From b4c810e2b49e825936170d6898fa6edd68aacea4 Mon Sep 17 00:00:00 2001 From: Werner Lemberg Date: Mon, 22 Sep 2008 11:28:46 +0000 Subject: [PATCH] * src/cff/cffgload.c (CFF_Operator, cff_argument_counts, cff_decoder_parse_charstrings): Handle (invalid) `callothersubr' and `pop' instructions. --- ChangeLog | 6 ++++++ src/cff/cffgload.c | 36 ++++++++++++++++++++++++++++++++++-- 2 files changed, 40 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index b6a349cc2..e0bd9d519 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,9 @@ +2008-09-22 Werner Lemberg + + * src/cff/cffgload.c (CFF_Operator, cff_argument_counts, + cff_decoder_parse_charstrings): Handle (invalid) + `callothersubr' and `pop' instructions. + 2008-09-22 John Tytgat Fix Savannah bug #24307. diff --git a/src/cff/cffgload.c b/src/cff/cffgload.c index 53ec3e566..22aded4f3 100644 --- a/src/cff/cffgload.c +++ b/src/cff/cffgload.c @@ -110,8 +110,11 @@ cff_op_callgsubr, cff_op_return, - cff_op_hsbw, /* Type 1 opcode: invalid but seen in real life */ - cff_op_closepath, /* ditto */ + /* Type 1 opcodes: invalid but seen in real life */ + cff_op_hsbw, + cff_op_closepath, + cff_op_callothersubr, + cff_op_pop, /* do not remove */ cff_op_max @@ -198,6 +201,8 @@ 0, 2, /* hsbw */ + 0, + 0, 0 }; @@ -1044,6 +1049,12 @@ case 15: op = cff_op_eq; break; + case 16: + op = cff_op_callothersubr; + break; + case 17: + op = cff_op_pop; + break; case 18: op = cff_op_drop; break; @@ -2150,6 +2161,27 @@ args = stack; break; + case cff_op_callothersubr: + /* this is an invalid Type 2 operator; however, there */ + /* exist fonts which are incorrectly converted from probably */ + /* Type 1 to CFF, and some parsers seem to accept it */ + + FT_TRACE4(( " callothersubr (invalid op)\n" )); + + /* don't modify stack; handle the subr as `unknown' so that */ + /* following `pop' operands use the arguments on stack */ + break; + + case cff_op_pop: + /* this is an invalid Type 2 operator; however, there */ + /* exist fonts which are incorrectly converted from probably */ + /* Type 1 to CFF, and some parsers seem to accept it */ + + FT_TRACE4(( " pop (invalid op)\n" )); + + args++; + break; + case cff_op_and: { FT_Fixed cond = args[0] && args[1];