kc3-lang/freetype/src/sfnt
Branch :
Log
| Author | Commit | Date | CI | Message |
|---|---|---|---|---|
 |
4904d1eb | 2023-09-06 22:58:46 | * src/sfnt/ttpost.c (load_format_20): Micro-optimize. | |
|
000b26a3 | 2023-08-30 23:03:02 | * src/sfnt/ttpost.c (load_format_20): Rework tracing. | |
|
2f7abe48 | 2023-08-29 19:18:43 | Comment added. | |
|
c46c4b8e | 2023-08-29 17:52:06 | * src/sfnt/ttpost.c (load_format_20): Permit long names. Fixes #1254. | |
 |
3829fdaa | 2023-08-04 11:41:23 | Avoid overflow in COLR bounds checks. The values read into `base_glyphs_offset_v1` and `layer_offset_v1` may be in the range 0xFFFFFFFD-0xFFFFFFFF. On systems where `unsigned long` is 32 bits adding 4 to such values will wrap and pass bounds checks but accessing values at such offsets will be out of bounds. On the other hand `table_size` has already been tested to be at least `COLRV1_HEADER_SIZE` (34) so it is safe to subtract 4 from it. * src/sfnt/ttcolr.c (tt_face_load_colr): subtract 4 from `table_size` instead of adding 4 to font data offsets in bounds checks Fixes: https://crbug.com/1469348 | |
|
dd3c9c5f | 2023-07-18 13:25:57 | [woff2] Clean up on large brotli expansion * src/sfnt/sfwoff2.c (woff2_open_font): set error and goto cleanup Fixes: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=60711 | |
 |
336503df | 2023-07-16 07:36:01 | [woff2] Avoid allocation bomb. This is a fix for commit 85167dbd5, reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=60615 * src/sfnt/sfwoff2.c (MAX_SFNT_SIZE): New macro. (woff2_open_font): Use it to limit the maximum size of an uncompressed WOFF2 font. | |
|
85167dbd | 2023-07-13 16:49:34 | [woff2] Remove sfnt size guess check In WOFF the `totalSfntSize` must be correct, however in WOFF2 this value is now just a hint and a conforming implementation must not reject otherwise valid data if the `totalSfntSize` turns out not to be exact. * src/sfnt/sfwoff2.c (woff2_open_font): remove check that uncompressed woff2 data would fit in the sfnt size guess. Fixes: #1235 | |
|
2fb8eda5 | 2023-06-01 19:38:36 | */*: Remove many function pointer casts. In C it is undefined behavior to call a function through a function pointer of a different type. This is now detected by the Control Flow Integrity Sanitizer. All known issues have already been fixed. Prevent any accidental re-introduction by removing function pointer casts when defining services. The services will call the service functions through the function pointers on the service. As a result the functions must have the same type so there should be no need to cast. Removing the casts allows compilers to warn about assignment to an incompatible function pointer type. | |
|
365eb10d | 2023-05-07 19:16:38 | * src/sfnt/ttcmap: Signature fixes. | |
|
e245951c | 2023-05-06 23:59:25 | * src/sfnt/sfdriver.c, src/sfnt/ttbdf.c: Clean up interface. Ensure that all driver functions use the signature of the service or driver. This avoids pointer mismatches, which are technically undefined behaviour. Recent compilers are more picky in catching them as part of Control Flow Integrity tests. * src/sfnt/sfdriver.c (sfnt_load_table): New wrapper function. (sfnt_service_sfnt_table): Use it. | |
|
8fe50c2a | 2023-04-27 23:06:51 | [truetype] Fix style name handling for variation fonts. * include/freetype/internal/tttypes.h (TT_FaceRec): New field `non_var_style_name`. * src/sfnt/sfobjs.c (sfnt_load_face): Initialize `non_var_style_name`. (sfnt_done_face): Free `non_var_style_name`. * src/truetype/ttgxvar.c (TT_Set_Named_Instance): Restore non-VF style name if switching back to non-VF mode. | |
|
fb982e78 | 2023-04-26 08:17:17 | New Variation Font function `FT_Get_Default_Named_Instance`. * include/freetype/ftmm.h, src/base/ftmm.c (FT_Get_Default_Named_Instance): New function. * include/freetype/internal/services/svmm.h (FT_Get_Default_Named_Instance_Func): New typedef. (FT_Service_MultiMasters): New field `get_default_named_instance`. (FT_DEFINE_SERVICE_MULTIMASTERSREC): Updated. * include/freetype/internal/tttypes.h (TT_Face): New field `var_default_named_instance`. * src/sfnt/sfobjc.s (sfnt_init_face): Initialize `var_default_named_instance`. * src/cff/cffdrivr.c (cff_get_default_named_instance): New function. (cff_service_multi_masters): Updated. * src/truetype/ttgxvar.c (TT_Get_MM_Var): Initialize `var_default_named_instance`. (TT_Get_Default_Named_Instance): New function. * src/truetype/ttgxvar.h: Updated. * src/truetype/ttdriver.c (tt_service_gx_multi_masters): Updated. * src/type1/t1driver.c (t1_service_multi_masters): Updated. * docs/CHANGES: Updated. | |
|
36a086b6 | 2023-04-28 19:40:35 | * src/sfnt/pngshim.c (Load_SBit_Png): Remove FALL_THROUGH warning. | |
|
08268691 | 2023-04-28 15:32:16 | * src/sfnt/ttload.c (tt_face_load_font_dir): Add another guard. Reject 'OTTO' fonts with no valid tables. | |
|
0a3836c9 | 2023-04-25 09:54:09 | Improve/add source comments and documentation. | |
|
40676afc | 2023-04-25 09:30:30 | [sfnt] Fix handling of PS names for Variation Fonts. * src/sfnt/sfdriver.c (get_win_string, get_apple_string): Continue construction of string if an invalid character is encountered. Fixes #1218. | |
|
e78e2d29 | 2023-04-06 11:16:29 | [sfnt, truetype] Add `size_reset` to `MetricsVariations`. This is a generalization of commit ``` commit e6699596af5c5d6f0ae0ea06e19df87dce088df8 Author: Werner Lemberg <wl@gnu.org> Date: Thu Feb 2 11:38:04 2017 +0100 [truetype] Fix MVAR post-action handling. ``` It is also possible for plain `CFF ` style fonts to contain an `fvar` and `MVAR` table and use `cff_metrics_adjust`. `tt_size_reset` should only be called with `TT_Size` and never with `CFF_Size`. Allow the "metrics-variations" service to specify the correct function (if any) to reset `FT_Size`s after adjusting metrics. * src/truetype/ttobjs.c (tt_size_reset): Split off some functionality into... (tt_size_reset_height): ... this new function. * src/truetype/ttdriver.c (tt_service_metrics_variations): Add `size_reset`. (tt_size_select, tt_size_request): Updated. * src/truetype/ttobjs.h: Updated. * include/freetype/internal/services/svmetric.h (MetricsVariations): Add `size_reset`. (FT_DEFINE_SERVICE_METRICSVARIATIONSREC): Updated. * include/freetype/internal/tttypes.h (TT_FaceRec_): Rename `var` to `tt_var` and add `face_var`. * src/cff/cffdrivr.c (cff_service_metrics_variations): Add `size_reset`. (cff_hadvance_adjust, cff_metrics_adjust): Updated. * src/cff/cffobjs.c (cff_face_init): Use `face_var`. * src/sfnt/sfobjs.c (sfnt_init_face): Initialize `face_var`. * src/sfnt/ttmtx.c (tt_face_get_metrics): Use `tt_var`. * src/truetype/ttgxvar.c (tt_size_reset_iterator): Renamed to... (ft_size_reset_iterator): ... this new function. Call `size_reset`. (tt_apply_mvar): Pass `size_reset` to `ft_size_reset_iterator`. Fixes #1211 | |
|
1a4c18f7 | 2023-04-10 15:30:43 | Align `char_next` return types. This is mostly cosmetic because FT_UInt and FT_UInt32 are likely identical. * src/sfnt/ttcmap.c, src/cff/cffcmap.c, src/psaux/t1cmap.c, src/psnames/psmodule.c, include/freetype/internal/service/svpcsmap.h, src/pfr/pfrcmap.c, src/winfonts/winfnt.c (*_char_next): return FT_UInt. | |
|
d2544433 | 2023-04-08 23:15:41 | [sfnt] Clean up CMAP{4,12,13} handling. This moves the charcode overflow checks upstream and turns some while-loops into the do-while ones to avoid the uninitialized warnings. This should slightly reduce the number of checks and jumps. * src/sfnt/ttcmap.c (tt_cmap{4,12,13}_next, tt_cmap{4.12.13}_char_map_linear): Remove the charcode overflow check. (tt_cmap{4,12,13}_char_map_binary): Ditto and use do-while. (tt_cmap{12,13}_char_next): Add the overflow check. | |
|
b0a4f992 | 2023-04-02 22:45:48 | * src/sfnt/ttpost.c (load_format_25): Do not abort frame reading. | |
|
340767bf | 2023-04-02 22:00:59 | * src/sfnt/ttpost.c (load_format_*): Streamline frame reading. | |
|
311b78fa | 2023-04-02 09:24:16 | * src/sfnt/ttpost.c: Formatting and comments. | |
|
8f7b1455 | 2023-04-01 23:37:51 | [sfnt] Consolidate POST version 2.0 and 2.5 (pt 2). * src/sfnt/ttpost.c (load_format_20, load_format_25): Update arguments and move shared calls and checks upstream to... (load_post_names): ... this function. (tt_face_free_ps_names, tt_face_get_ps_name): Updated. | |
|
9597a62b | 2023-04-01 22:34:30 | [sfnt] Consolidate POST version 2.0 and 2.5 (pt 1). The deprecated POST version 2.5 can be handled using the data structures of version 2.0. The goal is to reduce the footprint. * include/freetype/internal/tttypes.h (TT_Post_Names): Absorb and... (TT_Post_20, TT_Post_25): ... remove these structures. src/sfnt/ttpost.c (load_post_names, tt_face_get_ps_name, tt_face_free_ps_names, load_format_20): Updated accordingly. (load_format_25): ditto and convert offsets to glyph indices. | |
|
6d7b8b22 | 2023-03-31 23:17:46 | [sfnt] Miscellaneous POST clean-ups. * src/sfnt/ttpost.c (load_format_20): Decrease casts. (load_format_25): Check the table length and impose a theoretical glyph number limit usable with 8-bit offset. Decrease casts. (load_post_names): Pass the mapping data length without 2 bytes. | |
|
0db69970 | 2023-03-30 09:06:35 | * src/sfnt/ttpost.c (load_format_20): Simplify comutations. | |
|
4679fcb6 | 2023-03-29 00:21:00 | [sfnt] Streamline POST format 2.0 handing (cont'd). * src/sfnt/ttpost.c (load_format_20): Co-allocate the string data and their pointers, which makes it easier to handle and free them. (tt_face_free_ps_names): Updated. * include/freetype/internal/tttypes.h (TT_Post_20): Update type. | |
|
fc01e7dd | 2023-03-05 22:05:24 | Fix a couple of MSVC warnings. * src/base/ftcalc.c (FT_MulAddFix): Add cast. * src/sfnt/ttcolr.c (tt_face_get_colorline_stops, read_paint): Ditto. | |
|
7ae20e55 | 2023-03-03 22:41:09 | * src/sfnt/sfobjs.c (sfnt_load_face): Shorten de-referencing. | |
|
d399657f | 2023-02-26 20:18:54 | * src/*: Replace leading underscores with trailing ones in dummy variables. This is to avoid clang warnings. | |
|
663486a7 | 2023-02-08 20:56:19 | Fix `FT_LOCAL` and `FT_LOCAL_DEF` tags. | |
|
ac5babe8 | 2023-02-08 19:36:10 | Fix 'fall-through' warning messages. Modern compilers get more insistent on that... * include/freetype/internal/compiler-macros.h (FALL_THROUGH): Define. * src/*: Use it instead of `/* fall through */` comments. | |
|
da9eb9c7 | 2023-02-07 07:01:36 | Fix minor clang and clang++ warnings. | |
|
e97544a7 | 2023-01-28 17:04:38 | Minor changes. Comment fixes, typos, removing of unnecessary parentheses. | |
|
bacc48e6 | 2023-01-28 17:04:11 | Whitespace. | |
 |
a297feab | 2023-01-17 14:30:48 | [sfnt] Avoid nullptr dereference in reading malformed 'COLR' v1 table. Fixes https://bugs.chromium.org/p/chromium/issues/detail?id=1408044. * src/sfnt/ttcolr.c (tt_face_load_colr): When the 'COLR' v1 table header is too small, don't deallocate delta set index map structures. | |
|
65f85237 | 2023-01-17 09:18:25 | Update all copyright notices. | |
|
6a179ff7 | 2023-01-16 16:38:56 | sr/*.c: Various minor fixes. * src/autofit/ft-hb.c (_hb_ft_reference_table): Call `FT_UNUSED` after variable declarations. * src/gxvalid/gxvjust.c (gxv_just_widthDeltaClusters_validate): Eliminate unused variable. * src/gzip/ftgzip.c: Don't call GCC '-Wstrict-prototypes' pragma for C++ compiler. * src/sfnt/ttcolr.c (ENSURE_READ_BYTES): Remove final semicolon to avoid compiler warning. * src/sfnt/ttsvg.c (tt_face_load_svg_doc): Fix signedness warning. | |
|
2692b321 | 2023-01-03 17:19:02 | [sfnt] Remove temporary runtime flag for variable 'COLR' v1. Fixes #1187. * src/sfnt/ttcolr.c (top level, read_paint, tt_face_load_colr, tt_face_free_colr, get_deltas_for_var_index_base, tt_face_get_color_glyph_clipbox, tt_face_get_colorline_stops): Remove macro definition `VARIABLE_COLRV1_ENABLED` and its usage. * src/truetype/ttdriver.c (tt_property_set): Remove parsing of 'TEMPORARY-enable-variable-colrv1' property name. * src/truetype/ttobjs.h (TT_DriverRec): Remove `enable_variable_colrv1` flag. | |
|
63f37136 | 2023-01-04 15:52:41 | [sfnt] Fix color stop bounds check calculation at table end. Fixes https://bugs.chromium.org/p/skia/issues/detail?id=14021 * src/sfnt/ttcolr.c (VAR_IDX_BASE_SIZE): New macro. (tt_face_get_colorline_stops): Fix off-by-one bounds check calculation, take `VarColorStop` into account, and hopefully make it easier to read. | |
|
26e9028f | 2022-12-13 09:53:26 | [sdf, sfnt] Handle minor compiler warnings. * src/sdf/ftsdf.c (get_min_distance_conic): Initialize `nearest_point`. * src/sfnt/ttsvg.c (find_doc): Initialize `mid_doc`. Fixes #1195. | |
|
0b62c1e4 | 2022-10-18 14:45:43 | [sfnt] Additional bounds checks for `COLR` v1 table handling. * src/sfnt/ttcolr.c (read_paint): Add `colr` argument, necessary for... ... another use of `ENSURE_READ_BYTES`. Update callers. (tt_face_get_paint_layers): Ensure that the 4-byte paint table offset can be read. This is a follow-up to !124 and issue https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=52404 | |
|
b8882a3e | 2022-10-18 15:58:02 | * src/sfnt/ttsbit.c (tt_face_load_strike_metrics): Simplify calculations. | |
|
04272824 | 2022-10-17 18:18:49 | [sfnt] Guard individual `COLR` v1 paint field reads. * src/sfnt/ttcolr.c (ENSURE_READ_BYTES): New macro. (read_paint): Use it – after the start pointer `p` has been checked for whether it allows reading the format byte, each successive paint table field read need to be bounds-checked before reading further values. Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=52404 | |
|
141d979a | 2022-10-10 12:25:51 | Minor comment changes. | |
|
ff66e912 | 2022-09-29 17:46:23 | * src/sfnt/ttsbit.c (tt_face_load_strike_metrics): Use lighter FT_DivFix. | |
|
df260139 | 2022-09-27 17:50:55 | [sfnt] Guard access in 'COLR' table when requesting child table pointer. * src/sfnt/ttcolr.c (tt_face_get_colorline_stops, read_paint): Tighten pointer bounds checks. (get_child_table_pointer): Check whether incoming pointer `p` lies within the 'COLR' table. Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51816 | |
|
bd417007 | 2022-09-26 14:46:42 | [sfnt] Add SVG document bounds checking. Add a check that the document content is actually contained within the `SVG ` table. Without this check a malformed font may claim arbitrary memory as its document content. * src/sfnt/ttsvg.c (tt_face_load_svg): Take `numEntries` into account when testing 'documentRecord' extents. (find_doc): Rename `stream` to `document_records` for clarity. (tt_face_load_svg_doc): Split `doc` from `doc_list` pointer for clarity. Test that the document content is contained within the table. Ensure minimum length of document before testing for gzip format. Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51812 | |
|
33ceac2a | 2022-09-15 09:47:07 | Reject 'COLR' table if version is 1 but header too small. * src/sfnt/ttcolr.c (tt_face_load_colr): If the version is determined to be 1, then the table size has to be at least the size of the v1 header. Also, for peeking the number of base glyphs and entries in the layer list, ensure that the table is sufficiently long. Fixes #1179. Original patch by Sergey Temnikov. | |
|
91a7fae7 | 2022-09-05 15:49:27 | [sfnt] Handle variable `COLR` v1 fonts without delta set index map Fixes #1178. * src/sfnt/ttcolr.c (get_deltas_for_var_index_base): Set outer index to 0 and inner index to the delta index when retrieving deltas if the `COLR` table has no delta set index map. | |
|
6d62076a | 2022-08-30 15:00:37 | [sfnt] Pointer sanity checks before reading layer info in 'COLR' v0 * src/sfnt/ttcolr.c (tt_face_get_colr_layer): Check that the pointer to read from is within the 'COLR' table. Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50633 | |
|
a1017e26 | 2022-08-19 19:07:42 | [sfnt] Don't require 'gvar' table to support variation fonts. Fixes #1172. * src/sfnt/sfobjs.c (sfnt_load_face): Tag font as Multiple Masters font if `fvar` is present; do not require other tables to be present. * src/truetype/ttgxvar.c (tt_set_mm_blend): Allow for a missing 'gvar' table when setting variation coordinates. However, if a 'gvar' table is actually present, do perform a sanity check and fail on malformedness. (TT_Get_MM_Var): Don't assume 'fvar' needs 'gvar' or 'CFF2 tables in all cases, which is an overly tight check. | |
|
4797b2ff | 2022-08-26 12:08:34 | [sfnt] Avoid undefined shifts in `COLR` v1 color line retrieval * src/sfnt/ttcolr.c (tt_face_get_colorline_stops): Disambiguate shift behavior by using multiplication using macros from ftcalc.h. Fixes: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50573 | |
|
dcb5fc5b | 2022-08-02 17:10:25 | * src/sfnt/ttload.c: Trace formatting updates. | |
|
919561ca | 2022-07-30 12:09:21 | [sfnt] Implement VarClipBox. * src/sfnt/ttcolr.c (tt_face_get_color_glyph_clipbox): Depending on the format, read `var_index_base`, then retrieve and apply scaled deltas. | |
|
649352ab | 2022-07-30 12:09:09 | [sfnt] Fix typo in clip box computation. * src/sfnt/ttcolr.c (tt_face_get_color_glyph_clipbox): Use appropriate scale factor for `yMin` and `yMax`. | |
|
a3749a64 | 2022-07-29 21:49:51 | Fix compilation if `TT_CONFIG_OPTION_GX_VAR_SUPPORT` is not set. * src/sfnt/ttcolr.c: Protect relevant code with `TT_CONFIG_OPTION_GX_VAR_SUPPORT`. | |
|
38dc768a | 2022-07-29 21:17:06 | Fix clang14 compiler warnings. * include/freetype/internal/ftstream.h (FT_GET_SHORT_LE, FT_GET_USHORT_LE): Fix type. * src/sfnt/ttcolr.c (get_deltas_for_var_index_base): Always return boolean value. (tt_face_get_colorline_stops): Fix type of `var_index_base`. | |
|
275b116b | 2022-07-05 15:16:31 | [sfnt] Support variable 'COLR' v1 `PaintVarSkew*`. * src/sfnt/ttcolr.c (FT_PaintFormat_Internal): New enumeration values `FT_COLR_PAINTFORMAT_INTERNAL_VAR_SKEW`, `FT_COLR_PAINTFORMAT_INTERNAL_SKEW_CENTER`, and `FT_COLR_PAINTFORMAT_INTERNAL_VAR_SKEW_CENTER`. (read_paint): Handle new enumeration values. | |
|
44fd524e | 2022-07-05 15:09:28 | [sfnt] Support variable 'COLR' v1 `PaintVarRotate*`. * src/sfnt/ttcolr.c (FT_PaintFormat_Internal): New enumeration values `FT_COLR_PAINTFORMAT_INTERNAL_VAR_ROTATE` and `FT_COLR_PAINTFORMAT_INTERNAL_VAR_ROTATE_CENTER`. (read_paint): Handle new enumeration values. | |
|
603fef28 | 2022-07-05 14:56:22 | [sfnt] Support 'COLR' v1 variable `PaintVarScale*`. * src/sfnt/ttcolr.c: (FT_PaintFormatInternal): New enumeration values `FT_COLR_PAINTFORMAT_INTERNAL_VAR_SCALE`, `FT_COLR_PAINTFORMAT_INTERNAL_VAR_SCALE_CENTER`, `FT_COLR_PAINTFORMAT_INTERNAL_VAR_SCALE_UNIFORM`, and `FT_COLR_PAINTFORMAT_INTERNAL_VAR_SCALE_UNIFORM_CENTER`. (read_paint): Handle new enumeration values. | |
|
d134b9e3 | 2022-07-05 14:51:48 | [sfnt] Support for 'COLR' v1 variable translate. * src/sfnt/ttcolr.c (FT_PaintFormat_Internal): New enumeration value `FT_COLR_PAINTFORMAT_INTERNAL_VAR_TRANSLATE`. (read_paint): Handle new enumeration value. | |
|
8ec531c2 | 2022-07-05 14:47:57 | [sfnt] Support for 'COLR' v1 variable transforms. * src/sfnt/ttcolr.c (FT_PaintFormat_Internal): New enumeration value `FT_COLR_PAINTFORMAT_INTERNAL_VAR_TRANSFORM`. (read_paint): Handle new enumeration value. | |
|
9c4ad2a9 | 2022-07-05 14:43:10 | [sfnt] Deltas for 'COLR' v1 gradient coordinates. * src/sfnt/ttcolr.c (read_paint) [TT_CONFIG_OPTION_GX_VAR_SUPPORT]: Read and apply deltas to radial, linear, and sweep gradient coordinates such as 'p0', 'p1', 'p2', 'center', 'radii', and 'angles'. | |
|
3414fef7 | 2022-07-04 16:29:31 | [sfnt] Support variable 'COLR' v1 color lines. * include/freetype/ftcolor.h (FT_ColorStopIterator): Add field `read_variable` to indicate whether a variation index base should be read. * src/sfnt/ttcolr.c: (FT_PaintFormat_Internal): New enumerations `FT_COLR_PAINTFORMAT_INTERNAL_VAR_LINEAR_GRADIENT` `FT_COLR_PAINTFORMAT_INTERNAL_VAR_RADIAL_GRADIENT`, and `FT_COLR_PAINTFORMAT_INTERNAL_VAR_SWEEP_GRADIENT`. (read_color_line): New parameter `read_variable`; update callers. (read_paint): Handle new enumerations. | |
|
7c151abb | 2022-07-04 12:44:06 | [sfnt] Apply variation deltas to `PaintVarSolid`. * src/sfnt/ttcolr.c (FT_PaintFormat_Internal_): New enumeration `FT_COLR_PAINTFORMAT_INTERNAL_VAR_SOLID`. (get_deltas_for_var_index_base) [TT_CONFIG_OPTION_GX_VAR_SUPPORT]: New function to retrieve an array of delta values, which will be used for most of 'COLR' v1 variation formats (in follow-up commits). (read_paint): Add `face` parameter; update caller. Handle `FT_COLR_PAINTFORMAT_INTERNAL_VAR_SOLID`. | |
|
8a9192f6 | 2022-07-07 13:02:10 | [sfnt] Check safety of cast to `TT_Driver` before accessing member. * src/sfnt/ttcolr.c (VARIABLE_COLRV1_ENABLED): Access `enable_variable_colrv1` only if driver class matches. | |
|
31b14fd4 | 2022-06-29 16:01:13 | [sfnt] Load variation store for 'COLR' v1. * src/sfnt/ttcolr.c: Include `ttobjs.h` temporarily. (VARIABLE_COLRV1_ENABLED): New temporary macro to detect whether variable COLRv1 is enabled. (Colr): New fields `var_store` and `delta_set_idx_map`. (tt_face_load_colr, tt_face_free_colr) [VARIABLE_COLRV1_ENABLED]: Load and free variation store data using the functions from the Multiple Masters service. | |
|
117df36b | 2022-06-22 09:33:20 | [sfnt] Upgrade stop_offset to FT_Fixed from FT_F2Dot14 | |
|
2848378b | 2022-06-21 17:08:04 | s/fixed point/fixed-point/ | |
|
58395dd2 | 2022-06-13 15:28:00 | [woff] Don't allocate table entries until needed * src/sfnt/sfwoff.c (woff_open_font): delay allocating space for the table entries until they are actually written out with the data. | |
|
8b6bcc92 | 2022-06-12 09:04:13 | * src/sfnt/sfwoff2.c (woff2_open_font): Partial revert. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47981. | |
|
73631b95 | 2022-06-11 16:10:40 | [woff, woff2] Avoid buffer zeroing. * src/sfnt/sfwoff.c (woff_open_font): Use Q-macros. * src/sfnt/sfwoff2.c: Ditto. (reconstruct_font): Allocate table_entry on stack. | |
 |
b98dd169 | 2022-05-25 14:49:37 | * src/sfnt/ttmtx.c (tt_face_get_metrics): Apply variations unconditionally. This causes a speed-up of approx. 20% for getting advance widths. | |
|
62bc04f4 | 2022-04-30 15:37:14 | * src/sfnt/sfobjs.c (sfnt_load_face): Set `FT_FACE_FLAG_COLOR` for SVG fonts. Fixes #1151. | |
|
fc082956 | 2022-04-01 14:44:42 | * src/sfnt/sfwoff.c (reconstruct_glyf): Fix gcc 10 warning. | |
|
695d606a | 2022-04-01 08:50:33 | Whitespace. | |
|
87989a14 | 2022-03-31 07:43:41 | Fix clang++ warnings. * src/base/ftglyph.c (ft_svg_glyph_prepare), src/base/ftobj.c (ft_glyphslot_init), src/cache/ftccmap.c (ftc_cmap_node_new), src/cache/ftcimage.c (FTC_INode_New), src/lzw/ftlzw.c (FT_Stream_OpenLZW), src/psaux/psobjs.c (ps_parser_load_field), src/pshinter/pshglob.c (psh_globals_new), src/sfnt/ttsvg.c (tt_face_load_svg_doc): Initialize variables used for allocation. * src/sdf/ftsdf.c (split_sdf_conic, split_sdf_cubic): Change type of `max_splits` to FT_UInt. (sdf_generate_bounding_box): Add cast. | |
|
a8e4563c | 2022-03-19 23:54:31 | Add `FT_FACE_FLAG_SBIX_OVERLAY` and `FT_HAS_SBIX_OVERLAY`. * include/freetype/freetype.h (FT_FACE_FLAG_SBIX_OVERLAY, FT_HAS_SBIX_OVERLAY): New macro. * src/sfnt/ttsbit.c (tt_face_load_sbit): Handle `FT_FACE_FLAG_SBIX_OVERLAY`. Remove obsolete tracing message. | |
|
1949a7ec | 2022-03-19 18:51:34 | Add `FT_PARAM_TAG_IGNORE_SBIX`. This is another bit to handle 'sbix' tables as described in the OpenType specification. * include/freetype/ftparams.h (FT_PARAM_TAG_IGNORE_SBIX): New macro. * src/sfnt/sfobjc.c (is_apple_sbix): Rename to... (has_sbix): ... this. Check for more sbit tables. Handle `FT_PARAM_TAG_IGNORE_SBIX` to eventually control `has_sbix`. Only call sbit table loader if an sbit table is present. | |
|
ac4c1ebf | 2022-02-07 06:55:54 | [truetype] Fix 'sbix' table handling. * src/sfnt/ttsbit.c (tt_face_load_sbix_image): Correct calculation of 'metrics->horiBearingY'. Set vertical metrics. * src/sfnt/sfobjs.c (sfnt_load_face): Adjust setting of `FT_FACE_FLAG_SBIX`. Handle metrics of fonts with 'sbix' table. * src/truetype/ttgload.c (TT_Load_Glyph): For 'sbix' embedded bitmaps, apply bbox offset and bearing values of the corresponding glyph in the 'glyf' table if it exists and has a contour. * src/truetype/ttobjs.c (tt_face_init): Handle font with 'sbix' table. Fixes issue #998. | |
|
907715a6 | 2022-02-09 07:31:56 | Add `FT_FACE_FLAG_SBIX` and `FT_HAS_SBIX`. Fonts with 'sbix' tables need special handling by the application. * include/freetype/freetype.h (FT_FACE_FLAG_SBIX, FT_HAS_SBIX): New macros. * src/sfnt/sfobjs.c (sfnt_load_face): Set `FT_FACE_FLAG_SBIX` if 'sbix' table is present. | |
|
fc15ebe0 | 2022-03-21 11:15:41 | * src/sfnt/ttkern.c (tt_face_get_kerning): Exit early if no table. Fixes #1141. | |
|
a960be9e | 2022-03-18 17:41:01 | [woff2] Support overlap flag for simple glyphs. In the woff2 spec it has been proposed to allow the OVERLAP_SIMPLE flag to be retained through the woff2 format [0]. [0] https://www.w3.org/TR/WOFF2/#glyf_table_format * src/sfnt/sfwoff2.h (GLYF_OVERLAP_SIMPLE): add glyf flag. * src/sfnt/sfwoff2.c (reconstruct_glyf): parse optionFlags and overlapSimpleBitmap[]. (store_points): set OVERLAP_SIMPLE on first point's flag if the overlap bit is set. | |
|
53dfdcd8 | 2022-03-17 19:24:16 | [sfnt] Avoid invalid face index. Fixes #1138. * src/sfnt/sfobjs.c (sfnt_init_face), src/sfnt/sfwoff2.c (woff2_open_font): Check `face_index` before decrementing. | |
|
1e2eb650 | 2022-03-07 10:13:29 | Documentation, whitespace. | |
|
335224be | 2022-03-03 16:33:40 | [sfnt] Fix bounds check in SVG. The `SVG_DOCUMENT_LIST_MINIMUM_SIZE` macro is non trivial and not protected by parentheses. As a result, the expression `table_size - SVG_DOCUMENT_LIST_MINIMUM_SIZE` expands to `table_size - 2U + SVG_DOCUMENT_RECORD_SIZE` instead of the expected `table_size - (2U + SVG_DOCUMENT_RECORD_SIZE)`. This causes an incorrect bounds check which may lead to reading past the end of the `SVG ` table. * src/sfnt/ttsvg.c (tt_face_load_svg): wrap macro definitions in parentheses. Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=45179 | |
|
5b26e92a | 2022-02-19 05:26:53 | src/sfnt/ttkern.c (tt_face_load_kern): Micro-optimize. A kerning table can be handled by binary search if it has equal entries. Fixes #1132. | |
|
bee88864 | 2022-01-30 21:55:21 | Clean-up - do not doubt FT_FREE. * src/base/ftobjs.c (memory_stream_close): Do not reassign zero after `FT_FREE`. * src/sfnt/sfwoff.c (sfnt_stream_close): Ditto. * src/sfnt/sfwoff2.c (stream_close): Ditto. * src/psaux/psobjs.c (ps_parser_load_field): Ditto. * src/truetype/ttgxvar.c (ft_var_load_avar, tt_set_mm_blend, tt_set_mm_blend): Ditto. | |
|
b34741c1 | 2022-01-27 22:55:34 | Minor clean-ups. * src/base/ftrfork.c (raccess_make_file_name): Do not set error. * src/sfnt/sfdriver.c (get_win_string, get_apple_string): Ditto. * src/cff/cffobjs.c (cff_strcpy): Do not confuse about error. * src/psaux/psobjs.c (ps_table_done): Ditto. * src/truetype/ttgxvar.c (ft_var_readpacked*, ft_var_load_avar): Ditto. | |
|
112527dd | 2022-01-22 11:45:30 | [sfnt] Reject malformed SVG tables. * src/sfnt/ttsvg.c (SVG_TABLE_HEADER_SIZE, SVG_DOCUMENT_RECORD_SIZE, SVG_DOCUMENT_LIST_MINIMUM_SIZE, SVG_MINIMUM_SIZE): New macros. (tt_face_load_svg): Check offsets. Check table and record sizes. Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43918 | |
 |
0bf49bd2 | 2021-12-25 20:14:11 | Add 'svg' module for OT-SVG rendering. * CMakeLists.txt (BASE_SRCS): Add svg module file. * meson.build (ft2_public_headers): Add `otsvg.h`. * modules.cfg (RASTER_MODULES): Add `svg` module. * builds/meson/parse_modules_cfg.py: Add svg module. * include/freetype/config/ftmodule.h: Add `ft_svg_renderer_class`. * include/freetype/fterrdef.h: Add `Invalid_SVG_Document` and `Missing_SVG_Hooks` error codes. * include/freetype/internal/fttrace.h: Add tracing for `otsvg`. * include/freetype/internal/svginterface.h: New file. It adds an interface to enable the presetting hook from the `base` module. * include/freetype/otsvg.h (SVG_Lib_Init_Func, SVG_Lib_Free_Func, SVG_Lib_Render_Func, SVG_Lib_Preset_Slot_Func): New hooks for SVG rendering. (SVG_RendererHooks): New structure to access them. * src/base/ftobjs.c: Include `svginterface.h`. (ft_glyphslot_preset_bitmap): Add code for presetting the slot for SVG glyphs. (ft_add_renderer): Updated. * src/svg/*: New files. | |
|
f93a897a | 2021-12-25 19:20:44 | Add code to load OT-SVG glyph documents. * include/freetype/config/ftheader.h (FT_OTSVG_H): New macro. * include/freetype/freetype.h (FT_FACE_FLAG_SVG, FT_HAS_SVG): New macros. (FT_LOAD_SVG_ONLY): New internal macro. * include/freetype/ftimage.h (FT_Glyph_Format): New enumeration value `FT_GLYPH_FORMAT_SVG`. * include/freetype/internal/ftobjs.h (FT_GLYPH_OWN_GZIP_SVG): New macro. * include/freetype/internal/fttrace.h: Add `ttsvg` for `ttsvg.c`. * include/freetype/internal/sfnt.h(load_svg, free_svg, load_svg_doc): New functions. * include/freetype/internal/tttypes.h (TT_FaceRec): Add `svg` for the SVG table. * include/freetype/otsvg.h (FT_SVG_DocumentRec): New structure to hold the SVG document and other necessary information of an OT-SVG glyph in a glyph slot. * include/freetype/tttags.h (TTAG_SVG): New macro. * src/base/ftobjs.c: Include `otsvg.h`. (ft_glyphslot_init): Allocate `FT_SVG_DocumentRec` in `slot->other` if the SVG table exists. (ft_glyphslot_clear): Free it upon clean-up if it is a GZIP compressed glyph. (ft_glyphslot_done): Free the document data if it is a GZIP compressed glyph. (FT_Load_Glyph): Don't auto-hint SVG documents. * src/cache/ftcbasic.c (ftc_basic_family_load_glyph): Add support for FT_GLYPH_FORMAT_SVG. * src/sfnt/rules.mk (SFNT_DRV_SRC): Add `ttsvg.c`. * src/sfnt/sfdriver.c: Include `ttsvg.h`. (sfnt_interface): Add `tt_face_load_svg`, `tt_face_free_svg` and `tt_face_load_svg_doc`. * src/sfnt/sfnt.c: Include `ttsvg.c`. * src/sfnt/sfobjs.c (sfnt_load_face, sfnt_done_face): Add code to load and free data of the the SVG table. * src/sfnt/ttsvg.c: New file, implementing `tt_face_load_svg`, `tt_face_free_svg` and `tt_face_load_svg_doc`. * src/sfnt/ttsvg.h: Declarations of the SVG functions in `ttsvg.c`. | |
|
3876846e | 2022-01-11 13:40:20 | [sfnt] Fix limit checks for `COLR` v1 ClipBoxes * src/sfnt/ttcolr.c (tt_face_get_color_glyph_clipbox): Fix off-by-one in limit checks. | |
|
d0cfb4e1 | 2022-01-11 10:54:10 | Update all copyright notices. | |
|
947fddc8 | 2022-01-09 07:26:26 | * src/sfnt/ttcolr.c (read_paint): Fix undefined left-shift operation. Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43151 | |
|
4a89112b | 2022-01-08 16:56:57 | * src/sfnt/ttcolr.c (tt_face_get_color_glyph_clipbox): Add limit checks. Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=40716 | |
|
ca011128 | 2022-01-08 22:28:44 | [sfnt] Fix off-by-one error. The 0-base index is equal to the number of previosly parsed entries. It is an error to adjust it by one to get the number truncated by a stream error. This is probably inconsequential because valid entries are correctly accounted for. * src/sfnt/ttload.c (check_table_dir): Do not adjust the truncated number of tables. | |
|
7a493e3a | 2022-01-08 10:28:19 | [sfnt, type42] Correct previous commit. Really fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42773. * src/sfnt/ttload.c (check_table_dir): Revert change. * src/type42/t42.parse.c (t42_parse_sfnts): Don't use `FT_QREALLOC` but `FT_REALLOC` for setting up `ttf_data` to avoid uninitialized memory access while handling malformed TrueType fonts later on. |