were off by 1.
|
|
8b76eaf0
|
2015-10-15T18:28:43
|
|
* src/tools/ftfuzzer/ftfuzzer.cc: Handle fixed sizes (#46211).
|
|
e03214e1
|
2015-10-15T16:58:13
|
|
[base] Compute MD5 checksums only if explicitly requested.
This improves profiling accuracy.
* src/base/ftobjs.c (FT_Render_Glyph_Internal): Implement it.
|
|
2a20c92c
|
2015-10-14T15:23:15
|
|
[base] Use `FT_' namespace for MD5 functions (#42366).
* src/base/ftobjs.c (MD5_*): Define as `FT_MD5_*'.
Undefine HAVE_OPENSSL.
|
|
8539915d
|
2015-10-13T20:43:19
|
|
[type1] Correctly handle missing MM axis names (#46202).
* src/type1/t1load.c (T1_Get_MM_Var): Implement it.
|
|
58b61b6e
|
2015-10-13T18:26:18
|
|
[pcf] Quickly exit if font index < 0.
Similar to other font formats, this commit makes the parser no
longer check the whole PCF file but only the header and the TOC if
we just want to get the number of available faces (and a proper
recognition of the font format).
* src/pcf/pcfdrivr.c (PCF_Face_Init): Updated.
Exit quickly if face_index < 0.
* src/pcfread.c (pcf_load_font): Add `face_index' argument.
Exit quickly if face_index < 0.
* src/pcf/pcf.h: Updated.
|
|
bdb56bba
|
2015-10-13T11:51:13
|
|
[ftfuzzer] Handle TTCs and MM/GX variations.
This patch also contains various other improvements.
* src/tools/ftfuzzer/ftfuzzer.cc: Add preprocessor guard to reject
pre-C++11 compilers.
(FT_Global): New class. Use it to provide a global constructor and
destructor for the `FT_Library' object.
(setIntermediateAxis): New function to select an (arbitrary)
instance.
(LLVMFuzzerTestOneInput): Loop over all faces and named instances.
Also call `FT_Set_Char_Size'.
|
|
43a96eb2
|
2015-10-13T11:18:55
|
|
[truetype] Refine some GX sanity tests.
Use the `gvar' table size instead of the remaining bytes in the
stream.
* src/truetype/ttgxvar.h (GX_BlendRec): New field `gvar_size'.
* src/truetype/ttgxvar.c (ft_var_load_gvar): Set `gvar_size'.
(ft_var_readpackedpoints, ft_var_readpackeddeltas: New argument
`size'.
(tt_face_vary_cvt, TT_Vary_Apply_Glyph_Deltas): Updated.
|
|
052f6c56
|
2015-10-13T08:24:32
|
|
[truetype] Another GX sanity test.
* src/truetype/ttgxvar.c (TT_Vary_Apply_Glyph_Deltas): Check
`tupleCount'.
Add tracing message.
|
|
7ef0d866
|
2015-10-13T08:14:20
|
|
[truetype] Fix memory leak for broken GX fonts (#46188).
* src/truetype/ttgxvar.c (TT_Vary_Apply_Glyph_Deltas): Fix scope of
deallocation.
|
|
f96094ee
|
2015-10-13T07:13:56
|
|
[truetype] Fix commit from 2015-10-10.
* src/truetype/ttgxvar.c (ft_var_load_gvar): Add missing error
handling body to condition.
|
|
b9880aa0
|
2015-10-12T10:13:26
|
|
[unix] Make MKDIR_P actually work.
* builds/unix/configure.raw: Fix underquoting of `INSTALL' and
`MKDIR_P'.
Problem reported by Dan Liddell <lddll@yahoo.com>.
|
|
4f7f6f6e
|
2015-10-11T07:55:25
|
|
[sfnt] Improve extraction of number of named instances.
* src/sfnt/sfobjs.c (sfnt_init_face)
[TT_CONFIG_OPTION_GX_VAR_SUPPORT]: Check number of instances against
`fvar' table size.
|
|
a724dcf5
|
2015-10-11T05:50:07
|
|
Split off ChangeLog.25.
|
|
c14ae9c5
|
2015-10-10T22:28:26
|
|
* src/base/ftoutln.c (FT_Outline_Get_Orientation): Fix overflow (#46149).
|
|
8de39a79
|
2015-10-10T13:34:11
|
|
[sfnt] Fix infinite loops with broken cmaps (#46167).
* src/sfnt/ttcmap.c (tt_cmap8_char_next, tt_cmap12_next): Take care
of border condidions (i.e., if the loops exit naturally).
|
|
da34673e
|
2015-10-10T10:21:27
|
|
[truetype] More sanity tests for GX handling.
These tests should mainly help avoid unnecessarily large memory
allocations in case of malformed fonts.
* src/truetype/ttgxvar.c (ft_var_readpackedpoints,
ft_var_readpackeddeltas): Check number of points against stream
size.
(ft_var_load_avar): Check `pairCount' against table length.
(ft_var_load_gvar): Check `globalCoordCount' and `glyphCount'
against table length.
(tt_face_vary_cvt): Check `tupleCount' and `offsetToData'.
Fix trace.
(TT_Vary_Apply_Glyph_Deltas): Fix trace.
Free `sharedpoints' to avoid memory leak.
|
|
c220d8b4
|
2015-10-10T08:13:04
|
|
[truetype] Better protection against malformed GX data (#46166).
* src/truetype/ttgxvar.c (TT_Vary_Apply_Glyph_Deltas): Correctly
handle empty `localpoints' array.
|
|
d353f6e0
|
2015-10-10T06:54:46
|
|
* src/pcf/pcfread.c (pcf_read_TOC): Check stream size (#46162).
|
|
c12956e7
|
2015-10-09T09:38:32
|
|
* src/gzip/ftgzip.c (FT_Stream_OpenGzip): Use real stream size.
|
|
d98053c9
|
2015-10-08T23:17:41
|
|
[pcf] Protect against invalid number of TOC entries (#46159).
* src/pcf/pcfread.c (pcf_read_TOC): Check number of TOC entries
against size of data stream.
|
|
06c2d332
|
2015-10-08T21:31:57
|
|
[type42] Protect against invalid number of glyphs (#46159).
* src/type42/t42parse.c (t42_parse_charstrings): Check number of
`CharStrings' dictionary entries against size of data stream.
|
|
983b00ec
|
2015-10-08T18:44:45
|
|
[sfnt] Fix some signed overflows (#46149).
* src/sfnt/ttsbit.c (tt_face_load_strike_metrics)
<TT_SBIT_TABLE_TYPE_SBIX>: Use `FT_MulDiv'.
|
|
12112241
|
2015-10-08T08:55:15
|
|
[type1] Protect against invalid number of subroutines (#46150).
* src/type1/t1load.c (parse_subrs): Check number of
`Subrs' dictionary entries against size of data stream.
|
|
dde84f25
|
2015-10-07T22:18:22
|
|
[ftfuzzer] Add support for LLVM's LibFuzzer.
* src/tools/ftfuzzer/ftfuzzer.cc, src/tools/runinput.cc: New files.
|
|
6eb6158d
|
2015-10-06T22:39:54
|
|
[smooth] Faster alternative line renderer.
This implementation renders the entire line segment at once without
subdividing it into scanlines. The main speed improvement comes from
reducing the number of divisions to just two per line segment, which
is a bare minimum to calculate cell coverage in a smooth rasterizer.
Notably, the progression from cell to cell does not itself require any
divisions at all. The speed improvement is more noticeable at larger
sizes.
* src/smooth/ftgrays.c (gray_render_line): New implementation.
|
|
066a4913
|
2015-10-06T07:55:32
|
|
[cff] Return correct PS names from pure CFF (#46130).
* src/cff/cffdrivr.c (cff_get_ps_name): Use SFNT service only for
SFNT.
|
|
30fe5e76
|
2015-10-04T13:08:08
|
|
[base] Replace left shifts with multiplication (#46118).
* src/base/ftglyph.c (ft_bitmap_glyph_bbox, FT_Get_Glyph): Do it.
|
|
8cabd919
|
2015-10-04T08:18:01
|
|
* Version 2.6.1 released.
=========================
Tag sources with `VER-2-6-1'.
* docs/VERSION.DLL: Update documentation and bump version number to
2.6.1.
* README, Jamfile (RefDoc), builds/windows/vc2005/freetype.vcproj,
builds/windows/vc2005/index.html,
builds/windows/vc2008/freetype.vcproj,
builds/windows/vc2008/index.html,
builds/windows/vc2010/freetype.vcxproj,
builds/windows/vc2010/index.html,
builds/windows/visualc/freetype.dsp,
builds/windows/visualc/freetype.vcproj,
builds/windows/visualc/index.html,
builds/windows/visualce/freetype.dsp,
builds/windows/visualce/freetype.vcproj,
builds/windows/visualce/index.html,
builds/wince/vc2005-ce/freetype.vcproj,
builds/wince/vc2005-ce/index.html,
builds/wince/vc2008-ce/freetype.vcproj,
builds/wince/vc2008-ce/index.html: s/2.6/2.6.1/, s/26/261/.
* include/freetype/freetype.h (FREETYPE_PATCH): Set to 1.
* builds/unix/configure.raw (version_info): Set to 18:1:12.
* CMakeLists.txt (VERSION_PATCH): Set to 1.
* src/autofit/afmodule.c [AF_DEBUG_AUTOFIT]: Ensure C linking for
dumping functions.
|
|
b260dc9f
|
2015-10-04T07:39:22
|
|
[bzip2, gzip] Avoid access of unitialized memory (#46109).
* src/bzip2/ftbzip2.c (ft_bzip2_file_fill_input), src/gzip/ftgzip.c
(ft_gzip_file_fill_input): In case of an error, adjust the limit to
avoid copying uninitialized memory.
|
|
53838ce0
|
2015-10-03T21:12:25
|
|
[bzip2, gzip] Avoid access of unitialized memory (#46109).
* src/bzip2/ftbzip2.c (ft_bzip2_file_fill_output), src/gzip/ftgzip.c
(ft_gzip_file_fill_output): In case of an error, adjust the limit to
avoid copying uninitialized memory.
|
|
e2dae8fe
|
2015-10-01T22:03:34
|
|
[smooth] Clean up worker.
* src/smooth/ftgrays.c (gray_TWorker): Remove never used fields.
|
|
90e437e3
|
2015-10-01T20:00:27
|
|
[sfnt] Make `tt_cmap4_char_map_linear' more robust (#46078).
* src/sfnt/ttcmap.c (tt_cmap4_char_map_linear): Take care of
border conditions (i.e., if the loop exits naturally).
|
|
fab67b85
|
2015-10-01T16:47:05
|
|
* src/autofit/afranges.c (af_deva_nonbase_uniranges): Fix ranges.
They should be a subset of `af_deva_uniranges'.
|
|
5f8f44d2
|
2015-10-01T14:16:03
|
|
[sfnt] Make `tt_cmap4_char_map_linear' faster (#46078).
* src/sfnt/ttcmap.c (tt_cmap4_char_map_linear): Use inner loop to
reject too large glyph indices.
|
|
8bbcfb2c
|
2015-09-30T23:08:53
|
|
[smooth] Clean up worker.
* src/smooth/ftgrays.c (gray_TWorker): Remove lightly used `last_ey'.
(gray_start_cell, gray_render_line): Update.
|
|
dbd04269
|
2015-09-30T17:52:42
|
|
[autofit] Replace `no-base' with `non-base'.
* src/autofit/*: Do it.
|
|
2ff83a5c
|
2015-09-30T14:44:29
|
|
[sfnt] Rewrite `tt_cmap4_char_map_linear' (#46078).
* src/sfnt/ttcmap.c (tt_cmap4_char_map_linear): Add code to better
skip invalid segments.
If searching the next character, provide a more efficient logic to
speed up the code.
|
|
8651f37a
|
2015-09-30T10:26:10
|
|
[truetype] Adjust number of glyphs for malformed `loca' tables.
* src/truetype/ttpload.c (tt_face_load_loca): Implement it.
|
|
483007fc
|
2015-09-29T11:22:15
|
|
[pshinter] Avoid harmless overflow (#45984).
* src/pshinter/pshglob.c (psh_blues_set_zones): Fix it.
|
|
a3046567
|
2015-09-28T09:45:56
|
|
[autofit] Add support for Lao script.
Thanks to Danh Hong <danhhong@gmail.com> for guidance with blue zone
characters!
* src/autofit/afblue.dat: Add blue zone data for Lao.
* src/autofit/afblue.c, src/autofit/afblue.h: Regenerated.
* src/autofit/afscript.h: Add Lao standard characters.
* src/autofit/afranges.c: Add Lao data.
* src/autofit/afstyles.h: Add Lao data.
|
|
fb5268cf
|
2015-09-28T02:01:43
|
|
[base] Fix a leak by broken sfnt-PS or resource fork (#46028).
open_face_from_buffer() frees passed buffer if valid font
is not found. But if copying to the buffer is failed,
the allocated buffer should be freed within the caller.
* src/base/ftobjs.c (open_face_PS_from_sfnt_stream): Free
the buffer `sfnt_ps' if an error caused before calling
open_face_from_buffer().
(Mac_Read_sfnt_Resource): Free the buffer `sfnt_data' if
an error caused before calling open_face_from_buffer();
|
|
8a05d250
|
2015-09-28T01:40:21
|
|
[mac] Fix buffer size calculation for LWFN font.
* src/base/ftmac.c (read_lwfn): Cast post_size to FT_ULong
to prevent confused copy by too large chunk size.
|
|
3dffe8ef
|
2015-09-27T11:30:17
|
|
Add ChangeLog entry.
|
|
19188a9a
|
2015-09-26T16:57:17
|
|
[autofit] Minor tracing improvement.
* src/autofit/aflatin.c (af_latin_metrics_scale_dim): Don't emit
blue zones header line if there are no blue zones.
|
|
41877539
|
2015-09-26T15:19:54
|
|
[bzip2, gzip, lzw] Harmonize function signatures with prototype.
Suggested by Hin-Tak Leung.
* src/bzip2/ftbzip2.c (ft_bzip2_stream_io), src/gzip/ftgzip.c
(ft_gzip_stream_io), src/lzw/ftlzw.c (ft_lzw_stream_io): Do it.
|
|
265ade8e
|
2015-09-26T14:51:30
|
|
Add new FT_LOAD_COMPUTE_METRICS load flag.
* include/freetype/freetype.h (FT_LOAD_COMPUTE_METRICS): New macro.
* src/truetype/ttgload.c (compute_glyph_metrics): Usage.
|
|
d57f2271
|
2015-09-26T08:44:26
|
|
* src/base/ftobjs.c (Mac_Read_sfnt_Resource): Add cast.
|
|
d7f456ee
|
2015-09-26T08:37:14
|
|
Formatting, minor comment corrections.
|
|
2439c515
|
2015-09-25T16:54:28
|
|
[type1] Protect against invalid number of glyphs (#46029).
* src/type1/t1load.c (parse_charstrings): Check number of
`CharStrings' dictionary entries against size of data stream.
|
|
5339c75e
|
2015-09-24T13:39:44
|
|
[sfnt] Better checks for invalid cmaps (2/2) (#46019).
While the current code in `FT_Get_Next_Char' correctly rejects
out-of-bounds glyph indices, it can be extremely slow for malformed
cmaps that use 32bit values. This commit tries to improve that.
* src/sfnt/ttcmap.c (tt_cmap8_char_next, tt_cmap12_next,
tt_cmap12_char_map_binary, tt_cmap13_next,
tt_cmap13_char_map_binary): Reject glyph indices larger than or
equal to the number of glyphs.
|
|
c409eb18
|
2015-09-24T12:39:38
|
|
[base, sfnt] Better checks for invalid cmaps (1/2).
* src/base/ftobjs.c (FT_Get_Char_Index): Don't return out-of-bounds
glyph indices.
(FT_Get_First_Char): Updated.
* src/sfnt/ttcmap.c (tt_cmap6_char_next): Don't return character
codes greater than 0xFFFF.
(tt_cmap8_char_index): Avoid integer overflow in computation of
glyph index.
(tt_cmap8_char_next): Avoid integer overflows in computation of
both next character code and glyph index.
(tt_cmap10_char_index): Fix unsigned integer logic.
(tt_cmap10_char_next): Avoid integer overflow in computation of
next character code.
(tt_cmap12_next): Avoid integer overflows in computation of both
next character code and glyph index.
(tt_cmap12_char_map_binary): Ditto.
(tt_cmap12_char_next): Simplify.
(tt_cmap13_char_map_binary): Avoid integer overflow in computation
of next character code.
(tt_cmap13_char_next): Simplify.
|
|
e982f5b7
|
2015-09-21T23:07:22
|
|
[base] Check too long POST and sfnt resource (#45919).
* src/base/ftbase.h (FT_MAC_RFORK_MAX_LEN): Maximum length
of the resource fork for Mac OS. The resource fork larger
than 16 MB can be written but could not be handled
correctly, at least in Carbon routine.
See https://support.microsoft.com/en-us/kb/130437
* src/base/ftobjs.c (Mac_Read_POST_Resource): No need `0x'
for `%p' formatter.
* src/base/ftbase.c (Mac_Read_POST_Resource): Check the
fragment and total size of the concatenated POST resource
before buffer allocation.
(Mac_Read_sfnt_Resource): Check the declared size of
sfnt resource before buffer allocation.
* src/base/ftmac.c (read_lwfn, FT_New_Face_From_SFNT):
Check the total resource size before buffer allocation.
|
|
730b6d74
|
2015-09-19T12:41:12
|
|
[sfnt] Improve handling of invalid SFNT table entries (#45987).
This patch fixes weaknesses in function `tt_face_load_font_dir'.
- It incorrectly assumed that valid tables are always at the
beginning. As a consequence, some valid tables after invalid
entries (which are ignored) were never seen.
- Duplicate table entries (this is, having the same tag) were not
rejected.
- The number of valid tables was sometimes too large, leading to
access of invalid tables.
* src/sfnt/ttload.c (check_table_dir): Add argument to return number
of valid tables.
Add another tracing message.
(tt_face_load_font_dir): Only allocate table array for valid
entries as returned by `check_table_dir'.
Reject duplicate tables and adjust number of valid tables
accordingly.
|
|
cb7a5122
|
2015-09-19T07:58:03
|
|
[pcf] Improve `FT_ABS' fix from 2015-09-17 (#45999).
* src/pcf/pcfread.c (pcf_load_font): Do first the cast to FT_Short,
then take the absolute value.
Also apply FT_ABS to `height'.
|
|
f28c95c4
|
2015-09-17T19:30:26
|
|
[type42] Fix memory leak (#45989).
* src/type42/t42parse.c (t42_parse_charstrings): Allow only a single
`CharStrings' array.
|
|
4942c2bb
|
2015-09-17T17:56:53
|
|
[psaux] Fix memory leak (#45986).
* src/psaux/psobjs.c (ps_parser_load_field) <T1_FIELD_TYPE_MM_BBOX>:
Free `temp' in case of error.
|
|
7d364b7e
|
2015-09-17T16:31:58
|
|
[psaux] Improve tracing message.
* src/psaux/psobjs.c (ps_parser_load_field) <T1_FIELD_TYPE_MM_BBOX>:
Handle plural correctly.
|
|
c838c4f7
|
2015-09-17T16:22:40
|
|
[pcf] Fix integer overflows (#45985).
* src/pcf/pcfread.c (pcf_load_font): Use FT_MulDiv.
|
|
9db9adda
|
2015-09-17T13:42:59
|
|
[pcf] Use FT_ABS for some property values (#45893).
* src/pcf/pcfread.c (pcf_load_font): Take absolute values for
AVERAGE_WIDTH, POINT_SIZE, PIXEL_SIZE, RESOLUTION_X, and
RESOLUTION_Y. In tracing mode, add warnings.
|
|
bd0438a4
|
2015-09-16T18:05:43
|
|
Minor fixes for some clang warnings.
* src/base/ftoutln.c (FT_Outline_EmboldenXY): Cast, possible missing
initialization.
* src/truetype/ttgload.c (TT_Process_Composite_Component): Cast.
|
|
19cb1127
|
2015-09-15T08:52:36
|
|
[type1, type42] Fix memory leaks (#45966).
* src/type1/t1load.c (parse_blend_axis_types): Handle multiple axis
names.
(parse_blend_design_map): Allow only a single design map.
(parse_encoding): Handle multiple encoding vectors.
* src/type42/t42parse.c (t42_parse_encoding): Handle multiple
encoding vectors.
|
|
7f0f4011
|
2015-09-15T07:23:53
|
|
[truetype] Fix integer type (#45965).
* src/truetype/ttobjs.c (tt_synth_sfnt_checksum): Implement it.
|
|
577daf1c
|
2015-09-15T07:10:16
|
|
* src/pcf/pcfread.c (pcf_load_font): Fix integer overflow (#45964).
|
|
581c7e2a
|
2015-09-15T06:49:06
|
|
[type1, type42] Check encoding array size (#45961).
* src/type1/t1load.c (parse_encoding), src/type42/t42parse.c
(t42_parse_encoding): Do it.
|
|
3ea0d2c6
|
2015-09-13T23:19:34
|
|
* src/base/ftcalc.c (FT_MulFix) [FT_LONG64]: Improve.
|
|
7962a15d
|
2015-09-14T00:38:26
|
|
[type1] Fix another potential buffer overflow (#45955).
* src/type1/t1parse (T1_Get_Private_Dict): Assure that check for
`eexec' doesn't exceed `limit'.
|