kc3-lang/freetype/src
Branch :
Log
| Author | Commit | Date | CI | Message |
|---|---|---|---|---|
 |
de8b92dd | 2023-02-09 07:01:12 | * Version 2.13 released. ========================== Tag sources with `VER-2-13-0'. * docs/VERSION.TXT: Add entry for version 2.13. * docs/CHANGES: Updated. * README, src/base/ftver.rc, builds/windows/vc2010/index.html, builds/windows/visualc/index.html, builds/windows/visualce/index.html, builds/wince/vc2005-ce/index.html, builds/wince/vc2008-ce/index.html, docs/freetype-config.1: s/2.12.1/2.13/, s/2121/2130/. * include/freetype/freetype.h (FREETYPE_MINOR): Set to 13. (FREETYPE_PATCH): Set to 0. * builds/unix/configure.raw (version_info): Set to 25:0:19. * CMakeLists.txt (VERSION_MINOR): Set to 13. (VERSION_PATCH): Set to 0. | |
|
995ccfac | 2023-02-08 21:49:56 | [autofit] Fix 'multi' compilation. * src/autofit/ft-hb.c: Decorate with `FT_LOCAL_DEF`. Add ANSI boilerplate code for otherwise empty file. * src/autofit/ft-hb.h: Include `compiler-macros.h` and `freetype.h`. Use `FT_BEGIN_HEADER` and `FT_END_HEADER`. Decorate with `FT_LOCAL`. * src/autofit/rules.mk (AUTOF_DRV_SRC): Add `ft-hb.c`. | |
|
663486a7 | 2023-02-08 20:56:19 | Fix `FT_LOCAL` and `FT_LOCAL_DEF` tags. | |
|
ac5babe8 | 2023-02-08 19:36:10 | Fix 'fall-through' warning messages. Modern compilers get more insistent on that... * include/freetype/internal/compiler-macros.h (FALL_THROUGH): Define. * src/*: Use it instead of `/* fall through */` comments. | |
|
be724c81 | 2023-02-07 22:24:53 | For debugging, avoid implicit conversion from integer to double. Otherwise we get zillions of clang 15 warnings. * src/autofit/afcjk.c, src/autofit/afhints.c, src/autofit/aflatin.c, src/base/ftobjs.c, src/base/ftoutln.c, src/cff/cffparse.c, src/raster/ftraster.c, src/sfnt/pngshim.c, src/truetype/ttgload.c, src/truetype/ttgxvar.c, src/truetype/ttobjs.c, src/type1/t1gload.c: Use `double` cast in debugging and tracing macros. | |
|
37bc7c26 | 2023-02-07 07:37:07 | Avoid reserved identifiers that are globally defined. This is mandated by the C99 standard, and clang 15 produces zillions of warnings otherwise. * devel/ftoption.h, include/freetype/config/ftoption.h, include/freetype/internal/ftmemory.h, src/autofit/afhints.h, src/autofit/afmodule.c, src/autofit/aftypes.h, src/base/ftadvanc.c, src/base/ftdbgmem.c, src/base/ftstream.c, src/bdf/bdflib.c, src/truetype/ttinterp.c: Replace identifiers of the form `_foo` with `foo_`. | |
|
da9eb9c7 | 2023-02-07 07:01:36 | Fix minor clang and clang++ warnings. | |
 |
4c3916e9 | 2023-02-08 14:58:46 | [truetype, type1] Additional variation tags. Sync with https://learn.microsoft.com/en-us/typography/opentype/spec/dvaraxisreg#registered-axis-tags * src/truetype/ttgxvar.h (TTAG_ital): New tag. * src/truetype/ttgxvar.c (TT_Get_MM_Var): Use it. * src/type1/t1load.c (T1_Get_MM_Var): Handle 'slnt' and 'ital'. | |
|
27b2cd41 | 2023-02-07 23:03:18 | * src/base/ftsynth.c (FT_GlyphSlot_Slant): Add vertical slant. * include/freetype/ftsynth.h (FT_GlyphSlot_Slant): Update it. | |
 |
515bdfef | 2023-01-04 19:15:38 | [sdf] Use 32-bit integers internally. * src/sdf/ftsdfcommon.h (FT_16D16, FT_26D6): Use 32-bit integers instead of `FT_Fixed` for internal data types. `FT_Fixed` i.e. `signed long` is 64-bit on some architectures. | |
|
1bbec9e9 | 2023-02-04 08:34:58 | * src/type1/t1afm.c (T1_Read_Metrics): Reaffirm ascender and descender. | |
|
82c131ac | 2023-02-04 03:20:25 | * src/type1/t1afm.c (T1_Read_Metrics): Validate ascender and descender. The ascender and descender are optional in the AFM specifications. They could be omitted or even set to zero, e.g., in the current release of URW++ base 35 fonts. | |
|
646cc8ef | 2023-02-02 10:38:18 | * src/cff/cffgload.c (cff_slot_load): Avoid memory leak. Fixes issue #1204. | |
|
9508811a | 2023-02-01 12:01:58 | * src/truetype/ttgxvar.c (tt_var_get_item_delta): Check `face->blend`. Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=55581 | |
|
e97544a7 | 2023-01-28 17:04:38 | Minor changes. Comment fixes, typos, removing of unnecessary parentheses. | |
|
bacc48e6 | 2023-01-28 17:04:11 | Whitespace. | |
 |
bea675cd | 2023-01-26 14:07:25 | [ttgxvar] Fix crash in COLRv1. This is a stopgap until issue #1202 is properly fixed. * src/truetype/ttxgvar.c (tt_var_get_item_delta): Check `normalizedcoords`. | |
 |
d680908a | 2023-01-17 16:18:28 | [base] Fix typo. * src/base/ftobjs.c (open_face_PS_from_sfnt_stream): Request module 't1cid', not 'cid'. | |
|
188019eb | 2023-01-17 16:04:30 | [base] Return error if requested driver is not found. In `open_face_from_buffer` it is possible that a driver is requested but FreeType was built without the requested module. Return an error in this case to indicate that the request could not be satisfied, rather than trying all existing driver modules. * src/base/ftobjs.c (open_face_from_buffer): Return `FT_Err_Missing_Module` if a driver is specified but not found. | |
 |
a297feab | 2023-01-17 14:30:48 | [sfnt] Avoid nullptr dereference in reading malformed 'COLR' v1 table. Fixes https://bugs.chromium.org/p/chromium/issues/detail?id=1408044. * src/sfnt/ttcolr.c (tt_face_load_colr): When the 'COLR' v1 table header is too small, don't deallocate delta set index map structures. | |
|
f80be4e9 | 2023-01-17 18:48:54 | * src/tools/update-copyright: Allow execution from other repositories. We use this for `freetype-demos`. | |
|
65f85237 | 2023-01-17 09:18:25 | Update all copyright notices. | |
|
6c1bd0f2 | 2023-01-17 09:15:36 | * src/tools/no-copyright: Updated. | |
|
29f83d1d | 2023-01-12 23:45:12 | [base] 'close' callback may not use `stream->memory`. The documentation for `FT_StreamRec::memory` states that it 'shouldn't be touched by stream implementations'. This is true even for internal implementations of the 'close' callback, since it is not guaranteed that `memory` will even be set when the 'close' callback occurs. * src/base/ftobjs.c (new_memory_stream): stash current `memory` in `stream->descriptor`. (memory_stream_close): Use it. | |
|
0d4f887c | 2023-01-12 22:43:08 | [base] Always close user-provided stream. The `FT_Open_Face` documentation states > If `FT_OPEN_STREAM` is set in `args->flags`, the stream in `args->stream` > is automatically closed before this function returns any error (including > `FT_Err_Invalid_Argument`). However, if the user provides a stream in `args.stream` with `FT_OPEN_STREAM` set and a `close` function, but then for some reason passes NULL for `aface` and a non-negative `face_index`, the error `Invalid_Argument` is returned but the `close` callback will not be called on the user-provided stream. This may cause resource leaks if the caller is depending on the `close` callback to free resources. The difficulty is that a user may fill out a `FT_StreamRec` and pass its address as `args.stream`, but the stream isn't really 'live' until `FT_Stream_New` is called on it (and `memory` is set). In particular, it cannot really be cleaned up properly in `ft_open_face_internal` until the stream pointer has been copied into the `stream` local variable. * src/base/ftobj.c (ft_open_face_internal): Ensure that user-provided `args.stream.close` is called even with early errors. | |
|
13983b05 | 2023-01-11 14:47:26 | [base] Fix leak of internal stream marked external. `open_face_from_buffer` allocates a new `FT_Stream` to pass to `ft_open_face_internal`. Because this is an `FT_OPEN_STREAM`, `ft_open_face_internal` will mark this as an 'external stream', which the caller must free. However, `open_face_from_buffer` cannot directly free it because the stream must last as long as the face. There is currently an attempt at this by clearing the 'external stream' bit after `open_face_from_buffer` returns successfully. However, this is too late as the original stream may have already been closed and the stream on the face may not be the same stream as originally passed. It is tempting to use `FT_OPEN_MEMORY` and let `ft_open_face_internal` create the stream internally. However, with this method there is no means to pass through a 'close' function to the created stream to free the underlying data, which must be owned by the stream. A possibility is to check on success if the stream of the face is the same as the original stream. If it is then unset the external flag. If not, then free the original stream. Unfortunately, while no current implementation does so, it is possible that the face still has the original stream somewhere other than as the `FT_FaceRec::stream`. The stream needs to remain available for the life of the face or until it is closed, whichever comes earlier. The approach taken here is to let the stream own itself. When the stream is closed it will free itself. * src/base/ftobjs.c (memory_stream_close): Free `stream`. (open_face_from_buffer): Simplify error handling, since `ft_open_face_internal` always closes `args.stream` on any error. Fixes: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=54930 | |
|
6a179ff7 | 2023-01-16 16:38:56 | sr/*.c: Various minor fixes. * src/autofit/ft-hb.c (_hb_ft_reference_table): Call `FT_UNUSED` after variable declarations. * src/gxvalid/gxvjust.c (gxv_just_widthDeltaClusters_validate): Eliminate unused variable. * src/gzip/ftgzip.c: Don't call GCC '-Wstrict-prototypes' pragma for C++ compiler. * src/sfnt/ttcolr.c (ENSURE_READ_BYTES): Remove final semicolon to avoid compiler warning. * src/sfnt/ttsvg.c (tt_face_load_svg_doc): Fix signedness warning. | |
|
2692b321 | 2023-01-03 17:19:02 | [sfnt] Remove temporary runtime flag for variable 'COLR' v1. Fixes #1187. * src/sfnt/ttcolr.c (top level, read_paint, tt_face_load_colr, tt_face_free_colr, get_deltas_for_var_index_base, tt_face_get_color_glyph_clipbox, tt_face_get_colorline_stops): Remove macro definition `VARIABLE_COLRV1_ENABLED` and its usage. * src/truetype/ttdriver.c (tt_property_set): Remove parsing of 'TEMPORARY-enable-variable-colrv1' property name. * src/truetype/ttobjs.h (TT_DriverRec): Remove `enable_variable_colrv1` flag. | |
|
b1c90733 | 2023-01-07 07:40:12 | * src/autofit/ft-hb.c (_hb_ft_reference_table): Minor integration fixes. | |
|
3481b154 | 2023-01-05 21:07:26 | [truetype] Reset cvt and storage in context load. Currently the cvt and storage are saved and restored in `TT_RunIns`. However, this is too granular as the cvt and storage area should be set to the original cvt and storage area only when setting up the hinting context. This allows for the cvt and storage area to be modified while parsing multiple glyphs, as is the case with composite glyphs. * src/truetype/ttinterp.h (TT_ExecContextRec): Remove `origCvt` and `origStorage`. * src/truetype/ttinterp.c (TT_RunIns): Don't save and restore the cvt and storage area. (Modify_CVT_Check, Ins_WS): Switch from "if in glyph and using original data do copy on write" to "if in glyph and not using glyph specific data do copy on write". | |
 |
ebe7e912 | 2023-01-02 20:13:22 | [autofit] Don't depend on 'hb-ft'. The circular dependency is still there, but at least we no longer depend on the HarfBuzz API that is only present if HarfBuzz has been built with FreeType support, making the bootstrapping a bit easier. * src/autofit/ft-hb.c, src/autofit/ft-hb.h: New files, providing `_hb_ft_font_create`, which is more or less a verbatim copy of the corresponding HarfBuzz code from file `hb-ft.cc`. * src/autofit/afglobal.c (af_face_globals_new): Use it. * src/autofit/afshaper.h: Don't include `hb-ft.h` but `ft-hb.h`. * src/autofit/autofit.c: Include `ft-hb.c`. * LICENSE.TXT: Updated. | |
|
262b47ac | 2023-01-05 15:24:25 | [truetype] Keep variation store consistent. `tt_var_load_item_variation_store` fills out a `GX_ItemVarStore`. While it may return an error, the item store must be left in a consistent state so that any use or destruction of the item store can properly use or free the data in it. Before this change the counts from the font data were read directly into the item store before the actual allocation of the arrays to which they referred. There exist many opportunities between the time the counts are read and the arrays are allocated to return early due to invalid data. When this happened the item store claimed to have entires it actually did not, leading to crashes later when it was used. Fixes: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=54449 * src/truetype/ttgxvar.c (tt_var_load_item_variation_store): Read the counts into local variables and store them in the item store only after the related arrays are actually created on the item store. | |
|
15afb554 | 2023-01-05 12:42:55 | [base] Report used stream's external status. In `open_face` the initial stream is set on the face, along with the information about if FreeType is the owner of the stream object itself. The loaders may in the course of their work replace this stream with a new stream (as is the case for 'woff' and 'woff2'), which may have a different ownership than the initial stream object (likely the original stream object is owned by the user and is external, while the new stream object is created internally to FreeType and is internal). When the stream is replaced, the face's flags are updated with the new ownership status. However, `open_face` cannot itself free this stream as its caller `ft_open_face_internal` is responsible for this. In addition, in the case of an error `open_face` cannot return an actual face with the new stream and its ownership status to the caller. As a result, it must pass this information back to the caller as a sort of "failed face" so that the caller can clean up. `open_face` was already passing back the new stream but was not passing back the stream ownership information. As a result the stream may not have been free'd when needed. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=54700 * src/base/ftobjs.c (open_face): Pass back the ownership information as well. (ft_open_face_internal): Updated. | |
|
63f37136 | 2023-01-04 15:52:41 | [sfnt] Fix color stop bounds check calculation at table end. Fixes https://bugs.chromium.org/p/skia/issues/detail?id=14021 * src/sfnt/ttcolr.c (VAR_IDX_BASE_SIZE): New macro. (tt_face_get_colorline_stops): Fix off-by-one bounds check calculation, take `VarColorStop` into account, and hopefully make it easier to read. | |
|
81a456b2 | 2023-01-04 22:41:34 | * src/base/ftobjs.c (FT_Request_Metrics): Avoid division by zero. The division-by-zero might happen in broken fonts (see #1194). Instead of returning a huge number from FT_DivFix and failing to scale later, we now bail immediately. | |
|
0bcb664d | 2022-12-20 16:38:39 | [psaux] Delay the upem validity assertion. Fixes #1194. * src/psaux/psft.c (cf2_getUnitsPerEm): Remove the upem assert. (cf2_checkTransform): Assert the upem validity after checking the scale. | |
 |
ace97a02 | 2022-12-14 09:58:44 | [gzip] Make static compilation not leak global symbols. * src/gzip/ftgzip.c (HAVE_HIDDEN): Do not define; it is no longer needed because everything is static. (HAVE_MEMCPY): Define. (zcalloc, zcfree): Remove no longer needed definitions (because `Z_SOLO` is active). * src/gzip/patches/freetype-zlib.diff: Regenerated. Fixes #1146. Co-authored-by: Werner Lemberg <wl@gnu.org> | |
|
bc3aa767 | 2022-12-14 10:27:13 | * src/gzip/ftzconf.h: Updated to zlib 1.2.13. I forgot to copy that file. | |
|
26e9028f | 2022-12-13 09:53:26 | [sdf, sfnt] Handle minor compiler warnings. * src/sdf/ftsdf.c (get_min_distance_conic): Initialize `nearest_point`. * src/sfnt/ttsvg.c (find_doc): Initialize `mid_doc`. Fixes #1195. | |
 |
aca4ec59 | 2022-11-22 22:34:41 | * src/base/ftdbgmem.c (ft_mem_source_compare): Add FT_COMPARE_DEF. Closes !230. | |
|
1c44de20 | 2022-11-20 22:37:08 | * src/autofit/afloader.c (af_loader_load_glyph): Remove `size` check. This is done by `FT_Load_Glyph`. | |
|
4e6906cc | 2022-11-18 14:03:19 | Comments added. | |
 |
0f43a0e7 | 2022-11-16 07:50:52 | * src/autofit/afloader.c (af_loader_load_glyph): Fix dereference. This must happen after the NULL check. Taken from https://github.com/freetype/freetype/pull/2 | |
|
47e61d02 | 2022-11-14 22:53:14 | * src/pcf/pcfutil.c ({Two,Four}ByteSwap): Use builtins or shifts. We trust glibc which uses shifts or builtins to swap bytes. This must be more efficient. | |
|
e6fda039 | 2022-11-14 19:18:19 | * src/truetype/ttgxvar.c (tt_hvadvance_adjust): Integer overflow. Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50462 | |
|
ba4bd5b9 | 2022-11-07 10:52:33 | Add `TT_CONFIG_OPTION_NO_BORING_EXPANSION` configuration macro. This gives users a possibility to deactivate new features not (yet) in the OpenType standard. * include/freetype/config/ftoption.h, devel/ftoption.h (TT_CONFIG_OPTION_NO_BORING_EXPANSION): New macro. * src/truetype/ttgxvar.c (ft_var_load_avar): Use it to disable 'avar' version 2.0 support. | |
|
e97cb9e8 | 2022-11-09 15:42:25 | [truetype] Improve bounds checks for `ItemVariationStore`. * src/truetype/ttgxvar.c (tt_hvadvance_adjust): Move bounds check ... (tt_var_get_item_delta): ... to this function, because it is safer. For example, the 'avar' table 2.0 codepath was not performing a bounds check at all. | |
|
9be958ca | 2022-11-09 15:41:34 | [truetype] In `ItemVariationStore`, value 0xFFFF for `dataCount` is valid. It corresponds to outer indices of 0 to 0xFFFE. * src/truetype/ttgxvar.c (tt_var_load_item_variation_store): Remove invalid code. | |
|
109179c7 | 2022-11-10 23:25:48 | [pcf] Improve CMap efficiency and readability. * src/pcf/pcfdrivr.c (pcf_cmap_char_{index,next}): Check and walk the encoding array indexes. | |
|
9154707f | 2022-11-07 16:58:56 | [truetype] Check avar_segment before access * src/truetype/ttgxvar.c (tt_done_blend): check `avar_segment` before accessing to free its `correspondence`. Reported as: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53062 | |
|
d38407f7 | 2022-11-07 15:11:37 | [truetype] Restore behavior of ft_var_load_hvvar * src/truetype/ttgcvar.c (ft_var_load_hvvar): restore previous behavior In a previous change [0] the behavior of `ft_var_load_hvvar` was changed to not load the item variation store if it was at offset 0, but not return an error when this happened. This broke any users, like `tt_hvadvance_adjust`, that rely on successful completion of `ft_var_load_hvvar` to imply that returned table's `itemStore` had been initialized. This lead such users to dereference NULL. This change appears to have been unintentional and unrelated to the actual avar2 changes. As a result, fix these NULL dereferences by restoring the code to always attempt to initialize the `itemStore`. [0] ae4eb996 "[truetype] Add support for `avar` table 2.0 format." Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53061 | |
 |
32cfab4b | 2022-10-10 14:22:12 | [build] fix for make multi Fix "make multi" by MR !223 * include/freetype/internal/services/svmm.h: include ftmm.h to define FT_Get_MM_Func. * src/truetype/ttgxvar.h: include ftmmtypes.h to use GX_AVarTable properly. * src/base/ftmac.c: include ftdebug.h to use FT_THROW() properly. | |
|
e00afdb3 | 2022-11-07 21:36:32 | * src/pfr/pfrsbit.c (pfr_lookup_bitmap_data): Accelerate the search. This is mostly for consistency because PFR fonts with bitmap strikes do not seem to exist. | |
|
6139f2b6 | 2022-11-06 13:12:47 | [bdf, pfr, psnames] Accelarate charmap searches. The binary searches within charmaps can be accelerated because they often contain dense continuous blocks of character codes. Within such blocks, you can predict matches based on misses. This method has been deployed in `bdf` since 0f122fef34; we only refactor it there. We now use it in `pfr` and `psnames`, which speeds up the unicode charmap access by about 50% in PFR and Type 1 fonts. * src/bdf/bdfdrivr.c (bdf_cmap_char_{index,next}): Refactor. * src/pfr/pfrcmap.c (pfr_cmap_char_{index,next}): Predict `mid` based on the mismatch distance. * src/psnames/psmodule.c (ps_unicodes_char_{index,next}): Ditto. | |
|
ae4eb996 | 2022-07-23 13:49:27 | [truetype] Add support for `avar` table 2.0 format. See https://github.com/harfbuzz/boring-expansion-spec/blob/main/avar2.md for the specification. Currently, this is implemented only in most recent OS versions on Apple platforms and in the HarfBuzz library, but it is expected to be added to the OpenType standard soon. * src/truetype/ttgxvar.h (GX_AVarTableRec): New structure. (GX_BlendRec): Use it to replace `avar_segment` with `avar_table`. * src/truetype/ttgxvar.c (ft_var_load_avar): Load new table version. (ft_var_to_normalized, tt_done_blend): Extend for new format. (ft_var_load_hvvar, ft_var_to_design): Updated. | |
|
dea2e635 | 2022-10-24 06:59:45 | Replace '1/64th' (and similar entries) with '1/64' in docs and comments. | |
|
ffbbf3df | 2022-10-21 15:55:30 | * src/truetype/ttgload.c: Cosmetic changes. | |
|
1bfaca06 | 2022-10-21 07:18:06 | [cff, truetype] Simplify SVG metrics scaling. Use pre-calculated scaling factors. Also, the advance widths used to be rounded, which was incorrect. * src/cff/cffgload.c (cff_slot_load): Use `x_scale` and `y_scale`. * src/truetype/ttgload.c (TT_Load_Glyph): Ditto. | |
|
0b62c1e4 | 2022-10-18 14:45:43 | [sfnt] Additional bounds checks for `COLR` v1 table handling. * src/sfnt/ttcolr.c (read_paint): Add `colr` argument, necessary for... ... another use of `ENSURE_READ_BYTES`. Update callers. (tt_face_get_paint_layers): Ensure that the 4-byte paint table offset can be read. This is a follow-up to !124 and issue https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=52404 | |
|
af46fcc1 | 2022-10-18 19:40:03 | [gzip] Update sources to zlib 1.2.13. | |
|
b8882a3e | 2022-10-18 15:58:02 | * src/sfnt/ttsbit.c (tt_face_load_strike_metrics): Simplify calculations. | |
|
c943d408 | 2022-10-18 11:41:00 | Minor formatting. | |
|
04272824 | 2022-10-17 18:18:49 | [sfnt] Guard individual `COLR` v1 paint field reads. * src/sfnt/ttcolr.c (ENSURE_READ_BYTES): New macro. (read_paint): Use it – after the start pointer `p` has been checked for whether it allows reading the format byte, each successive paint table field read need to be bounds-checked before reading further values. Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=52404 | |
 |
bb59c3c9 | 2022-10-16 22:10:19 | * src/base/ftsynth.c (FT_GlyphSlot_Slant): New API with custom slant. * include/freetype/ftsynth.h (FT_GlyphSlot_Slant): Declare it. | |
|
5182264a | 2022-10-10 12:31:53 | [cff] Remove `FT_CONFIG_OPTION_NO_GLYPH_NAMES`. This ancient option stayed completely undocumented. Given that the 'cff' driver requires the 'psnames' module, it makes no sense today to have this macro. * src/cff/cffdrivr.c (cff_services), src/cff/cffobjs.c (cff_face_init): Remove corresponding conditional code. | |
|
141d979a | 2022-10-10 12:25:51 | Minor comment changes. | |
|
0417527d | 2022-10-03 19:23:26 | [autofit] Reset the face charmap directly. There is no need to validate the original charmap in `FT_Set_Charmap`. It can be reset directly. * src/autofit/afglobal.c (af_face_globals_compute_style_coverage): Use direct assignment. * src/autofit/af{latin,cjk,indic}.c (af_latin_metrics_init): Ditto. | |
|
1b6dce84 | 2022-10-03 19:18:48 | * src/type1/t1afm.c (T1_Read_PFM): Set charmaps directly. As with the previous commit, we can avoid the validation checks of `FT_Set_Charmap` and set it directly when choosing from the available list. | |
|
8faf57dd | 2022-10-03 17:13:30 | * src/cache/ftccmap.c (FTC_CMapCache_Lookup): Avoid `FT_Set_Charmap`. Set charmap aggressively without all validations of `FT_Set_Charmap` because we take it from the available array and only temporarily. Even CMap Format 14 will gracefully return 0. | |
|
b93f20ab | 2022-10-03 15:10:12 | * src/cache/ftcbasic.c (ftc_basic_family_get_count): Remove redundancy. | |
|
de8f14a8 | 2022-09-30 23:25:02 | * src/psaux/pshints.c (cf2_hintmap_insertHint): Fix midpoint computation. Replace '(start + end) / 2' with 'start + (end - start) / 2' to avoid overflow. Fixes #1180. | |
|
2adb810c | 2022-09-30 17:00:10 | * src/psaux/pshints.c (cf2_hintmap_build): Improve debugging output. | |
 |
90527092 | 2022-09-29 18:38:06 | [truetype] Fix undefined pointer arithmetic. * src/truetype/ttgxvar.c (tt_var_get_item_delta, ft_var_load_mvar): Use `FT_OFFSET`. | |
|
ff66e912 | 2022-09-29 17:46:23 | * src/sfnt/ttsbit.c (tt_face_load_strike_metrics): Use lighter FT_DivFix. | |
 |
5faa1df8 | 2022-09-29 18:25:41 | [base] FT_Attach_Stream: Make `parameters` argument constant. | |
 |
3f3427c6 | 2022-09-28 22:35:49 | * src/tools/*.py: Migrate to Python 3. Fixes #1185, closes !205. Formatting changes according to PEP8. | |
|
df260139 | 2022-09-27 17:50:55 | [sfnt] Guard access in 'COLR' table when requesting child table pointer. * src/sfnt/ttcolr.c (tt_face_get_colorline_stops, read_paint): Tighten pointer bounds checks. (get_child_table_pointer): Check whether incoming pointer `p` lies within the 'COLR' table. Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51816 | |
|
bd417007 | 2022-09-26 14:46:42 | [sfnt] Add SVG document bounds checking. Add a check that the document content is actually contained within the `SVG ` table. Without this check a malformed font may claim arbitrary memory as its document content. * src/sfnt/ttsvg.c (tt_face_load_svg): Take `numEntries` into account when testing 'documentRecord' extents. (find_doc): Rename `stream` to `document_records` for clarity. (tt_face_load_svg_doc): Split `doc` from `doc_list` pointer for clarity. Test that the document content is contained within the table. Ensure minimum length of document before testing for gzip format. Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51812 | |
|
c9c32631 | 2022-09-22 20:40:21 | [base] Clean up the bitmap flow control. * src/base/ftbitmap.c (FT_Bitmap_Copy): Flip the copy if its pitch is trully opposite, zero is not a positive value. (FT_Bitmap_Convert): Set negative pitch as needed, accept negative alignment values. | |
|
c456eeb4 | 2022-09-22 15:09:17 | [base] Discard and recreate bitmaps for copying and converting. Reusing target bitmaps for copying and converting is permitted. It is, however, pointless to preserve their content before overwriting. Free- malloc might be faster than realloc. * src/base/ftbitmap.c (FT_Bitmap_Copy, FT_Bitmap_Convert): Free an old buffer and create a new one. | |
|
33ceac2a | 2022-09-15 09:47:07 | Reject 'COLR' table if version is 1 but header too small. * src/sfnt/ttcolr.c (tt_face_load_colr): If the version is determined to be 1, then the table size has to be at least the size of the v1 header. Also, for peeking the number of base glyphs and entries in the layer list, ensure that the table is sufficiently long. Fixes #1179. Original patch by Sergey Temnikov. | |
|
a0d15364 | 2022-09-15 09:14:06 | * src/otvalid/otvgsub.c (otv_SingleSubst_validate): Fix format 1 handling. Fixes #1181. | |
|
8e68439a | 2022-09-06 15:57:11 | [truetype] Reject 'fvar' loading when `num_instances` is too small. * src/truetype/ttgxvar.c (TT_Get_MM_Var): Reject retrieving master when 'fvar' values locally do not match with sanitized values from initialization at `sfnt_init_face` time. Reported as https://bugs.chromium.org/p/chromium/issues/detail?id=1360295 | |
|
91a7fae7 | 2022-09-05 15:49:27 | [sfnt] Handle variable `COLR` v1 fonts without delta set index map Fixes #1178. * src/sfnt/ttcolr.c (get_deltas_for_var_index_base): Set outer index to 0 and inner index to the delta index when retrieving deltas if the `COLR` table has no delta set index map. | |
|
6d62076a | 2022-08-30 15:00:37 | [sfnt] Pointer sanity checks before reading layer info in 'COLR' v0 * src/sfnt/ttcolr.c (tt_face_get_colr_layer): Check that the pointer to read from is within the 'COLR' table. Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50633 | |
|
048f2e24 | 2022-09-05 10:43:59 | [autofit] Minor fix. * src/autofit/afglobal.c (af_face_globals_compute_style_coverage): Avoid compiler warning. | |
|
a1017e26 | 2022-08-19 19:07:42 | [sfnt] Don't require 'gvar' table to support variation fonts. Fixes #1172. * src/sfnt/sfobjs.c (sfnt_load_face): Tag font as Multiple Masters font if `fvar` is present; do not require other tables to be present. * src/truetype/ttgxvar.c (tt_set_mm_blend): Allow for a missing 'gvar' table when setting variation coordinates. However, if a 'gvar' table is actually present, do perform a sanity check and fail on malformedness. (TT_Get_MM_Var): Don't assume 'fvar' needs 'gvar' or 'CFF2 tables in all cases, which is an overly tight check. | |
|
dd91f6e7 | 2022-08-26 22:24:02 | * src/base/ftver.rc: Explicitly use UTF-16. Fixes #1177 to avoid mistranslation and other problems. | |
|
4797b2ff | 2022-08-26 12:08:34 | [sfnt] Avoid undefined shifts in `COLR` v1 color line retrieval * src/sfnt/ttcolr.c (tt_face_get_colorline_stops): Disambiguate shift behavior by using multiplication using macros from ftcalc.h. Fixes: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50573 | |
 |
37b718d5 | 2022-08-15 10:44:05 | [base, type1] Better handling of out-of-memory situations. This follows similar code in `cff_slot_done`. * src/base/ftobjs.c (ft_glyphslot_done), src/type1/t1objs.c (T1_GlyphSlot_Done): Check `internal` pointer. The Type1 problems was reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50057. | |
 |
90e1e39f | 2022-08-03 22:54:38 | * src/cache/ftcmanag.c (FTC_Manager_New): Initialize `cur_weight`. See !192. | |
|
dcb5fc5b | 2022-08-02 17:10:25 | * src/sfnt/ttload.c: Trace formatting updates. | |
|
d53c1141 | 2022-08-02 12:57:39 | * src/psaux/psobjs.c (ps_table_release): Remove redundant casting. | |
|
480be443 | 2022-08-01 22:59:58 | * src/base/ftobjs.c (Mac_Read_sfnt_Resource): Reduce casting. | |
|
039b9071 | 2022-08-01 20:19:12 | [cache] Remove some casts, clean up tracing. * src/cache/ftcbasic.c (FTC_ImageCache_Lookup, FTC_SBitCache_Lookup): Clean up tracing types. * src/cache/ftccache.c (ftc_node_destroy): Ditto. * src/cache/ftcmanag.c (FTC_Manager_Check): Ditto. (FTC_Manager_Check, FTC_Node_Unref): Remove a cast. * src/cache/ftccmap.c (FTC_CMapCache_Lookup): Ditto. | |
|
a18ad83e | 2022-08-01 13:20:13 | [autofit] Updated to reduce casting (cont'd). * src/autofit/afmodule.h (AF_ModuleRec): Change `default_script` type. * src/autofit/afglobal.c (af_face_globals_compute_style_coverage): Remove casting. * src/autofit/afmodule.c (af_property_{set,get}): Updated accordingly. | |
|
4f195185 | 2022-08-01 09:52:43 | [autofit] Updated to reduce casting. * src/autofit/afglobal.h (AF_FaceGlobalsRec): Change `glyph_count` type. * src/autofit/afglobal.c (af_face_globals_compute_style_coverage, af_face_globals_get_metrics, af_face_globals_is_digit, af_face_globals_new): Changed local types and updated accordingly. * src/autofit/aflatin.c (af_latin_metrics_init_blues): Ditto. | |
|
9de432f7 | 2022-07-31 22:13:34 | [psaux] Remove unused structure field. * include/freetype/internal/psaux.h (PS_TableRec): Remove `num_elems`. * src/psaux/psobjs.c (ps_table_new): Remoove its initialization. | |
|
919561ca | 2022-07-30 12:09:21 | [sfnt] Implement VarClipBox. * src/sfnt/ttcolr.c (tt_face_get_color_glyph_clipbox): Depending on the format, read `var_index_base`, then retrieve and apply scaled deltas. | |
|
649352ab | 2022-07-30 12:09:09 | [sfnt] Fix typo in clip box computation. * src/sfnt/ttcolr.c (tt_face_get_color_glyph_clipbox): Use appropriate scale factor for `yMin` and `yMax`. |