Commit Graph

10417 Commits

Author SHA1 Message Date
Ebrahim Byagowi
44169f3396
[draw] Fix invalid rendering of some glyph on Estedad-VF
Basically reverts 11f3fca so I can do the same tested and better later

Fixes #2215
2020-02-29 16:04:03 +03:30
Ebrahim Byagowi
86c40b3a1d [fuzz/draw] Call _get_glyph_extents
Other render related APIs also may be added also later such
as ot-color and future rendering things.
2020-02-29 14:53:34 +03:30
Michiharu Ariza
5ab50eebd7
collect_unicodes() with clamp, calling add_range()
Use add_range instead an inner loop, clamp its input number by
number of glyphs a face has.

Even the face cmap12 and 13 have 32-bit hb_codepoint_t, which is here
used to make timeout, face's maxp has 16-bit gid limitation at least for now,
using that makes sure we both fix and the timeout and don't need to change
much things here also in order to support 32-bit gids also someday.

Fixes #2204
2020-02-29 13:02:29 +03:30
Garret Rieger
414529e45a [subset] Limit the number of feature indices processed during script subsetting. 2020-02-28 16:10:14 -08:00
Garret Rieger
75622b0d24 [subset] Limit the number of features processed in the feature closure. 2020-02-28 16:10:14 -08:00
Garret Rieger
410b4881d0 [subset] Add fuzzer timeout testcase. 2020-02-28 16:10:14 -08:00
Garret Rieger
c66ee213b7 Limit the number of feature indices processed during feature collection. 2020-02-28 16:10:14 -08:00
Ebrahim Byagowi
e57ced5fc0
[gvar] Add other possibly fixed fuzzer case
Speculatively should've been fixed by 61208401

https://crbug.com/oss-fuzz/20924 related
2020-02-28 23:29:05 +03:30
Ebrahim Byagowi
758fda728b
[glyf] Don't accept gids higher than maxp's glyphs number
This specially becomes concerning on sub-components where a gvar table
that is sanitized using maxp's glyphs number overflows when a high gid
accepted here goes to it, maybe an additional check can be put there
also, this however feels to be enough.

Fixes https://crbug.com/oss-fuzz/20944
2020-02-28 23:19:06 +03:30
Ebrahim Byagowi
e642aab116
[subset] Add source_blob as a hb_subset_context_t field (#2203)
So no more double sanitizing source table.
2020-02-28 22:24:25 +03:30
Ebrahim Byagowi
e90213868b Revert "collect_unicodes() to check gid < num_glyphs with cmap 12"
Didn't fix the case actually, making bots to fail.

This reverts commit 15b43a4104.
2020-02-28 21:24:51 +03:30
Ebrahim Byagowi
61208401f4
[gvar] Use hb_bytes_t.check_range instead having in house one
And use TupleVarHeader calculated size for validity check.

Fixes https://crbug.com/oss-fuzz/20919 and possibly other gvar related issues
2020-02-28 21:09:07 +03:30
Michiharu Ariza
15b43a4104
collect_unicodes() to check gid < num_glyphs with cmap 12
fixes #2204
2020-02-28 20:15:39 +03:30
Ebrahim Byagowi
868ecf7b26 [draw] Add fuzzer runner 2020-02-28 19:57:56 +03:30
Qunxin Liu
b0749bfaa5 [subset] GDEF LigCaretList subsetting support 2020-02-28 14:51:52 +03:30
ariza
002f0e20c4 reimplment serialize_int using check_assign() 2020-02-28 14:21:58 +03:30
Ebrahim Byagowi
14b134379d [gvar] Minor, check whether sub_array result also have enough room 2020-02-27 21:01:48 +03:30
Ebrahim Byagowi
8eba66c1c6 [gvar] Fix invalid memory access by refactoring GlyphVarData fetch logic
Fixes https://crbug.com/oss-fuzz/20906
2020-02-27 20:26:54 +03:30
Evgeniy Reizner
f44e1dc07d Fix spelling. 2020-02-27 13:33:56 +03:30
Qunxin Liu
5ad761b943 [subset] GDEF MarkGlyphSets subsetting support 2020-02-26 15:15:21 -08:00
Qunxin Liu
fcd7f33bbb [subset] GDEF glyphClassDef subsetting support
glyphClassDef uses the same ClassDef format. However, glyphClassDef table
uses predefined class values so we do not remap class values.
2020-02-26 11:10:31 -08:00
Garret Rieger
50129b03a1 Add a reverse () call to hb_array_t. 2020-02-26 11:09:54 -08:00
Garret Rieger
38c6598c1c Switch to C style comments. 2020-02-26 11:09:54 -08:00
Garret Rieger
52b6e0baa0 When serializing cmap14 order the offsets from smallest to largest.
Current versions of OTS fail fonts with cmap 14's who's last offset does not point to the a block at the end of the table.
2020-02-26 11:09:54 -08:00
ariza
a99134c5be add oss-fuzz 20886 test file 2020-02-26 09:58:03 -08:00
ariza
d0aaba5c50 fixes oss-fuzz 20886
hb_set_t::resize () is needed after compact()
2020-02-26 09:35:32 -08:00
Ebrahim Byagowi
05a25c1a5b
[cff] minor, remove unused fields 2020-02-26 19:35:27 +03:30
Ebrahim Byagowi
9fe0dc3464 [draw] Pass draw_helper_t itself around instead recreating it
Specially helpful if we want to change the design
2020-02-26 17:40:46 +03:30
Ebrahim Byagowi
1b8b863898 minor 2020-02-26 16:36:48 +03:30
Ebrahim Byagowi
4cdaa9d1f4 [glyf] Simplify contour end logic
So no need for infinite loop here
2020-02-26 16:29:14 +03:30
Ebrahim Byagowi
132fcfbc47 [fuzz] minor don't abort main.cc when the file was empty or not found 2020-02-26 16:15:17 +03:30
Ebrahim Byagowi
84163c83d3 [draw] Skip commands and paths not contributing anything
They aren't contributing to rendering and making issue for stroking, let's skip them
ourselves as Skia does also https://skia-review.googlesource.com/c/skia/+/268166

They are useful for extracting extents and so which that functionality won't be effected by this change.
2020-02-26 16:09:28 +03:30
Ebrahim Byagowi
073d4954e0 [draw] Port glyf path extract to draw_helper_t 2020-02-26 15:40:40 +03:30
Ebrahim Byagowi
0ebf3a4e62 [draw] Move common CFF path building logic to draw_helper_t 2020-02-26 15:15:22 +03:30
Michiharu Ariza
c400cb8863
Re-implement hb_set_t::del_range (#2194)
* optimize hb_set_del_range()

fix issue #2193

* fixed bug & added tests

* coding & comment tweaks
2020-02-25 16:06:03 -08:00
Ebrahim Byagowi
c21eb86bfd
Merge pull request #2163 from harfbuzz/absolute-link
added add_link_abs()
2020-02-26 02:54:38 +03:30
ariza
4081439d2a tweak reflecting review & add test cases 2020-02-25 15:03:12 -08:00
Ebrahim Byagowi
152000d9c7 [fuzz] Practice variations on font object 2020-02-25 21:16:57 +03:30
Ebrahim Byagowi
036d868913 [draw] Add a fuzzer
Specially checks correctness of the API semantics:
* no move happens when a path is already opened with move-to.
* no path will be left open and close-path will happen at the end of opened paths.
* no path opens with a move-to and will be closed with no length.
* paths start and ending points matches.
* no line/quadratic/cubic command will be issued when no path is started.
2020-02-25 19:09:44 +03:30
ariza
de896278f7 coding & comment tweaks 2020-02-25 07:12:20 -08:00
Ebrahim Byagowi
2f97aa65e5 [cff] Make sure previous is ended on processing a seac 2020-02-25 18:07:44 +03:30
Ebrahim Byagowi
acc2d4738e [cff] Make path extract easier to read and more defensive 2020-02-25 18:05:48 +03:30
Ebrahim Byagowi
b59eb54f70 [glyf] Refactor, move get_points inside Glyph 2020-02-25 12:56:32 +03:30
ariza
173b745da8 fixed bug & added tests 2020-02-24 22:56:57 -08:00
ariza
a5012e97c4 optimize hb_set_del_range()
fix issue #2193
2020-02-24 17:09:48 -08:00
Ebrahim Byagowi
96b71e802f [fuzz] make the custom loader to handle multiple files
Actually this was the way it used to work :)
2020-02-24 23:01:02 +03:30
Ebrahim Byagowi
1f5a54c768 [gvar] fix infinite loop introduced by 11f3fca
The attempt on removing end_points had made the code unreadable
and has intrdouced infinite, fixed by making the code clear what
it tries to achieve.
2020-02-24 14:30:07 +03:30
Ebrahim Byagowi
f00eb4ebfa [gvar] Don't compare against Null address 2020-02-24 09:25:19 +03:30
Ebrahim Byagowi
19b78d56cd [gvar] Accept coord_count even if is higher than gvar's axisCount 2020-02-24 09:25:18 +03:30
Ebrahim Byagowi
197e2e929b [gvar] Return gracefully even if gvar wasn't used at all 2020-02-24 08:55:35 +03:30