Commit Graph

3892 Commits

Author SHA1 Message Date
suzuki toshiya
73aa20ca1d [cff] Truncate the element length at the end of the stream.
See Savannah bug #30975.

* src/cff/cffload.c (cff_index_access_element): `off2', the
offset to the next element is truncated at the end of the
stream to prevent invalid I/O.  As `off1', the offset to the
requested element has been checked by FT_STREAM_SEEK(),
`off2' should be checked similarly.
2010-09-20 01:31:42 +09:00
suzuki toshiya
d2d843a01c [cff] Ignore CID > 0xFFFFU.
See Savannah bug #30975.

* src/cff/cffload.c (cff_charset_compute_cids): Ignore CID if
greater than 0xFFFFU.  CFF font spec does not mention about
maximum CID in the font, but PostScript and PDF spec define
that maximum CID is 0xFFFFU.
2010-09-20 01:28:17 +09:00
suzuki toshiya
a0f43f207b [cff] Make trace message in cff_charset_load() verbose.
See Savannah bug #30975.

* src/cff/cffload.c (cff_charset_load): Report the original
`nleft' and truncated `nleft'.
2010-09-20 01:26:56 +09:00
suzuki toshiya
b3e1954d16 [cff] Correct `max_cid' from CID array length to max CID.
See Savannah bug #30975.

* src/cff/cffload.c (cff_charset_compute_cids): Don't increment
max_cid after detecting max CID.  The array CFF_Charset->cids
is allocated by max_cid + 1.
(cff_charset_cid_to_gindex): Permit CID is less than or equal
to CFF_Charset->max_cid.
* src/cff/cffobjs.c (cff_face_init): FT_Face->num_glyphs is
calculated as CFF_Charset->max_cid + 1.
2010-09-20 01:24:44 +09:00
suzuki toshiya
643d49df09 [truetype] Sanitize the broken offsets in `loca'.
* src/truetype/ttpload.c (tt_face_get_location): If `pos1', the
offset to the requested entry in `glyf' exceeds the end of the
table, return offset=0, length=0.  If `pos2', the offset to the
next entry in `glyf' exceeds the end of the table, truncate
the entry length at the end of `glyf' table.
See Savannah bug #31040.
2010-09-20 01:16:39 +09:00
suzuki toshiya
900e7e0cde [sfnt] Prevent overrunning in `post' table parser.
* src/sfnt/ttpost.c (load_post_names): Get the length of
`post' table and pass the limit of `post' table to
load_format_20() and load_format_25().
(load_format_20): Stop the parsing when we reached at the
limit of `post' table.  If more glyph names are required,
they are filled by NULL names.  See Savannah bug #31040.
2010-09-20 01:05:26 +09:00
suzuki toshiya
db053ec9a5 [truetype] Don't duplicate size->twilight structure to be freed.
* src/truetype/ttinterp.c (free_buffer_in_size): Don't duplicate
FT_GlyphZoneRec size->twilight to be freed.  If duplicated,
FT_FREE() erases the duplicated pointers only and leave original
pointers.  They can cause the double-free crash when the burst
errors occur in TrueType interpreter and free_buffer_in_size()
is invoked repeatedly.  See Savannah bug #31040 for detail.
2010-09-17 23:20:00 +09:00
Werner Lemberg
afd89d309d Make bytecode debugging with FontForge work again.
* src/truetype/ttinterp.c (TT_RunIns): Don't call
`free_buffer_in_size' in case of error if a debugger is active.
2010-09-15 13:02:35 +02:00
Werner Lemberg
6abb9232b6 Improve tracing messages.
* src/truetype/ttinterp.c (TT_RunIns): Improve wording of tracing
message.
* src/truetype/ttobjs.c (tt_size_run_fpgm, tt_size_run_prep): Add
tracing message.
* src/truetype/ttgload.c (tt_loader_init): Add tracing message.
* src/cache/ftcsbits.c (ftc_snode_load): Emit tracing message if
glyph doesn't fit into a small bitmap container.
2010-09-14 09:02:10 +02:00
Werner Lemberg
5220ef58c5 Fix minor issues reported by <muktha.narayan@wipro.com>.
* src/autofit/aflatin.c (af_latin_compute_stem_width): Remove
redundant conditional check.
* src/base/ftsynth.c (FT_GlyphSlot_Embolden): Ditto.
* src/cff/cffload.c (cff_encoding_load): Remove conditional check
which always evaluates to `true'.
* src/pshinter/pshalgo.c (ps_glyph_interpolate_strong_points):
Ditto.
* src/truetype/ttinterp.c (Ins_IUP): Ditto.
* src/cid/cidgload.c (cid_slot_load_glyph): Don't check for NULL if
value is already dereferenced.
* src/winfonts/winfnt.c (FNT_Load_Glyph): Fix check of `face'.
2010-09-13 07:32:22 +02:00
suzuki toshiya
fd0cdb7b9e Ignore the environmental setting of LIBTOOL.
Patch is suggested by Adrian Bunk, to prevent unexpected
reflection of environmental LIBTOOL.  See:
http://savannah.nongnu.org/patch/?7290

* builds/unix/unix-cc.in: LIBTOOL is unconditionally set to
$(FT_LIBTOOL_DIR)/libtool.  FT_LIBTOOL_DIR is set to $(BUILD_DIR)
by default.
* configure: When configured for the building out of source tee,
FT_LIBTOOL_DIR is set to $(OBJ_DIR).
2010-08-31 18:32:03 +09:00
suzuki toshiya
0eb657b0aa [truetype] Decrease the trace level catching the interpreter error.
* src/truetype/ttinterp.c (TT_RunIns): Decrease the trace level
showing the error when the interpreter returns with an error,
from FT_TRACE7() to FT_TRACE1().
2010-08-31 13:29:05 +09:00
suzuki toshiya
29e044a4af [truetype] Prevent bytecode reuse after the interpretation error.
* src/truetype/ttinterp.c (free_buffer_in_size): New function to
free the buffer allocated during the interpretation of this glyph.
(TT_RunIns): Unset FT_Face->size->{cvt_ready,bytecode_ready} if
an error occurs in the bytecode interpretation.  The interpretation
of invalid bytecode may break the function definitions and referring
them in later interpretation is danger.  By unsetting these flags,
`fpgm' and `prep' tables are executed again in next interpretation.

Fix Savannah bug #30798, reported by Robert Swiecki.
2010-08-31 01:23:30 +09:00
Werner Lemberg
12cf031644 [ftraster] Pacify compiler.
* src/raster/ftraster.c (ft_black_new) [_STANDALONE_]: `memory' is
not used.
2010-08-29 17:24:30 +02:00
Werner Lemberg
0e95b3d15c [cff] Allow SIDs >= 65000.
* src/cff/cffload.c (cff_charset_load): Fix change from 2009-03-20:
The threshold for SIDs is not applicable here.  I misinterpreted the
`SID values 65000 and above are available for implementation use'
sentence in the CFF specification.

Problem reported by Ivan Ninčić <inincic@pdftron.com>.
2010-08-29 17:24:30 +02:00
suzuki toshiya
1ab1e9ae30 Fix ChangeLogs. 2010-08-29 06:04:51 +09:00
suzuki toshiya
0eb9b1f571 Force hinting when the font lacks its familyname.
In Type42 or Type11 font embedded in PostScript & PDF, TrueType
sfnt stream may lack `name' table because they are not required.
Hinting for nameless fonts is safer for PDFs including embedded
Chinese fonts. Written by David Bevan, see:

http://lists.gnu.org/archive/html/freetype-devel/2010-08/msg00021.html
http://lists.freedesktop.org/archives/poppler/2010-August/006310.html

* src/truetype/ttobjs.c (tt_check_trickyness): If a NULL pointer
by nameless font is given, TRUE is returned to enable hinting.
2010-08-28 21:42:28 +09:00
suzuki toshiya
8b05b5d801 Register yet another tricky TrueType font.
* src/truetype/ttobjs.c (tt_check_trickyness): Add `HuaTianKaiTi?',
a Kaishu typeface paired with `HuaTianSongTi?' by Huatian
Information Industry.
2010-08-28 21:16:26 +09:00
Werner Lemberg
f434e29906 In the documentation, explain what `padding' means. 2010-08-21 09:01:51 +02:00
Teijo Kinnunen
ebaeb6425e Fix Savannah bug #30788.
* src/cache/ftccache.c (FTC_Cache_Clear): Check `cache->buckets' for
NULL too.
2010-08-17 07:40:55 +02:00
Werner Lemberg
a205b3ca85 Try to fix Savannah bug #30717 (and probably #30719 too).
* src/smooth/ftsmooth.c (ft_smooth_render_generic): Add another
overflow test for `width' and `height'.
2010-08-10 02:59:12 +02:00
Werner Lemberg
e563216ddd Typo. 2010-08-07 09:15:34 +02:00
Werner Lemberg
6a8691eb6a * Version 2.4.2 released.
=========================

Tag sources with `VER-2-4-2'.

* docs/CHANGES: Updated.

* docs/VERSION.DLL: Update documentation and bump version number to
2.4.2

* README, Jamfile (RefDoc),
builds/win32/vc2005/freetype.vcproj, builds/win32/vc2005/index.html,
builds/win32/vc2008/freetype.vcproj, builds/win32/vc2008/index.html,
builds/win32/visualc/freetype.dsp,
builds/win32/visualc/freetype.vcproj,
builds/win32/visualc/index.html, builds/win32/visualce/freetype.dsp,
builds/win32/visualce/freetype.vcproj,
builds/win32/visualce/index.html,
builds/wince/vc2005-ce/freetype.vcproj,
builds/wince/vc2005-ce/index.html,
builds/wince/vc2008-ce/freetype.vcproj,
builds/wince/vc2008-ce/index.html: s/2.4.1/2.4.2/, s/241/242/.

* include/freetype/freetype.h (FREETYPE_PATCH): Set to 2.

* builds/unix/configure.raw (version_info): Set to 12:0:6.
2010-08-06 22:00:38 +02:00
Werner Lemberg
7e370676f9 Synchronize devel/ftoption.h. 2010-08-06 21:59:22 +02:00
Werner Lemberg
ba95440cd1 Minor doc fixes, formatting. 2010-08-06 20:07:36 +02:00
suzuki toshiya
445241589d Fix Savannah bug #30648.
* src/base/ftobjs.c (FT_Done_Library): Specify the order of font
drivers in face closing process. Type42 faces should be closed
before TrueType faces, because a Type42 face refers another
internal TrueType face which is created from sfnt[] array on the
memory.
2010-08-07 01:46:56 +09:00
Yuriy Kaminskiy
c9de9cbd56 [raster] Fix valgrind warning.
* src/raster/ftraster.c (Decompose_Curve) <default>: Access point[0]
only if we don't hit `limit'.
2010-08-06 08:20:28 +02:00
suzuki toshiya
018f5c2781 Update docs/CHANGES to note that CFF stack overflow bug is fixed. 2010-08-06 14:12:54 +09:00
suzuki toshiya
81f3472c0b Fix Savannah bug #30658.
* src/base/ftobjs.c (Mac_Read_POST_Resource): Check the total
length of collected POST segments does not overrun the allocated
buffer.
2010-08-06 14:11:54 +09:00
Werner Lemberg
223cb1b57c [cff] Add comment to clarify current implementation of `pop' operator. 2010-08-06 06:55:09 +02:00
Werner Lemberg
948076cd85 Fix conditional usage of FT_MulFix_i386.
With -ansi flag, gcc does not define `i386', only `__i386__'.

* include/freetype/config/ftconfig.h, builds/unix/ftconfig.in:
s/i386/__i386__/.
2010-08-06 01:39:26 +02:00
Werner Lemberg
346f1867fd Fix Savannah bug #30657.
* src/truetype/ttinterp.c (BOUNDSL): New macro.
Change `BOUNDS' to `BOUNDSL' where appropriate.

* src/truetype/ttinterp.h (TT_ExecContextRec): Fix type of
`cvtSize'.
2010-08-06 00:47:57 +02:00
Werner Lemberg
c06da1ad34 Fix Savannah bug #30656.
* src/type42/t42parse.c (t42_parse_sfnts): Protect against negative
string_size.
Fix comparison.
2010-08-05 23:15:26 +02:00
suzuki toshiya
d9b3e39484 [cff] Don't use any values in decoder after parsing error.
* src/cff/cffgload.c (cff_slot_load): Skip the evaluations
of the values in decoder, if cff_decoder_parse_charstrings()
returns any error.
2010-08-05 17:10:32 +09:00
Werner Lemberg
45a3c76b54 Fix Savannah bug #30644.
* src/base/ftstream.c (FT_Stream_EnterFrame): Fix comparison.
2010-08-04 15:54:55 +02:00
Werner Lemberg
32dc43a5cc `make devel' fails if FT_CONFIG_OPTION_OLD_INTERNALS is set.
* devel/ftoption.h: Synchronize with
include/freetype/config/ftoption.h.
2010-08-04 15:21:20 +02:00
Suzuki, Toshiya (鈴木俊哉)
11d65e8a1f [cff] Improve stack overflow test.
* src/cff/cffgload.c (cff_decoder_parse_charstrings): Check stack
after execution of operations too.
2010-08-04 14:43:29 +02:00
Werner Lemberg
fe3433c736 Add reference counters and to FT_Library and FT_Face objects.
* include/freetype/freetype.h (FT_Reference_Face): New function.
* include/freetype/ftmodapi.h (FT_Rererence_Library): New function.

* include/freetype/internal/ftobjs.h (FT_Face_InternalRec,
FT_LibraryRec): New field `refcount'.

* src/base/ftobjs.c (FT_Open_Face, FT_New_Library): Handle
`refcount'.
(FT_Reference_Face, FT_Reference_Library): Implement new functions.
(FT_Done_Face, FT_Done_Library): Handle `refcount'.

* docs/CHANGES: Updated.
2010-07-18 18:41:47 +02:00
Werner Lemberg
b69c6ac011 * Version 2.4.1 released.
=========================

Tag sources with `VER-2-4-1'.

* docs/CHANGES: Updated.

* docs/VERSION.DLL: Update documentation and bump version number to
2.4.1.

* README, Jamfile (RefDoc),
builds/win32/vc2005/freetype.vcproj, builds/win32/vc2005/index.html,
builds/win32/vc2008/freetype.vcproj, builds/win32/vc2008/index.html,
builds/win32/visualc/freetype.dsp,
builds/win32/visualc/freetype.vcproj,
builds/win32/visualc/index.html, builds/win32/visualce/freetype.dsp,
builds/win32/visualce/freetype.vcproj,
builds/win32/visualce/index.html,
builds/wince/vc2005-ce/freetype.vcproj,
builds/wince/vc2005-ce/index.html,
builds/wince/vc2008-ce/freetype.vcproj,
builds/wince/vc2008-ce/index.html: s/2.4.0/2.4.1/, s/240/241/.

* include/freetype/freetype.h (FREETYPE_PATCH): Set to 1.

* builds/unix/configure.raw (version_info): Set to 11:1:5.
2010-07-18 06:20:09 +02:00
Werner Lemberg
2de6b8a3db [cff] Final try to fix hintmask' and cntrmask' limit check.
Problem reported by Tobias Wolf <towolf@gmail.com>.

* src/cff/cffgload.c (cff_decoder_parse_charstrings)
<cff_op_hintmask>: Sigh.  I'm apparently too silly to fix this
correctly in less than three tries.
2010-07-17 13:39:50 +02:00
Werner Lemberg
072afbdbac Fix ChangeLog entry. 2010-07-13 06:26:46 +02:00
Werner Lemberg
15ffc3546d * Version 2.4.0 released.
=========================

Tag sources with `VER-2-4-0'.

* docs/CHANGES: Updated.

* docs/VERSION.DLL: Update documentation and bump version number to
2.4.0.

* README, Jamfile (RefDoc),
builds/win32/vc2005/freetype.vcproj, builds/win32/vc2005/index.html,
builds/win32/vc2008/freetype.vcproj, builds/win32/vc2008/index.html,
builds/win32/visualc/freetype.dsp,
builds/win32/visualc/freetype.vcproj,
builds/win32/visualc/index.html, builds/win32/visualce/freetype.dsp,
builds/win32/visualce/freetype.vcproj,
builds/win32/visualce/index.html,
builds/wince/vc2005-ce/freetype.vcproj,
builds/wince/vc2005-ce/index.html,
builds/wince/vc2008-ce/freetype.vcproj,
builds/wince/vc2008-ce/index.html: s/2.3.12/2.4.0/, s/2312/240/.

* include/freetype/freetype.h (FREETYPE_MINOR): Set to 4.
(FREETYPE_PATCH): Set to 0.

* builds/unix/configure.raw (version_info): Set to 11:0:5.
2010-07-12 22:07:16 +02:00
Werner Lemberg
511b799926 Split ChangeLog. 2010-07-12 21:53:20 +02:00
Werner Lemberg
8c4b462a56 Typo. 2010-07-12 21:25:01 +02:00
Werner Lemberg
c8f5b98be2 Remove C++ warnings.
*/*: Initialize pointers where necessary to make g++ happy.
2010-07-12 21:13:22 +02:00
malc
f4e6c155f0 Fix type-punning issues with C++.
* include/freetype/internal/ftmemory.h (FT_ASSIGNP) [__cplusplus]:
Emulate a `typeof' operator with an inline template which uses
`static_cast'.
2010-07-12 20:57:54 +02:00
Werner Lemberg
7fa49cee58 Typo. 2010-07-12 00:33:36 +02:00
Werner Lemberg
ebfd454a60 Fix C++ compilation issue.
* src/tools/apinames.c (names_dump) <OUTPUT_WATCOM_LBC>: Fix
typo of `dot' variable.
2010-07-11 09:28:21 +02:00
suzuki toshiya
d594202ebb Fix another case reported in Savannah bug #30373.
Permit a face for Type1, Type42 and CFF without charmap,
patch by Tor Andersson.

* src/type1/t1objs.c (T1_Face_Init): Reset the error if it
is FT_Err_No_Unicode_Glyph_Name.
* src/type42/t42objs.c (T42_Face_Init): Ditto.
* src/cff/cffobjs.c (cff_face_init): Ditto.
2010-07-11 00:31:17 +09:00
suzuki toshiya
84fa62e0d7 Fix a mistake in t42objs.c in previous commit. 2010-07-09 23:43:14 +09:00