Fix some FreeType Coverity issues as reported for Ghostscript.

* src/base/ftobjs.c (FT_New_Face, FT_New_Memory_Face): Initialize
`args.stream' (#3874, #3875).
(open_face_PS_from_sfnt_stream): Improve error management (#3786).
* src/base/ftmm.c (ft_face_get_mm_service): Fix check of `aservice'
(#3870).
* src/base/ftstroke.c (ft_stroke_border_get_counts): Remove dead
code (#3790).
* src/base/ftrfork.c (raccess_guess_apple_generic): Check error
value of `FT_Stream_Skip' (#3784).

* src/type1/t1gload.c (T1_Load_Glyph): Check `size' before accessing
it (#3872)

* src/pcf/pcfdrivr.c (PCF_Glyph_Load): Check `face' before accessing
it (#3871).
* src/pcf/pcfread.c (pcf_get_metrics): Handle return value of
`pcf_get_metric' (#3789, #3782).
(pcf_get_properties): Use FT_STREAM_SKIP (#3783).

* src/cache/ftcmanag.c (FTC_Manager_RegisterCache): Fix check of
`acache' (#3797)

* src/cff/cffdrivr.c (cff_ps_get_font_info): Fix check of `cff'
(#3796).
* src/cff/cffgload.c (cff_decoder_prepare): Check `size' (#3795).
* src/cff/cffload.c (cff_index_get_pointers): Add comment (#3794).

* src/bdf/bdflib.c (_bdf_add_property): Check `fp->value.atom'
(#3793).
(_bdf_parse_start): Add comment (#3792).

* src/raster/ftraster.c (Finalize_Profile_Table): Check
`ras.fProfile' (#3791).

* src/sfnt/ttsbit.c (Load_SBit_Image): Use FT_STREAM_SKIP (#3785).

* src/gzip/ftgzip.c (ft_gzip_get_uncompressed_size): Properly ignore
seek error (#3781).
This commit is contained in:
Werner Lemberg 2009-03-12 08:07:49 +00:00
parent 0711d389d6
commit b66efefdcd
16 changed files with 117 additions and 32 deletions

@ -1,3 +1,46 @@
2009-03-11 Werner Lemberg <wl@gnu.org>
Fix some FreeType Coverity issues as reported for Ghostscript.
* src/base/ftobjs.c (FT_New_Face, FT_New_Memory_Face): Initialize
`args.stream' (#3874, #3875).
(open_face_PS_from_sfnt_stream): Improve error management (#3786).
* src/base/ftmm.c (ft_face_get_mm_service): Fix check of `aservice'
(#3870).
* src/base/ftstroke.c (ft_stroke_border_get_counts): Remove dead
code (#3790).
* src/base/ftrfork.c (raccess_guess_apple_generic): Check error
value of `FT_Stream_Skip' (#3784).
* src/type1/t1gload.c (T1_Load_Glyph): Check `size' before accessing
it (#3872)
* src/pcf/pcfdrivr.c (PCF_Glyph_Load): Check `face' before accessing
it (#3871).
* src/pcf/pcfread.c (pcf_get_metrics): Handle return value of
`pcf_get_metric' (#3789, #3782).
(pcf_get_properties): Use FT_STREAM_SKIP (#3783).
* src/cache/ftcmanag.c (FTC_Manager_RegisterCache): Fix check of
`acache' (#3797)
* src/cff/cffdrivr.c (cff_ps_get_font_info): Fix check of `cff'
(#3796).
* src/cff/cffgload.c (cff_decoder_prepare): Check `size' (#3795).
* src/cff/cffload.c (cff_index_get_pointers): Add comment (#3794).
* src/bdf/bdflib.c (_bdf_add_property): Check `fp->value.atom'
(#3793).
(_bdf_parse_start): Add comment (#3792).
* src/raster/ftraster.c (Finalize_Profile_Table): Check
`ras.fProfile' (#3791).
* src/sfnt/ttsbit.c (Load_SBit_Image): Use FT_STREAM_SKIP (#3785).
* src/gzip/ftgzip.c (ft_gzip_get_uncompressed_size): Properly ignore
seek error (#3781).
2009-03-11 Michael Toftdal <toftdal@gmail.com>
Extend CID service functions to handle CID-keyed CFFs as CID fonts.

@ -4,7 +4,7 @@
/* */
/* Multiple Master font support (body). */
/* */
/* Copyright 1996-2001, 2003, 2004 by */
/* Copyright 1996-2001, 2003, 2004, 2009 by */
/* David Turner, Robert Wilhelm, and Werner Lemberg. */
/* */
/* This file is part of the FreeType project, and may only be used, */
@ -52,7 +52,7 @@
*aservice,
MULTI_MASTERS );
if ( aservice )
if ( *aservice )
error = FT_Err_Ok;
}

@ -1140,6 +1140,7 @@
args.flags = FT_OPEN_PATHNAME;
args.pathname = (char*)pathname;
args.stream = NULL;
return FT_Open_Face( library, &args, face_index, aface );
}
@ -1166,6 +1167,7 @@
args.flags = FT_OPEN_MEMORY;
args.memory_base = file_base;
args.memory_size = file_size;
args.stream = NULL;
return FT_Open_Face( library, &args, face_index, aface );
}
@ -1436,8 +1438,19 @@
is_sfnt_cid ? "cid" : "type1",
aface );
Exit:
FT_Stream_Seek( stream, pos );
return error;
{
FT_Error error1;
if ( error == FT_Err_Unknown_File_Format )
{
error1 = FT_Stream_Seek( stream, pos );
if ( error1 )
return error1;
}
return error;
}
}

@ -4,7 +4,7 @@
/* */
/* Embedded resource forks accessor (body). */
/* */
/* Copyright 2004, 2005, 2006, 2007, 2008 by */
/* Copyright 2004, 2005, 2006, 2007, 2008, 2009 by */
/* Masatake YAMATO and Redhat K.K. */
/* */
/* FT_Raccess_Get_HeaderInfo() and raccess_guess_darwin_hfsplus() are */
@ -709,8 +709,12 @@
return FT_Err_Ok;
}
else
FT_Stream_Skip( stream, 4 + 4 ); /* offset + length */
{
error = FT_Stream_Skip( stream, 4 + 4 ); /* offset + length */
if ( error )
return error;
}
}
return FT_Err_Unknown_File_Format;
}

@ -4,7 +4,7 @@
/* */
/* FreeType path stroker (body). */
/* */
/* Copyright 2002, 2003, 2004, 2005, 2006, 2008 by */
/* Copyright 2002, 2003, 2004, 2005, 2006, 2008, 2009 by */
/* David Turner, Robert Wilhelm, and Werner Lemberg. */
/* */
/* This file is part of the FreeType project, and may only be used, */
@ -606,9 +606,6 @@
if ( tags[0] & FT_STROKE_TAG_END )
{
if ( in_contour == 0 )
goto Fail;
in_contour = 0;
num_contours++;
}

@ -1,6 +1,6 @@
/*
* Copyright 2000 Computing Research Labs, New Mexico State University
* Copyright 2001, 2002, 2003, 2004, 2005, 2006, 2007
* Copyright 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2009
* Francesco Zappa Nardelli
*
* Permission is hereby granted, free of charge, to any person obtaining a
@ -1394,6 +1394,12 @@
font->font_descent = fp->value.int32;
else if ( ft_memcmp( name, "SPACING", 7 ) == 0 )
{
if ( !fp->value.atom )
{
error = BDF_Err_Invalid_File_Format;
goto Exit;
}
if ( fp->value.atom[0] == 'p' || fp->value.atom[0] == 'P' )
font->spacing = BDF_PROPORTIONAL;
else if ( fp->value.atom[0] == 'm' || fp->value.atom[0] == 'M' )
@ -2072,6 +2078,7 @@
error = _bdf_list_split( &p->list, (char *)" +", line, linelen );
if ( error )
goto Exit;
/* at this point, `p->font' can't be NULL */
p->cnt = p->font->props_size = _bdf_atoul( p->list.field[1], 0, 10 );
if ( FT_NEW_ARRAY( p->font->props, p->cnt ) )

@ -4,7 +4,7 @@
/* */
/* FreeType Cache Manager (body). */
/* */
/* Copyright 2000-2001, 2002, 2003, 2004, 2005, 2006, 2008 by */
/* Copyright 2000-2001, 2002, 2003, 2004, 2005, 2006, 2008, 2009 by */
/* David Turner, Robert Wilhelm, and Werner Lemberg. */
/* */
/* This file is part of the FreeType project, and may only be used, */
@ -608,7 +608,8 @@
}
Exit:
*acache = cache;
if ( acache )
*acache = cache;
return error;
}

@ -370,7 +370,8 @@
cff->font_info = font_info;
}
*afont_info = *cff->font_info;
if ( cff )
*afont_info = *cff->font_info;
Fail:
return error;

@ -4,7 +4,7 @@
/* */
/* OpenType Glyph Loader (body). */
/* */
/* Copyright 1996-2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008 by */
/* Copyright 1996-2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 by */
/* David Turner, Robert Wilhelm, and Werner Lemberg. */
/* */
/* This file is part of the FreeType project, and may only be used, */
@ -420,7 +420,7 @@
sub = cff->subfonts[fd_index];
if ( builder->hints_funcs )
if ( builder->hints_funcs && size )
{
CFF_Internal internal = (CFF_Internal)size->root.internal;

@ -319,7 +319,7 @@
static FT_Error
cff_index_load_offsets( CFF_Index idx )
{
FT_Error error = 0;
FT_Error error = CFF_Err_Ok;
FT_Stream stream = idx->stream;
FT_Memory memory = stream->memory;
@ -402,6 +402,7 @@
old_offset = 1;
for ( n = 0; n <= idx->count; n++ )
{
/* at this point, `idx->offsets' can't be NULL */
offset = idx->offsets[n];
if ( !offset )
offset = old_offset;

@ -569,7 +569,7 @@
if ( error )
result = 0;
FT_Stream_Seek( stream, old_pos );
(void)FT_Stream_Seek( stream, old_pos );
}
return result;

@ -2,7 +2,7 @@
FreeType font driver for pcf files
Copyright (C) 2000, 2001, 2002, 2003, 2004, 2006, 2007, 2008 by
Copyright (C) 2000, 2001, 2002, 2003, 2004, 2006, 2007, 2008, 2009 by
Francesco Zappa Nardelli
Permission is hereby granted, free of charge, to any person obtaining a copy
@ -442,7 +442,7 @@ THE SOFTWARE.
FT_Int32 load_flags )
{
PCF_Face face = (PCF_Face)FT_SIZE_FACE( size );
FT_Stream stream = face->root.stream;
FT_Stream stream;
FT_Error error = PCF_Err_Ok;
FT_Bitmap* bitmap = &slot->bitmap;
PCF_Metric metric;
@ -459,6 +459,8 @@ THE SOFTWARE.
goto Exit;
}
stream = face->root.stream;
if ( glyph_index > 0 )
glyph_index--;

@ -2,7 +2,7 @@
FreeType font driver for pcf fonts
Copyright 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008 by
Copyright 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 by
Francesco Zappa Nardelli
Permission is hereby granted, free of charge, to any person obtaining a copy
@ -470,7 +470,11 @@ THE SOFTWARE.
if ( nprops & 3 )
{
i = 4 - ( nprops & 3 );
FT_Stream_Skip( stream, i );
if ( FT_STREAM_SKIP( i ) )
{
error = PCF_Err_Invalid_Stream_Skip;
goto Bail;
}
}
if ( PCF_BYTE_ORDER( format ) == MSBFirst )
@ -623,7 +627,7 @@ THE SOFTWARE.
metrics = face->metrics;
for ( i = 0; i < nmetrics; i++ )
{
pcf_get_metric( stream, format, metrics + i );
error = pcf_get_metric( stream, format, metrics + i );
metrics[i].bits = 0;

@ -4,7 +4,7 @@
/* */
/* The FreeType glyph rasterizer (body). */
/* */
/* Copyright 1996-2001, 2002, 2003, 2005, 2007, 2008 by */
/* Copyright 1996-2001, 2002, 2003, 2005, 2007, 2008, 2009 by */
/* David Turner, Robert Wilhelm, and Werner Lemberg. */
/* */
/* This file is part of the FreeType project, and may only be used, */
@ -811,10 +811,10 @@ a };
n = ras.num_Profs;
p = ras.fProfile;
if ( n > 1 )
if ( n > 1 && p )
{
p = ras.fProfile;
while ( n > 0 )
{
if ( n > 1 )

@ -1325,7 +1325,11 @@
range->image_format, metrics, stream );
case 8: /* compound format */
FT_Stream_Skip( stream, 1L );
if ( FT_STREAM_SKIP( 1L ) )
{
error = SFNT_Err_Invalid_Stream_Skip;
goto Exit;
}
/* fallthrough */
case 9:

@ -4,7 +4,7 @@
/* */
/* Type 1 Glyph Loader (body). */
/* */
/* Copyright 1996-2001, 2002, 2003, 2004, 2005, 2006, 2008 by */
/* Copyright 1996-2001, 2002, 2003, 2004, 2005, 2006, 2008, 2009 by */
/* David Turner, Robert Wilhelm, and Werner Lemberg. */
/* */
/* This file is part of the FreeType project, and may only be used, */
@ -295,8 +295,16 @@
if ( load_flags & FT_LOAD_NO_RECURSE )
load_flags |= FT_LOAD_NO_SCALE | FT_LOAD_NO_HINTING;
glyph->x_scale = size->root.metrics.x_scale;
glyph->y_scale = size->root.metrics.y_scale;
if ( size )
{
glyph->x_scale = size->root.metrics.x_scale;
glyph->y_scale = size->root.metrics.y_scale;
}
else
{
glyph->x_scale = 0x10000L;
glyph->y_scale = 0x10000L;
}
glyph->root.outline.n_points = 0;
glyph->root.outline.n_contours = 0;
@ -430,8 +438,8 @@
}
/* Then scale the metrics */
metrics->horiAdvance = FT_MulFix( metrics->horiAdvance, x_scale );
metrics->vertAdvance = FT_MulFix( metrics->vertAdvance, y_scale );
metrics->horiAdvance = FT_MulFix( metrics->horiAdvance, x_scale );
metrics->vertAdvance = FT_MulFix( metrics->vertAdvance, y_scale );
}
/* compute the other metrics */