src/sfnt

Branch


Log

Author Commit Date CI Message
Ben Wagner 3829fdaa 2023-08-04T11:41:23 Avoid overflow in COLR bounds checks. The values read into `base_glyphs_offset_v1` and `layer_offset_v1` may be in the range 0xFFFFFFFD-0xFFFFFFFF. On systems where `unsigned long` is 32 bits adding 4 to such values will wrap and pass bounds checks but accessing values at such offsets will be out of bounds. On the other hand `table_size` has already been tested to be at least `COLRV1_HEADER_SIZE` (34) so it is safe to subtract 4 from it. * src/sfnt/ttcolr.c (tt_face_load_colr): subtract 4 from `table_size` instead of adding 4 to font data offsets in bounds checks Fixes: https://crbug.com/1469348
Ben Wagner dd3c9c5f 2023-07-18T13:25:57 [woff2] Clean up on large brotli expansion * src/sfnt/sfwoff2.c (woff2_open_font): set error and goto cleanup Fixes: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=60711
Werner Lemberg 336503df 2023-07-16T07:36:01 [woff2] Avoid allocation bomb. This is a fix for commit 85167dbd5, reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=60615 * src/sfnt/sfwoff2.c (MAX_SFNT_SIZE): New macro. (woff2_open_font): Use it to limit the maximum size of an uncompressed WOFF2 font.
Ben Wagner 85167dbd 2023-07-13T16:49:34 [woff2] Remove sfnt size guess check In WOFF the `totalSfntSize` must be correct, however in WOFF2 this value is now just a hint and a conforming implementation must not reject otherwise valid data if the `totalSfntSize` turns out not to be exact. * src/sfnt/sfwoff2.c (woff2_open_font): remove check that uncompressed woff2 data would fit in the sfnt size guess. Fixes: #1235
Ben Wagner 2fb8eda5 2023-06-01T19:38:36 */*: Remove many function pointer casts. In C it is undefined behavior to call a function through a function pointer of a different type. This is now detected by the Control Flow Integrity Sanitizer. All known issues have already been fixed. Prevent any accidental re-introduction by removing function pointer casts when defining services. The services will call the service functions through the function pointers on the service. As a result the functions must have the same type so there should be no need to cast. Removing the casts allows compilers to warn about assignment to an incompatible function pointer type.
Werner Lemberg 365eb10d 2023-05-07T19:16:38 * src/sfnt/ttcmap: Signature fixes.
Werner Lemberg e245951c 2023-05-06T23:59:25 * src/sfnt/sfdriver.c, src/sfnt/ttbdf.c: Clean up interface. Ensure that all driver functions use the signature of the service or driver. This avoids pointer mismatches, which are technically undefined behaviour. Recent compilers are more picky in catching them as part of Control Flow Integrity tests. * src/sfnt/sfdriver.c (sfnt_load_table): New wrapper function. (sfnt_service_sfnt_table): Use it.
Werner Lemberg 8fe50c2a 2023-04-27T23:06:51 [truetype] Fix style name handling for variation fonts. * include/freetype/internal/tttypes.h (TT_FaceRec): New field `non_var_style_name`. * src/sfnt/sfobjs.c (sfnt_load_face): Initialize `non_var_style_name`. (sfnt_done_face): Free `non_var_style_name`. * src/truetype/ttgxvar.c (TT_Set_Named_Instance): Restore non-VF style name if switching back to non-VF mode.
Werner Lemberg fb982e78 2023-04-26T08:17:17 New Variation Font function `FT_Get_Default_Named_Instance`. * include/freetype/ftmm.h, src/base/ftmm.c (FT_Get_Default_Named_Instance): New function. * include/freetype/internal/services/svmm.h (FT_Get_Default_Named_Instance_Func): New typedef. (FT_Service_MultiMasters): New field `get_default_named_instance`. (FT_DEFINE_SERVICE_MULTIMASTERSREC): Updated. * include/freetype/internal/tttypes.h (TT_Face): New field `var_default_named_instance`. * src/sfnt/sfobjc.s (sfnt_init_face): Initialize `var_default_named_instance`. * src/cff/cffdrivr.c (cff_get_default_named_instance): New function. (cff_service_multi_masters): Updated. * src/truetype/ttgxvar.c (TT_Get_MM_Var): Initialize `var_default_named_instance`. (TT_Get_Default_Named_Instance): New function. * src/truetype/ttgxvar.h: Updated. * src/truetype/ttdriver.c (tt_service_gx_multi_masters): Updated. * src/type1/t1driver.c (t1_service_multi_masters): Updated. * docs/CHANGES: Updated.
Alexei Podtelezhnikov 36a086b6 2023-04-28T19:40:35 * src/sfnt/pngshim.c (Load_SBit_Png): Remove FALL_THROUGH warning.
Werner Lemberg 08268691 2023-04-28T15:32:16 * src/sfnt/ttload.c (tt_face_load_font_dir): Add another guard. Reject 'OTTO' fonts with no valid tables.
Werner Lemberg 0a3836c9 2023-04-25T09:54:09 Improve/add source comments and documentation.
Werner Lemberg 40676afc 2023-04-25T09:30:30 [sfnt] Fix handling of PS names for Variation Fonts. * src/sfnt/sfdriver.c (get_win_string, get_apple_string): Continue construction of string if an invalid character is encountered. Fixes #1218.
Ben Wagner e78e2d29 2023-04-06T11:16:29 [sfnt, truetype] Add `size_reset` to `MetricsVariations`. This is a generalization of commit ``` commit e6699596af5c5d6f0ae0ea06e19df87dce088df8 Author: Werner Lemberg <wl@gnu.org> Date: Thu Feb 2 11:38:04 2017 +0100 [truetype] Fix MVAR post-action handling. ``` It is also possible for plain `CFF ` style fonts to contain an `fvar` and `MVAR` table and use `cff_metrics_adjust`. `tt_size_reset` should only be called with `TT_Size` and never with `CFF_Size`. Allow the "metrics-variations" service to specify the correct function (if any) to reset `FT_Size`s after adjusting metrics. * src/truetype/ttobjs.c (tt_size_reset): Split off some functionality into... (tt_size_reset_height): ... this new function. * src/truetype/ttdriver.c (tt_service_metrics_variations): Add `size_reset`. (tt_size_select, tt_size_request): Updated. * src/truetype/ttobjs.h: Updated. * include/freetype/internal/services/svmetric.h (MetricsVariations): Add `size_reset`. (FT_DEFINE_SERVICE_METRICSVARIATIONSREC): Updated. * include/freetype/internal/tttypes.h (TT_FaceRec_): Rename `var` to `tt_var` and add `face_var`. * src/cff/cffdrivr.c (cff_service_metrics_variations): Add `size_reset`. (cff_hadvance_adjust, cff_metrics_adjust): Updated. * src/cff/cffobjs.c (cff_face_init): Use `face_var`. * src/sfnt/sfobjs.c (sfnt_init_face): Initialize `face_var`. * src/sfnt/ttmtx.c (tt_face_get_metrics): Use `tt_var`. * src/truetype/ttgxvar.c (tt_size_reset_iterator): Renamed to... (ft_size_reset_iterator): ... this new function. Call `size_reset`. (tt_apply_mvar): Pass `size_reset` to `ft_size_reset_iterator`. Fixes #1211
Alexei Podtelezhnikov 1a4c18f7 2023-04-10T15:30:43 Align `char_next` return types. This is mostly cosmetic because FT_UInt and FT_UInt32 are likely identical. * src/sfnt/ttcmap.c, src/cff/cffcmap.c, src/psaux/t1cmap.c, src/psnames/psmodule.c, include/freetype/internal/service/svpcsmap.h, src/pfr/pfrcmap.c, src/winfonts/winfnt.c (*_char_next): return FT_UInt.
Alexei Podtelezhnikov d2544433 2023-04-08T23:15:41 [sfnt] Clean up CMAP{4,12,13} handling. This moves the charcode overflow checks upstream and turns some while-loops into the do-while ones to avoid the uninitialized warnings. This should slightly reduce the number of checks and jumps. * src/sfnt/ttcmap.c (tt_cmap{4,12,13}_next, tt_cmap{4.12.13}_char_map_linear): Remove the charcode overflow check. (tt_cmap{4,12,13}_char_map_binary): Ditto and use do-while. (tt_cmap{12,13}_char_next): Add the overflow check.
Alexei Podtelezhnikov b0a4f992 2023-04-02T22:45:48 * src/sfnt/ttpost.c (load_format_25): Do not abort frame reading.
Alexei Podtelezhnikov 340767bf 2023-04-02T22:00:59 * src/sfnt/ttpost.c (load_format_*): Streamline frame reading.
Alexei Podtelezhnikov 311b78fa 2023-04-02T09:24:16 * src/sfnt/ttpost.c: Formatting and comments.
Alexei Podtelezhnikov 8f7b1455 2023-04-01T23:37:51 [sfnt] Consolidate POST version 2.0 and 2.5 (pt 2). * src/sfnt/ttpost.c (load_format_20, load_format_25): Update arguments and move shared calls and checks upstream to... (load_post_names): ... this function. (tt_face_free_ps_names, tt_face_get_ps_name): Updated.
Alexei Podtelezhnikov 9597a62b 2023-04-01T22:34:30 [sfnt] Consolidate POST version 2.0 and 2.5 (pt 1). The deprecated POST version 2.5 can be handled using the data structures of version 2.0. The goal is to reduce the footprint. * include/freetype/internal/tttypes.h (TT_Post_Names): Absorb and... (TT_Post_20, TT_Post_25): ... remove these structures. src/sfnt/ttpost.c (load_post_names, tt_face_get_ps_name, tt_face_free_ps_names, load_format_20): Updated accordingly. (load_format_25): ditto and convert offsets to glyph indices.
Alexei Podtelezhnikov 6d7b8b22 2023-03-31T23:17:46 [sfnt] Miscellaneous POST clean-ups. * src/sfnt/ttpost.c (load_format_20): Decrease casts. (load_format_25): Check the table length and impose a theoretical glyph number limit usable with 8-bit offset. Decrease casts. (load_post_names): Pass the mapping data length without 2 bytes.
Alexei Podtelezhnikov 0db69970 2023-03-30T09:06:35 * src/sfnt/ttpost.c (load_format_20): Simplify comutations.
Alexei Podtelezhnikov 4679fcb6 2023-03-29T00:21:00 [sfnt] Streamline POST format 2.0 handing (cont'd). * src/sfnt/ttpost.c (load_format_20): Co-allocate the string data and their pointers, which makes it easier to handle and free them. (tt_face_free_ps_names): Updated. * include/freetype/internal/tttypes.h (TT_Post_20): Update type.
Alexei Podtelezhnikov fc01e7dd 2023-03-05T22:05:24 Fix a couple of MSVC warnings. * src/base/ftcalc.c (FT_MulAddFix): Add cast. * src/sfnt/ttcolr.c (tt_face_get_colorline_stops, read_paint): Ditto.
Alexei Podtelezhnikov 7ae20e55 2023-03-03T22:41:09 * src/sfnt/sfobjs.c (sfnt_load_face): Shorten de-referencing.
Werner Lemberg d399657f 2023-02-26T20:18:54 * src/*: Replace leading underscores with trailing ones in dummy variables. This is to avoid clang warnings.
Werner Lemberg 663486a7 2023-02-08T20:56:19 Fix `FT_LOCAL` and `FT_LOCAL_DEF` tags.
Werner Lemberg ac5babe8 2023-02-08T19:36:10 Fix 'fall-through' warning messages. Modern compilers get more insistent on that... * include/freetype/internal/compiler-macros.h (FALL_THROUGH): Define. * src/*: Use it instead of `/* fall through */` comments.
Werner Lemberg da9eb9c7 2023-02-07T07:01:36 Fix minor clang and clang++ warnings.
Werner Lemberg e97544a7 2023-01-28T17:04:38 Minor changes. Comment fixes, typos, removing of unnecessary parentheses.
Werner Lemberg bacc48e6 2023-01-28T17:04:11 Whitespace.
Dominik Röttsches a297feab 2023-01-17T14:30:48 [sfnt] Avoid nullptr dereference in reading malformed 'COLR' v1 table. Fixes https://bugs.chromium.org/p/chromium/issues/detail?id=1408044. * src/sfnt/ttcolr.c (tt_face_load_colr): When the 'COLR' v1 table header is too small, don't deallocate delta set index map structures.
Werner Lemberg 65f85237 2023-01-17T09:18:25 Update all copyright notices.
Werner Lemberg 6a179ff7 2023-01-16T16:38:56 sr/*.c: Various minor fixes. * src/autofit/ft-hb.c (_hb_ft_reference_table): Call `FT_UNUSED` after variable declarations. * src/gxvalid/gxvjust.c (gxv_just_widthDeltaClusters_validate): Eliminate unused variable. * src/gzip/ftgzip.c: Don't call GCC '-Wstrict-prototypes' pragma for C++ compiler. * src/sfnt/ttcolr.c (ENSURE_READ_BYTES): Remove final semicolon to avoid compiler warning. * src/sfnt/ttsvg.c (tt_face_load_svg_doc): Fix signedness warning.
Dominik Röttsches 2692b321 2023-01-03T17:19:02 [sfnt] Remove temporary runtime flag for variable 'COLR' v1. Fixes #1187. * src/sfnt/ttcolr.c (top level, read_paint, tt_face_load_colr, tt_face_free_colr, get_deltas_for_var_index_base, tt_face_get_color_glyph_clipbox, tt_face_get_colorline_stops): Remove macro definition `VARIABLE_COLRV1_ENABLED` and its usage. * src/truetype/ttdriver.c (tt_property_set): Remove parsing of 'TEMPORARY-enable-variable-colrv1' property name. * src/truetype/ttobjs.h (TT_DriverRec): Remove `enable_variable_colrv1` flag.
Dominik Röttsches 63f37136 2023-01-04T15:52:41 [sfnt] Fix color stop bounds check calculation at table end. Fixes https://bugs.chromium.org/p/skia/issues/detail?id=14021 * src/sfnt/ttcolr.c (VAR_IDX_BASE_SIZE): New macro. (tt_face_get_colorline_stops): Fix off-by-one bounds check calculation, take `VarColorStop` into account, and hopefully make it easier to read.
Werner Lemberg 26e9028f 2022-12-13T09:53:26 [sdf, sfnt] Handle minor compiler warnings. * src/sdf/ftsdf.c (get_min_distance_conic): Initialize `nearest_point`. * src/sfnt/ttsvg.c (find_doc): Initialize `mid_doc`. Fixes #1195.
Dominik Röttsches 0b62c1e4 2022-10-18T14:45:43 [sfnt] Additional bounds checks for `COLR` v1 table handling. * src/sfnt/ttcolr.c (read_paint): Add `colr` argument, necessary for... ... another use of `ENSURE_READ_BYTES`. Update callers. (tt_face_get_paint_layers): Ensure that the 4-byte paint table offset can be read. This is a follow-up to !124 and issue https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=52404
Alexei Podtelezhnikov b8882a3e 2022-10-18T15:58:02 * src/sfnt/ttsbit.c (tt_face_load_strike_metrics): Simplify calculations.
Dominik Röttsches 04272824 2022-10-17T18:18:49 [sfnt] Guard individual `COLR` v1 paint field reads. * src/sfnt/ttcolr.c (ENSURE_READ_BYTES): New macro. (read_paint): Use it – after the start pointer `p` has been checked for whether it allows reading the format byte, each successive paint table field read need to be bounds-checked before reading further values. Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=52404
Werner Lemberg 141d979a 2022-10-10T12:25:51 Minor comment changes.
Alexei Podtelezhnikov ff66e912 2022-09-29T17:46:23 * src/sfnt/ttsbit.c (tt_face_load_strike_metrics): Use lighter FT_DivFix.
Dominik Röttsches df260139 2022-09-27T17:50:55 [sfnt] Guard access in 'COLR' table when requesting child table pointer. * src/sfnt/ttcolr.c (tt_face_get_colorline_stops, read_paint): Tighten pointer bounds checks. (get_child_table_pointer): Check whether incoming pointer `p` lies within the 'COLR' table. Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51816
Ben Wagner bd417007 2022-09-26T14:46:42 [sfnt] Add SVG document bounds checking. Add a check that the document content is actually contained within the `SVG ` table. Without this check a malformed font may claim arbitrary memory as its document content. * src/sfnt/ttsvg.c (tt_face_load_svg): Take `numEntries` into account when testing 'documentRecord' extents. (find_doc): Rename `stream` to `document_records` for clarity. (tt_face_load_svg_doc): Split `doc` from `doc_list` pointer for clarity. Test that the document content is contained within the table. Ensure minimum length of document before testing for gzip format. Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51812
Dominik Röttsches 33ceac2a 2022-09-15T09:47:07 Reject 'COLR' table if version is 1 but header too small. * src/sfnt/ttcolr.c (tt_face_load_colr): If the version is determined to be 1, then the table size has to be at least the size of the v1 header. Also, for peeking the number of base glyphs and entries in the layer list, ensure that the table is sufficiently long. Fixes #1179. Original patch by Sergey Temnikov.
Dominik Röttsches 91a7fae7 2022-09-05T15:49:27 [sfnt] Handle variable `COLR` v1 fonts without delta set index map Fixes #1178. * src/sfnt/ttcolr.c (get_deltas_for_var_index_base): Set outer index to 0 and inner index to the delta index when retrieving deltas if the `COLR` table has no delta set index map.
Dominik Röttsches 6d62076a 2022-08-30T15:00:37 [sfnt] Pointer sanity checks before reading layer info in 'COLR' v0 * src/sfnt/ttcolr.c (tt_face_get_colr_layer): Check that the pointer to read from is within the 'COLR' table. Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50633
Dominik Röttsches a1017e26 2022-08-19T19:07:42 [sfnt] Don't require 'gvar' table to support variation fonts. Fixes #1172. * src/sfnt/sfobjs.c (sfnt_load_face): Tag font as Multiple Masters font if `fvar` is present; do not require other tables to be present. * src/truetype/ttgxvar.c (tt_set_mm_blend): Allow for a missing 'gvar' table when setting variation coordinates. However, if a 'gvar' table is actually present, do perform a sanity check and fail on malformedness. (TT_Get_MM_Var): Don't assume 'fvar' needs 'gvar' or 'CFF2 tables in all cases, which is an overly tight check.
Dominik Röttsches 4797b2ff 2022-08-26T12:08:34 [sfnt] Avoid undefined shifts in `COLR` v1 color line retrieval * src/sfnt/ttcolr.c (tt_face_get_colorline_stops): Disambiguate shift behavior by using multiplication using macros from ftcalc.h. Fixes: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=50573
Alexei Podtelezhnikov dcb5fc5b 2022-08-02T17:10:25 * src/sfnt/ttload.c: Trace formatting updates.
Dominik Röttsches 919561ca 2022-07-30T12:09:21 [sfnt] Implement VarClipBox. * src/sfnt/ttcolr.c (tt_face_get_color_glyph_clipbox): Depending on the format, read `var_index_base`, then retrieve and apply scaled deltas.
Dominik Röttsches 649352ab 2022-07-30T12:09:09 [sfnt] Fix typo in clip box computation. * src/sfnt/ttcolr.c (tt_face_get_color_glyph_clipbox): Use appropriate scale factor for `yMin` and `yMax`.
Werner Lemberg a3749a64 2022-07-29T21:49:51 Fix compilation if `TT_CONFIG_OPTION_GX_VAR_SUPPORT` is not set. * src/sfnt/ttcolr.c: Protect relevant code with `TT_CONFIG_OPTION_GX_VAR_SUPPORT`.
Werner Lemberg 38dc768a 2022-07-29T21:17:06 Fix clang14 compiler warnings. * include/freetype/internal/ftstream.h (FT_GET_SHORT_LE, FT_GET_USHORT_LE): Fix type. * src/sfnt/ttcolr.c (get_deltas_for_var_index_base): Always return boolean value. (tt_face_get_colorline_stops): Fix type of `var_index_base`.
Dominik Röttsches 275b116b 2022-07-05T15:16:31 [sfnt] Support variable 'COLR' v1 `PaintVarSkew*`. * src/sfnt/ttcolr.c (FT_PaintFormat_Internal): New enumeration values `FT_COLR_PAINTFORMAT_INTERNAL_VAR_SKEW`, `FT_COLR_PAINTFORMAT_INTERNAL_SKEW_CENTER`, and `FT_COLR_PAINTFORMAT_INTERNAL_VAR_SKEW_CENTER`. (read_paint): Handle new enumeration values.
Dominik Röttsches 44fd524e 2022-07-05T15:09:28 [sfnt] Support variable 'COLR' v1 `PaintVarRotate*`. * src/sfnt/ttcolr.c (FT_PaintFormat_Internal): New enumeration values `FT_COLR_PAINTFORMAT_INTERNAL_VAR_ROTATE` and `FT_COLR_PAINTFORMAT_INTERNAL_VAR_ROTATE_CENTER`. (read_paint): Handle new enumeration values.
Dominik Röttsches 603fef28 2022-07-05T14:56:22 [sfnt] Support 'COLR' v1 variable `PaintVarScale*`. * src/sfnt/ttcolr.c: (FT_PaintFormatInternal): New enumeration values `FT_COLR_PAINTFORMAT_INTERNAL_VAR_SCALE`, `FT_COLR_PAINTFORMAT_INTERNAL_VAR_SCALE_CENTER`, `FT_COLR_PAINTFORMAT_INTERNAL_VAR_SCALE_UNIFORM`, and `FT_COLR_PAINTFORMAT_INTERNAL_VAR_SCALE_UNIFORM_CENTER`. (read_paint): Handle new enumeration values.
Dominik Röttsches d134b9e3 2022-07-05T14:51:48 [sfnt] Support for 'COLR' v1 variable translate. * src/sfnt/ttcolr.c (FT_PaintFormat_Internal): New enumeration value `FT_COLR_PAINTFORMAT_INTERNAL_VAR_TRANSLATE`. (read_paint): Handle new enumeration value.
Dominik Röttsches 8ec531c2 2022-07-05T14:47:57 [sfnt] Support for 'COLR' v1 variable transforms. * src/sfnt/ttcolr.c (FT_PaintFormat_Internal): New enumeration value `FT_COLR_PAINTFORMAT_INTERNAL_VAR_TRANSFORM`. (read_paint): Handle new enumeration value.
Dominik Röttsches 9c4ad2a9 2022-07-05T14:43:10 [sfnt] Deltas for 'COLR' v1 gradient coordinates. * src/sfnt/ttcolr.c (read_paint) [TT_CONFIG_OPTION_GX_VAR_SUPPORT]: Read and apply deltas to radial, linear, and sweep gradient coordinates such as 'p0', 'p1', 'p2', 'center', 'radii', and 'angles'.
Dominik Röttsches 3414fef7 2022-07-04T16:29:31 [sfnt] Support variable 'COLR' v1 color lines. * include/freetype/ftcolor.h (FT_ColorStopIterator): Add field `read_variable` to indicate whether a variation index base should be read. * src/sfnt/ttcolr.c: (FT_PaintFormat_Internal): New enumerations `FT_COLR_PAINTFORMAT_INTERNAL_VAR_LINEAR_GRADIENT` `FT_COLR_PAINTFORMAT_INTERNAL_VAR_RADIAL_GRADIENT`, and `FT_COLR_PAINTFORMAT_INTERNAL_VAR_SWEEP_GRADIENT`. (read_color_line): New parameter `read_variable`; update callers. (read_paint): Handle new enumerations.
Dominik Röttsches 7c151abb 2022-07-04T12:44:06 [sfnt] Apply variation deltas to `PaintVarSolid`. * src/sfnt/ttcolr.c (FT_PaintFormat_Internal_): New enumeration `FT_COLR_PAINTFORMAT_INTERNAL_VAR_SOLID`. (get_deltas_for_var_index_base) [TT_CONFIG_OPTION_GX_VAR_SUPPORT]: New function to retrieve an array of delta values, which will be used for most of 'COLR' v1 variation formats (in follow-up commits). (read_paint): Add `face` parameter; update caller. Handle `FT_COLR_PAINTFORMAT_INTERNAL_VAR_SOLID`.
Dominik Röttsches 8a9192f6 2022-07-07T13:02:10 [sfnt] Check safety of cast to `TT_Driver` before accessing member. * src/sfnt/ttcolr.c (VARIABLE_COLRV1_ENABLED): Access `enable_variable_colrv1` only if driver class matches.
Dominik Röttsches 31b14fd4 2022-06-29T16:01:13 [sfnt] Load variation store for 'COLR' v1. * src/sfnt/ttcolr.c: Include `ttobjs.h` temporarily. (VARIABLE_COLRV1_ENABLED): New temporary macro to detect whether variable COLRv1 is enabled. (Colr): New fields `var_store` and `delta_set_idx_map`. (tt_face_load_colr, tt_face_free_colr) [VARIABLE_COLRV1_ENABLED]: Load and free variation store data using the functions from the Multiple Masters service.
Dominik Röttsches 117df36b 2022-06-22T09:33:20 [sfnt] Upgrade stop_offset to FT_Fixed from FT_F2Dot14
Werner Lemberg 2848378b 2022-06-21T17:08:04 s/fixed point/fixed-point/
Ben Wagner 58395dd2 2022-06-13T15:28:00 [woff] Don't allocate table entries until needed * src/sfnt/sfwoff.c (woff_open_font): delay allocating space for the table entries until they are actually written out with the data.
Alexei Podtelezhnikov 8b6bcc92 2022-06-12T09:04:13 * src/sfnt/sfwoff2.c (woff2_open_font): Partial revert. Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47981.
Alexei Podtelezhnikov 73631b95 2022-06-11T16:10:40 [woff, woff2] Avoid buffer zeroing. * src/sfnt/sfwoff.c (woff_open_font): Use Q-macros. * src/sfnt/sfwoff2.c: Ditto. (reconstruct_font): Allocate table_entry on stack.
Behdad Esfahbod (بهداد اسفهبد) b98dd169 2022-05-25T14:49:37 * src/sfnt/ttmtx.c (tt_face_get_metrics): Apply variations unconditionally. This causes a speed-up of approx. 20% for getting advance widths.
Werner Lemberg 62bc04f4 2022-04-30T15:37:14 * src/sfnt/sfobjs.c (sfnt_load_face): Set `FT_FACE_FLAG_COLOR` for SVG fonts. Fixes #1151.
Werner Lemberg fc082956 2022-04-01T14:44:42 * src/sfnt/sfwoff.c (reconstruct_glyf): Fix gcc 10 warning.
Werner Lemberg 695d606a 2022-04-01T08:50:33 Whitespace.
Werner Lemberg 87989a14 2022-03-31T07:43:41 Fix clang++ warnings. * src/base/ftglyph.c (ft_svg_glyph_prepare), src/base/ftobj.c (ft_glyphslot_init), src/cache/ftccmap.c (ftc_cmap_node_new), src/cache/ftcimage.c (FTC_INode_New), src/lzw/ftlzw.c (FT_Stream_OpenLZW), src/psaux/psobjs.c (ps_parser_load_field), src/pshinter/pshglob.c (psh_globals_new), src/sfnt/ttsvg.c (tt_face_load_svg_doc): Initialize variables used for allocation. * src/sdf/ftsdf.c (split_sdf_conic, split_sdf_cubic): Change type of `max_splits` to FT_UInt. (sdf_generate_bounding_box): Add cast.
Werner Lemberg a8e4563c 2022-03-19T23:54:31 Add `FT_FACE_FLAG_SBIX_OVERLAY` and `FT_HAS_SBIX_OVERLAY`. * include/freetype/freetype.h (FT_FACE_FLAG_SBIX_OVERLAY, FT_HAS_SBIX_OVERLAY): New macro. * src/sfnt/ttsbit.c (tt_face_load_sbit): Handle `FT_FACE_FLAG_SBIX_OVERLAY`. Remove obsolete tracing message.
Werner Lemberg 1949a7ec 2022-03-19T18:51:34 Add `FT_PARAM_TAG_IGNORE_SBIX`. This is another bit to handle 'sbix' tables as described in the OpenType specification. * include/freetype/ftparams.h (FT_PARAM_TAG_IGNORE_SBIX): New macro. * src/sfnt/sfobjc.c (is_apple_sbix): Rename to... (has_sbix): ... this. Check for more sbit tables. Handle `FT_PARAM_TAG_IGNORE_SBIX` to eventually control `has_sbix`. Only call sbit table loader if an sbit table is present.
Werner Lemberg ac4c1ebf 2022-02-07T06:55:54 [truetype] Fix 'sbix' table handling. * src/sfnt/ttsbit.c (tt_face_load_sbix_image): Correct calculation of 'metrics->horiBearingY'. Set vertical metrics. * src/sfnt/sfobjs.c (sfnt_load_face): Adjust setting of `FT_FACE_FLAG_SBIX`. Handle metrics of fonts with 'sbix' table. * src/truetype/ttgload.c (TT_Load_Glyph): For 'sbix' embedded bitmaps, apply bbox offset and bearing values of the corresponding glyph in the 'glyf' table if it exists and has a contour. * src/truetype/ttobjs.c (tt_face_init): Handle font with 'sbix' table. Fixes issue #998.
Werner Lemberg 907715a6 2022-02-09T07:31:56 Add `FT_FACE_FLAG_SBIX` and `FT_HAS_SBIX`. Fonts with 'sbix' tables need special handling by the application. * include/freetype/freetype.h (FT_FACE_FLAG_SBIX, FT_HAS_SBIX): New macros. * src/sfnt/sfobjs.c (sfnt_load_face): Set `FT_FACE_FLAG_SBIX` if 'sbix' table is present.
Werner Lemberg fc15ebe0 2022-03-21T11:15:41 * src/sfnt/ttkern.c (tt_face_get_kerning): Exit early if no table. Fixes #1141.
Ben Wagner a960be9e 2022-03-18T17:41:01 [woff2] Support overlap flag for simple glyphs. In the woff2 spec it has been proposed to allow the OVERLAP_SIMPLE flag to be retained through the woff2 format [0]. [0] https://www.w3.org/TR/WOFF2/#glyf_table_format * src/sfnt/sfwoff2.h (GLYF_OVERLAP_SIMPLE): add glyf flag. * src/sfnt/sfwoff2.c (reconstruct_glyf): parse optionFlags and overlapSimpleBitmap[]. (store_points): set OVERLAP_SIMPLE on first point's flag if the overlap bit is set.
Werner Lemberg 53dfdcd8 2022-03-17T19:24:16 [sfnt] Avoid invalid face index. Fixes #1138. * src/sfnt/sfobjs.c (sfnt_init_face), src/sfnt/sfwoff2.c (woff2_open_font): Check `face_index` before decrementing.
Werner Lemberg 1e2eb650 2022-03-07T10:13:29 Documentation, whitespace.
Ben Wagner 335224be 2022-03-03T16:33:40 [sfnt] Fix bounds check in SVG. The `SVG_DOCUMENT_LIST_MINIMUM_SIZE` macro is non trivial and not protected by parentheses. As a result, the expression `table_size - SVG_DOCUMENT_LIST_MINIMUM_SIZE` expands to `table_size - 2U + SVG_DOCUMENT_RECORD_SIZE` instead of the expected `table_size - (2U + SVG_DOCUMENT_RECORD_SIZE)`. This causes an incorrect bounds check which may lead to reading past the end of the `SVG ` table. * src/sfnt/ttsvg.c (tt_face_load_svg): wrap macro definitions in parentheses. Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=45179
Werner Lemberg 5b26e92a 2022-02-19T05:26:53 src/sfnt/ttkern.c (tt_face_load_kern): Micro-optimize. A kerning table can be handled by binary search if it has equal entries. Fixes #1132.
Alexei Podtelezhnikov bee88864 2022-01-30T21:55:21 Clean-up - do not doubt FT_FREE. * src/base/ftobjs.c (memory_stream_close): Do not reassign zero after `FT_FREE`. * src/sfnt/sfwoff.c (sfnt_stream_close): Ditto. * src/sfnt/sfwoff2.c (stream_close): Ditto. * src/psaux/psobjs.c (ps_parser_load_field): Ditto. * src/truetype/ttgxvar.c (ft_var_load_avar, tt_set_mm_blend, tt_set_mm_blend): Ditto.
Alexei Podtelezhnikov b34741c1 2022-01-27T22:55:34 Minor clean-ups. * src/base/ftrfork.c (raccess_make_file_name): Do not set error. * src/sfnt/sfdriver.c (get_win_string, get_apple_string): Ditto. * src/cff/cffobjs.c (cff_strcpy): Do not confuse about error. * src/psaux/psobjs.c (ps_table_done): Ditto. * src/truetype/ttgxvar.c (ft_var_readpacked*, ft_var_load_avar): Ditto.
Werner Lemberg 112527dd 2022-01-22T11:45:30 [sfnt] Reject malformed SVG tables. * src/sfnt/ttsvg.c (SVG_TABLE_HEADER_SIZE, SVG_DOCUMENT_RECORD_SIZE, SVG_DOCUMENT_LIST_MINIMUM_SIZE, SVG_MINIMUM_SIZE): New macros. (tt_face_load_svg): Check offsets. Check table and record sizes. Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43918
Moazin Khatti 0bf49bd2 2021-12-25T20:14:11 Add 'svg' module for OT-SVG rendering. * CMakeLists.txt (BASE_SRCS): Add svg module file. * meson.build (ft2_public_headers): Add `otsvg.h`. * modules.cfg (RASTER_MODULES): Add `svg` module. * builds/meson/parse_modules_cfg.py: Add svg module. * include/freetype/config/ftmodule.h: Add `ft_svg_renderer_class`. * include/freetype/fterrdef.h: Add `Invalid_SVG_Document` and `Missing_SVG_Hooks` error codes. * include/freetype/internal/fttrace.h: Add tracing for `otsvg`. * include/freetype/internal/svginterface.h: New file. It adds an interface to enable the presetting hook from the `base` module. * include/freetype/otsvg.h (SVG_Lib_Init_Func, SVG_Lib_Free_Func, SVG_Lib_Render_Func, SVG_Lib_Preset_Slot_Func): New hooks for SVG rendering. (SVG_RendererHooks): New structure to access them. * src/base/ftobjs.c: Include `svginterface.h`. (ft_glyphslot_preset_bitmap): Add code for presetting the slot for SVG glyphs. (ft_add_renderer): Updated. * src/svg/*: New files.
Moazin Khatti f93a897a 2021-12-25T19:20:44 Add code to load OT-SVG glyph documents. * include/freetype/config/ftheader.h (FT_OTSVG_H): New macro. * include/freetype/freetype.h (FT_FACE_FLAG_SVG, FT_HAS_SVG): New macros. (FT_LOAD_SVG_ONLY): New internal macro. * include/freetype/ftimage.h (FT_Glyph_Format): New enumeration value `FT_GLYPH_FORMAT_SVG`. * include/freetype/internal/ftobjs.h (FT_GLYPH_OWN_GZIP_SVG): New macro. * include/freetype/internal/fttrace.h: Add `ttsvg` for `ttsvg.c`. * include/freetype/internal/sfnt.h(load_svg, free_svg, load_svg_doc): New functions. * include/freetype/internal/tttypes.h (TT_FaceRec): Add `svg` for the SVG table. * include/freetype/otsvg.h (FT_SVG_DocumentRec): New structure to hold the SVG document and other necessary information of an OT-SVG glyph in a glyph slot. * include/freetype/tttags.h (TTAG_SVG): New macro. * src/base/ftobjs.c: Include `otsvg.h`. (ft_glyphslot_init): Allocate `FT_SVG_DocumentRec` in `slot->other` if the SVG table exists. (ft_glyphslot_clear): Free it upon clean-up if it is a GZIP compressed glyph. (ft_glyphslot_done): Free the document data if it is a GZIP compressed glyph. (FT_Load_Glyph): Don't auto-hint SVG documents. * src/cache/ftcbasic.c (ftc_basic_family_load_glyph): Add support for FT_GLYPH_FORMAT_SVG. * src/sfnt/rules.mk (SFNT_DRV_SRC): Add `ttsvg.c`. * src/sfnt/sfdriver.c: Include `ttsvg.h`. (sfnt_interface): Add `tt_face_load_svg`, `tt_face_free_svg` and `tt_face_load_svg_doc`. * src/sfnt/sfnt.c: Include `ttsvg.c`. * src/sfnt/sfobjs.c (sfnt_load_face, sfnt_done_face): Add code to load and free data of the the SVG table. * src/sfnt/ttsvg.c: New file, implementing `tt_face_load_svg`, `tt_face_free_svg` and `tt_face_load_svg_doc`. * src/sfnt/ttsvg.h: Declarations of the SVG functions in `ttsvg.c`.
Dominik Röttsches 3876846e 2022-01-11T13:40:20 [sfnt] Fix limit checks for `COLR` v1 ClipBoxes * src/sfnt/ttcolr.c (tt_face_get_color_glyph_clipbox): Fix off-by-one in limit checks.
Werner Lemberg d0cfb4e1 2022-01-11T10:54:10 Update all copyright notices.
Werner Lemberg 947fddc8 2022-01-09T07:26:26 * src/sfnt/ttcolr.c (read_paint): Fix undefined left-shift operation. Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43151
Werner Lemberg 4a89112b 2022-01-08T16:56:57 * src/sfnt/ttcolr.c (tt_face_get_color_glyph_clipbox): Add limit checks. Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=40716
Alexei Podtelezhnikov ca011128 2022-01-08T22:28:44 [sfnt] Fix off-by-one error. The 0-base index is equal to the number of previosly parsed entries. It is an error to adjust it by one to get the number truncated by a stream error. This is probably inconsequential because valid entries are correctly accounted for. * src/sfnt/ttload.c (check_table_dir): Do not adjust the truncated number of tables.
Werner Lemberg 7a493e3a 2022-01-08T10:28:19 [sfnt, type42] Correct previous commit. Really fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42773. * src/sfnt/ttload.c (check_table_dir): Revert change. * src/type42/t42.parse.c (t42_parse_sfnts): Don't use `FT_QREALLOC` but `FT_REALLOC` for setting up `ttf_data` to avoid uninitialized memory access while handling malformed TrueType fonts later on.
Werner Lemberg bf9b1ef9 2022-01-07T10:25:52 * src/sfnt/ttload.c (check_table_dir): Initialize `table`. Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42773
Werner Lemberg b5c2172f 2022-01-07T06:53:44 [sfnt] Avoid 'runtime error: applying zero offset to null pointer'. * src/sfnt/ttsbit.c (tt_sbit_decoder_load_byte_aligned): Exit early if `line` is NULL.
Dominik Röttsches 9597fd7b 2021-11-11T17:33:37 [sfnt] Avoid undefined shifts in `COLR` v1 paint parsing * src/sfnt/ttcolr.c (read_paint, tt_face_get_paint): Tighten shift behavior by using multiplication, mostly using macros from ftcalc.h. Fixes: https://bugs.chromium.org/p/chromium/issues/detail?id=1269168
Werner Lemberg d899b200 2021-11-08T12:27:04 * src/sfnt/sfobjs.c (sfnt_open_font): Fix typo.