From f34f1925358057d2e374303408088f6c15bebfb8 Mon Sep 17 00:00:00 2001 From: Werner Lemberg Date: Wed, 26 Nov 2014 21:59:21 +0100 Subject: [PATCH] * src/*: Add checks for parameters of API functions where missing. `API functions' are functions tagged with `FT_EXPORT_DEF'. Besides trivial fixes, the following changes are included, too. * src/base/ftbdf.c (FT_Get_BDF_Charset_ID, FT_Get_BDF_Property): Set error code if no service is available. * src/base/ftinit.c (FT_Done_FreeType): Change return value for invalid `library' parameter to `Invalid_Library_Handle'. * src/base/ftobjs.c (FT_New_Size): Change return value for invalid `asize' parameter to `Invalid_Argument'. * src/base/ftoutln.c (FT_Outline_Copy): Change return value for invalid `source' and `target' parameters to `Invalid_Outline'. (FT_Outline_Done_Internal): Change return value for invalid `outline' parameter to `Invalid_Outline'. --- ChangeLog | 22 +++++++++ builds/mac/ftmac.c | 14 ++++-- include/ftlist.h | 4 +- src/base/ftbdf.c | 4 ++ src/base/ftglyph.c | 10 ++-- src/base/ftgxval.c | 6 +-- src/base/ftinit.c | 22 +++++---- src/base/ftmac.c | 20 ++++++-- src/base/ftmm.c | 32 ++++++++++++- src/base/ftobjs.c | 100 +++++++++++++++++++++++++++------------- src/base/ftoutln.c | 37 ++++++++------- src/base/ftpfr.c | 11 ++++- src/base/ftstroke.c | 67 +++++++++++++++++++++++---- src/base/ftsynth.c | 17 +++++-- src/base/fttrigon.c | 15 ++++++ src/base/fttype1.c | 45 ++++++++++-------- src/base/ftutil.c | 41 +++++++++++++--- src/base/ftwinfnt.c | 22 +++++---- src/bzip2/ftbzip2.c | 12 ++++- src/cache/ftccmap.c | 3 ++ src/cache/ftcmanag.c | 25 ++++++---- src/gzip/ftgzip.c | 17 ++++++- src/lzw/ftlzw.c | 12 ++++- src/truetype/ttinterp.c | 10 +++- 24 files changed, 426 insertions(+), 142 deletions(-) diff --git a/ChangeLog b/ChangeLog index 6298e39ee..32f06a308 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,25 @@ +2014-11-26 Werner Lemberg + + * src/*: Add checks for parameters of API functions where missing. + + `API functions' are functions tagged with `FT_EXPORT_DEF'. + + Besides trivial fixes, the following changes are included, too. + + * src/base/ftbdf.c (FT_Get_BDF_Charset_ID, FT_Get_BDF_Property): Set + error code if no service is available. + + * src/base/ftinit.c (FT_Done_FreeType): Change return value for + invalid `library' parameter to `Invalid_Library_Handle'. + + * src/base/ftobjs.c (FT_New_Size): Change return value for invalid + `asize' parameter to `Invalid_Argument'. + + * src/base/ftoutln.c (FT_Outline_Copy): Change return value for + invalid `source' and `target' parameters to `Invalid_Outline'. + (FT_Outline_Done_Internal): Change return value for invalid + `outline' parameter to `Invalid_Outline'. + 2014-11-26 Werner Lemberg * src/cache/ftcbasic.c: Use single calls to `FT_TRACE'. diff --git a/builds/mac/ftmac.c b/builds/mac/ftmac.c index 40f6bd20c..27b5511c0 100644 --- a/builds/mac/ftmac.c +++ b/builds/mac/ftmac.c @@ -5,7 +5,7 @@ /* Mac FOND support. Written by just@letterror.com. */ /* Heavily Fixed by mpsuzuki, George Williams and Sean McBride */ /* */ -/* Copyright 1996-2008, 2013 by */ +/* Copyright 1996-2008, 2013, 2014 by */ /* Just van Rossum, David Turner, Robert Wilhelm, and Werner Lemberg. */ /* */ /* This file is part of the FreeType project, and may only be used, */ @@ -204,6 +204,9 @@ typedef short ResourceIndex; FMFontFamily family = 0; + if ( !fontName || !face_index ) + return FT_THROW( Invalid_Argument ); + *face_index = 0; while ( status == 0 && !the_font ) { @@ -381,7 +384,7 @@ typedef short ResourceIndex; err = FT_GetFileRef_From_Mac_ATS_Name( fontName, &ref, face_index ); - if ( FT_Err_Ok != err ) + if ( err ) return err; if ( noErr != FSRefMakePath( &ref, path, maxPathSize ) ) @@ -420,7 +423,7 @@ typedef short ResourceIndex; err = FT_GetFileRef_From_Mac_ATS_Name( fontName, &ref, face_index ); - if ( FT_Err_Ok != err ) + if ( err ) return err; if ( noErr != FSGetCatalogInfo( &ref, kFSCatInfoNone, NULL, NULL, @@ -1238,6 +1241,9 @@ typedef short ResourceIndex; FT_Error error = FT_Err_Ok; + /* test for valid `aface' and `library' delayed to */ + /* `FT_New_Face_From_XXX' */ + GetResInfo( fond, &fond_id, &fond_type, fond_name ); if ( ResError() != noErr || fond_type != TTAG_FOND ) return FT_THROW( Invalid_File_Format ); @@ -1442,6 +1448,8 @@ typedef short ResourceIndex; UInt8 pathname[PATH_MAX]; + /* test for valid `library' and `aface' delayed to `FT_Open_Face' */ + if ( !ref ) return FT_THROW( Invalid_Argument ); diff --git a/include/ftlist.h b/include/ftlist.h index 241e21e55..421908fc0 100644 --- a/include/ftlist.h +++ b/include/ftlist.h @@ -4,7 +4,7 @@ /* */ /* Generic list support for FreeType (specification). */ /* */ -/* Copyright 1996-2001, 2003, 2007, 2010, 2013 by */ +/* Copyright 1996-2001, 2003, 2007, 2010, 2013, 2014 by */ /* David Turner, Robert Wilhelm, and Werner Lemberg. */ /* */ /* This file is part of the FreeType project, and may only be used, */ @@ -248,7 +248,7 @@ FT_BEGIN_HEADER /* list :: A handle to the list. */ /* */ /* destroy :: A list destructor that will be applied to each element */ - /* of the list. */ + /* of the list. Set this to NULL if not needed. */ /* */ /* memory :: The current memory object that handles deallocation. */ /* */ diff --git a/src/base/ftbdf.c b/src/base/ftbdf.c index 6b53432ea..d9dcbad5e 100644 --- a/src/base/ftbdf.c +++ b/src/base/ftbdf.c @@ -44,6 +44,8 @@ if ( service && service->get_charset_id ) error = service->get_charset_id( face, &encoding, ®istry ); + else + error = FT_THROW( Invalid_Argument ); if ( acharset_encoding ) *acharset_encoding = encoding; @@ -79,6 +81,8 @@ if ( service && service->get_property ) error = service->get_property( face, prop_name, aproperty ); + else + error = FT_THROW( Invalid_Argument ); return error; } diff --git a/src/base/ftglyph.c b/src/base/ftglyph.c index c62b3db0c..ac178c41b 100644 --- a/src/base/ftglyph.c +++ b/src/base/ftglyph.c @@ -4,7 +4,7 @@ /* */ /* FreeType convenience functions to handle glyphs (body). */ /* */ -/* Copyright 1996-2005, 2007, 2008, 2010, 2012, 2013 by */ +/* Copyright 1996-2005, 2007, 2008, 2010, 2012-2014 by */ /* David Turner, Robert Wilhelm, and Werner Lemberg. */ /* */ /* This file is part of the FreeType project, and may only be used, */ @@ -314,13 +314,13 @@ /* check arguments */ - if ( !target ) + if ( !target || !source || !source->clazz ) { error = FT_THROW( Invalid_Argument ); goto Exit; } - *target = 0; + *target = NULL; if ( !source || !source->clazz ) { @@ -359,7 +359,7 @@ FT_Error error; FT_Glyph glyph; - const FT_Glyph_Class* clazz = 0; + const FT_Glyph_Class* clazz = NULL; if ( !slot ) @@ -512,7 +512,7 @@ FT_BitmapGlyph bitmap = NULL; const FT_Glyph_Class* clazz; - /* FT_BITMAP_GLYPH_CLASS_GET derefers `library' in PIC mode */ + /* FT_BITMAP_GLYPH_CLASS_GET dereferences `library' in PIC mode */ FT_Library library; diff --git a/src/base/ftgxval.c b/src/base/ftgxval.c index a8ec44ac0..a65f4c879 100644 --- a/src/base/ftgxval.c +++ b/src/base/ftgxval.c @@ -4,7 +4,7 @@ /* */ /* FreeType API for validating TrueTyepGX/AAT tables (body). */ /* */ -/* Copyright 2004-2006, 2010, 2013 by */ +/* Copyright 2004-2006, 2010, 2013, 2014 by */ /* Masatake YAMATO, Redhat K.K, */ /* David Turner, Robert Wilhelm, and Werner Lemberg. */ /* */ @@ -50,7 +50,7 @@ goto Exit; } - if ( tables == NULL ) + if ( !tables ) { error = FT_THROW( Invalid_Argument ); goto Exit; @@ -102,7 +102,7 @@ goto Exit; } - if ( ckern_table == NULL ) + if ( !ckern_table ) { error = FT_THROW( Invalid_Argument ); goto Exit; diff --git a/src/base/ftinit.c b/src/base/ftinit.c index 6176273f0..c4c88201a 100644 --- a/src/base/ftinit.c +++ b/src/base/ftinit.c @@ -4,7 +4,7 @@ /* */ /* FreeType initialization layer (body). */ /* */ -/* Copyright 1996-2002, 2005, 2007, 2009, 2012, 2013 by */ +/* Copyright 1996-2002, 2005, 2007, 2009, 2012-2014 by */ /* David Turner, Robert Wilhelm, and Werner Lemberg. */ /* */ /* This file is part of the FreeType project, and may only be used, */ @@ -235,6 +235,8 @@ FT_Memory memory; + /* check of `alibrary' delayed to `FT_New_Library' */ + /* First of all, allocate a new system object -- this function is part */ /* of the system-specific component, i.e. `ftsystem.c'. */ @@ -263,17 +265,19 @@ FT_EXPORT_DEF( FT_Error ) FT_Done_FreeType( FT_Library library ) { - if ( library ) - { - FT_Memory memory = library->memory; + FT_Memory memory; - /* Discard the library object */ - FT_Done_Library( library ); + if ( !library ) + return FT_THROW( Invalid_Library_Handle ); - /* discard memory manager */ - FT_Done_Memory( memory ); - } + memory = library->memory; + + /* Discard the library object */ + FT_Done_Library( library ); + + /* discard memory manager */ + FT_Done_Memory( memory ); return FT_Err_Ok; } diff --git a/src/base/ftmac.c b/src/base/ftmac.c index 184a2e19f..5301ab44f 100644 --- a/src/base/ftmac.c +++ b/src/base/ftmac.c @@ -8,7 +8,7 @@ /* This file is for Mac OS X only; see builds/mac/ftoldmac.c for */ /* classic platforms built by MPW. */ /* */ -/* Copyright 1996-2009, 2013 by */ +/* Copyright 1996-2009, 2013, 2014 by */ /* Just van Rossum, David Turner, Robert Wilhelm, and Werner Lemberg. */ /* */ /* This file is part of the FreeType project, and may only be used, */ @@ -227,6 +227,9 @@ FT_Error err; + if ( !fontName || !face_index ) + return FT_THROW( Invalid_Argument) ; + err = FT_GetFileRef_From_Mac_ATS_Name( fontName, &ref, face_index ); if ( err ) return err; @@ -256,6 +259,9 @@ FT_Error err; + if ( !fontName || !face_index ) + return FT_THROW( Invalid_Argument ); + err = FT_GetFileRef_From_Mac_ATS_Name( fontName, &ref, face_index ); if ( err ) return err; @@ -853,6 +859,8 @@ FT_Error error = FT_Err_Ok; + /* check of `library' and `aface' delayed to `FT_New_Face_From_XXX' */ + GetResInfo( fond, &fond_id, &fond_type, fond_name ); if ( ResError() != noErr || fond_type != TTAG_FOND ) return FT_THROW( Invalid_File_Format ); @@ -998,9 +1006,13 @@ { FT_Error error; FT_Open_Args args; - OSErr err; - UInt8 pathname[PATH_MAX]; + OSErr err; + UInt8 pathname[PATH_MAX]; + + + /* check of `library' and `aface' delayed to */ + /* `FT_New_Face_From_Resource' */ if ( !ref ) return FT_THROW( Invalid_Argument ); @@ -1048,6 +1060,8 @@ FSRef ref; + /* check of `library' and `aface' delayed to `FT_New_Face_From_FSRef' */ + if ( !spec || FSpMakeFSRef( spec, &ref ) != noErr ) return FT_THROW( Invalid_Argument ); else diff --git a/src/base/ftmm.c b/src/base/ftmm.c index 18ff879bf..056680bd6 100644 --- a/src/base/ftmm.c +++ b/src/base/ftmm.c @@ -4,7 +4,7 @@ /* */ /* Multiple Master font support (body). */ /* */ -/* Copyright 1996-2001, 2003, 2004, 2009, 2013 by */ +/* Copyright 1996-2001, 2003, 2004, 2009, 2013, 2014 by */ /* David Turner, Robert Wilhelm, and Werner Lemberg. */ /* */ /* This file is part of the FreeType project, and may only be used, */ @@ -72,6 +72,11 @@ FT_Service_MultiMasters service; + /* check of `face' delayed to `ft_face_get_mm_service' */ + + if ( !amaster ) + return FT_THROW( Invalid_Argument ); + error = ft_face_get_mm_service( face, &service ); if ( !error ) { @@ -94,6 +99,11 @@ FT_Service_MultiMasters service; + /* check of `face' delayed to `ft_face_get_mm_service' */ + + if ( !amaster ) + return FT_THROW( Invalid_Argument ); + error = ft_face_get_mm_service( face, &service ); if ( !error ) { @@ -117,6 +127,11 @@ FT_Service_MultiMasters service; + /* check of `face' delayed to `ft_face_get_mm_service' */ + + if ( !coords ) + return FT_THROW( Invalid_Argument ); + error = ft_face_get_mm_service( face, &service ); if ( !error ) { @@ -140,6 +155,11 @@ FT_Service_MultiMasters service; + /* check of `face' delayed to `ft_face_get_mm_service' */ + + if ( !coords ) + return FT_THROW( Invalid_Argument ); + error = ft_face_get_mm_service( face, &service ); if ( !error ) { @@ -163,6 +183,11 @@ FT_Service_MultiMasters service; + /* check of `face' delayed to `ft_face_get_mm_service' */ + + if ( !coords ) + return FT_THROW( Invalid_Argument ); + error = ft_face_get_mm_service( face, &service ); if ( !error ) { @@ -189,6 +214,11 @@ FT_Service_MultiMasters service; + /* check of `face' delayed to `ft_face_get_mm_service' */ + + if ( !coords ) + return FT_THROW( Invalid_Argument ); + error = ft_face_get_mm_service( face, &service ); if ( !error ) { diff --git a/src/base/ftobjs.c b/src/base/ftobjs.c index b28216a8b..96d83c652 100644 --- a/src/base/ftobjs.c +++ b/src/base/ftobjs.c @@ -511,6 +511,7 @@ internal->transform_matrix.xy = 0; internal->transform_matrix.yx = 0; internal->transform_matrix.yy = 0x10000L; + matrix = &internal->transform_matrix; } else @@ -526,6 +527,7 @@ { internal->transform_delta.x = 0; internal->transform_delta.y = 0; + delta = &internal->transform_delta; } else @@ -1220,7 +1222,7 @@ FT_Open_Args args; - /* test for valid `library' and `aface' delayed to FT_Open_Face() */ + /* test for valid `library' and `aface' delayed to `FT_Open_Face' */ if ( !pathname ) return FT_THROW( Invalid_Argument ); @@ -1246,7 +1248,7 @@ FT_Open_Args args; - /* test for valid `library' and `face' delayed to FT_Open_Face() */ + /* test for valid `library' and `face' delayed to `FT_Open_Face' */ if ( !file_base ) return FT_THROW( Invalid_Argument ); @@ -2076,8 +2078,7 @@ FT_Module* limit; - /* test for valid `library' delayed to */ - /* FT_Stream_New() */ + /* test for valid `library' delayed to `FT_Stream_New' */ if ( ( !aface && face_index >= 0 ) || !args ) return FT_THROW( Invalid_Argument ); @@ -2324,7 +2325,7 @@ FT_Open_Args open; - /* test for valid `face' delayed to FT_Attach_Stream() */ + /* test for valid `face' delayed to `FT_Attach_Stream' */ if ( !filepathname ) return FT_THROW( Invalid_Argument ); @@ -2350,7 +2351,7 @@ FT_Driver_Class clazz; - /* test for valid `parameters' delayed to FT_Stream_New() */ + /* test for valid `parameters' delayed to `FT_Stream_New' */ if ( !face ) return FT_THROW( Invalid_Face_Handle ); @@ -2386,6 +2387,9 @@ FT_EXPORT_DEF( FT_Error ) FT_Reference_Face( FT_Face face ) { + if ( !face ) + return FT_THROW( Invalid_Face_Handle ); + face->internal->refcount++; return FT_Err_Ok; @@ -2452,7 +2456,7 @@ return FT_THROW( Invalid_Face_Handle ); if ( !asize ) - return FT_THROW( Invalid_Size_Handle ); + return FT_THROW( Invalid_Argument ); if ( !face->driver ) return FT_THROW( Invalid_Driver_Handle ); @@ -2961,6 +2965,8 @@ FT_Size_RequestRec req; + /* check of `face' delayed to `FT_Request_Size' */ + if ( !char_width ) char_width = char_height; else if ( !char_height ) @@ -2999,6 +3005,8 @@ FT_Size_RequestRec req; + /* check of `face' delayed to `FT_Request_Size' */ + if ( pixel_width == 0 ) pixel_width = pixel_height; else if ( pixel_height == 0 ) @@ -3172,8 +3180,9 @@ return FT_THROW( Invalid_Face_Handle ); cur = face->charmaps; - if ( !cur ) + if ( !cur || !charmap ) return FT_THROW( Invalid_CharMap_Handle ); + if ( FT_Get_CMap_Format( charmap ) == 14 ) return FT_THROW( Invalid_Argument ); @@ -3184,9 +3193,10 @@ if ( cur[0] == charmap ) { face->charmap = cur[0]; - return 0; + return FT_Err_Ok; } } + return FT_THROW( Invalid_Argument ); } @@ -3418,8 +3428,9 @@ FT_UInt result = 0; - if ( face && face->charmap && - face->charmap->encoding == FT_ENCODING_UNICODE ) + if ( face && + face->charmap && + face->charmap->encoding == FT_ENCODING_UNICODE ) { FT_CharMap charmap = find_variant_selector_charmap( face ); FT_CMap ucmap = FT_CMAP( face->charmap ); @@ -3597,7 +3608,9 @@ FT_UInt result = 0; - if ( face && FT_HAS_GLYPH_NAMES( face ) ) + if ( face && + FT_HAS_GLYPH_NAMES( face ) && + glyph_name ) { FT_Service_GlyphDict service; @@ -3622,15 +3635,19 @@ FT_Pointer buffer, FT_UInt buffer_max ) { - FT_Error error = FT_ERR( Invalid_Argument ); + FT_Error error; + if ( !face ) + return FT_THROW( Invalid_Face_Handle ); + + if ( !buffer || buffer_max == 0 ) + return FT_THROW( Invalid_Argument ); + /* clean up buffer */ - if ( buffer && buffer_max > 0 ) - ((FT_Byte*)buffer)[0] = 0; + ((FT_Byte*)buffer)[0] = 0; - if ( face && - (FT_Long)glyph_index <= face->num_glyphs && + if ( (FT_Long)glyph_index <= face->num_glyphs && FT_HAS_GLYPH_NAMES( face ) ) { FT_Service_GlyphDict service; @@ -3643,6 +3660,8 @@ if ( service && service->get_name ) error = service->get_name( face, glyph_index, buffer, buffer_max ); } + else + error = FT_THROW( Invalid_Argument ); return error; } @@ -3733,6 +3752,8 @@ FT_ULong offset; + /* test for valid `length' delayed to `service->table_info' */ + if ( !face || !FT_IS_SFNT( face ) ) return FT_THROW( Invalid_Face_Handle ); @@ -3984,7 +4005,7 @@ FT_Get_Renderer( FT_Library library, FT_Glyph_Format format ) { - /* test for valid `library' delayed to FT_Lookup_Renderer() */ + /* test for valid `library' delayed to `FT_Lookup_Renderer' */ return FT_Lookup_Renderer( library, format, 0 ); } @@ -4001,12 +4022,26 @@ FT_ListNode node; FT_Error error = FT_Err_Ok; + FT_Renderer_SetModeFunc set_mode; + if ( !library ) - return FT_THROW( Invalid_Library_Handle ); + { + error = FT_THROW( Invalid_Library_Handle ); + goto Exit; + } if ( !renderer ) - return FT_THROW( Invalid_Argument ); + { + error = FT_THROW( Invalid_Argument ); + goto Exit; + } + + if ( num_params > 0 && !parameters ) + { + error = FT_THROW( Invalid_Argument ); + goto Exit; + } node = FT_List_Find( &library->renderers, renderer ); if ( !node ) @@ -4020,18 +4055,14 @@ if ( renderer->glyph_format == FT_GLYPH_FORMAT_OUTLINE ) library->cur_renderer = renderer; - if ( num_params > 0 ) + set_mode = renderer->clazz->set_mode; + + for ( ; num_params > 0; num_params-- ) { - FT_Renderer_SetModeFunc set_mode = renderer->clazz->set_mode; - - - for ( ; num_params > 0; num_params-- ) - { - error = set_mode( renderer, parameters->tag, parameters->data ); - if ( error ) - break; - parameters++; - } + error = set_mode( renderer, parameters->tag, parameters->data ); + if ( error ) + break; + parameters++; } Exit: @@ -4354,7 +4385,7 @@ FT_Get_Module( FT_Library library, const char* module_name ) { - FT_Module result = 0; + FT_Module result = NULL; FT_Module* cur; FT_Module* limit; @@ -4609,6 +4640,9 @@ FT_EXPORT_DEF( FT_Error ) FT_Reference_Library( FT_Library library ) { + if ( !library ) + return FT_THROW( Invalid_Library_Handle ); + library->refcount++; return FT_Err_Ok; @@ -4625,7 +4659,7 @@ FT_Error error; - if ( !memory ) + if ( !memory || !alibrary ) return FT_THROW( Invalid_Argument ); #ifdef FT_DEBUG_LEVEL_ERROR diff --git a/src/base/ftoutln.c b/src/base/ftoutln.c index a2445b42a..8749d64ce 100644 --- a/src/base/ftoutln.c +++ b/src/base/ftoutln.c @@ -365,7 +365,7 @@ /* empty glyph? */ if ( n_points == 0 && n_contours == 0 ) - return 0; + return FT_Err_Ok; /* check point and contour counts */ if ( n_points <= 0 || n_contours <= 0 ) @@ -387,7 +387,7 @@ goto Bad; /* XXX: check the tags array */ - return 0; + return FT_Err_Ok; } Bad: @@ -404,8 +404,10 @@ FT_Int is_owner; - if ( !source || !target || - source->n_points != target->n_points || + if ( !source || !target ) + return FT_THROW( Invalid_Outline ); + + if ( source->n_points != target->n_points || source->n_contours != target->n_contours ) return FT_THROW( Invalid_Argument ); @@ -433,20 +435,21 @@ FT_Outline_Done_Internal( FT_Memory memory, FT_Outline* outline ) { - if ( memory && outline ) - { - if ( outline->flags & FT_OUTLINE_OWNER ) - { - FT_FREE( outline->points ); - FT_FREE( outline->tags ); - FT_FREE( outline->contours ); - } - *outline = null_outline; + if ( !outline ) + return FT_THROW( Invalid_Outline ); - return FT_Err_Ok; - } - else + if ( !memory ) return FT_THROW( Invalid_Argument ); + + if ( outline->flags & FT_OUTLINE_OWNER ) + { + FT_FREE( outline->points ); + FT_FREE( outline->tags ); + FT_FREE( outline->contours ); + } + *outline = null_outline; + + return FT_Err_Ok; } @@ -668,7 +671,7 @@ if ( !abitmap ) return FT_THROW( Invalid_Argument ); - /* other checks are delayed to FT_Outline_Render() */ + /* other checks are delayed to `FT_Outline_Render' */ params.target = abitmap; params.flags = 0; diff --git a/src/base/ftpfr.c b/src/base/ftpfr.c index ddb58c17b..7425abe33 100644 --- a/src/base/ftpfr.c +++ b/src/base/ftpfr.c @@ -108,6 +108,9 @@ if ( !face ) return FT_THROW( Invalid_Face_Handle ); + if ( !avector ) + return FT_THROW( Invalid_Argument ); + service = ft_pfr_check( face ); if ( service ) error = service->get_kerning( face, left, right, avector ); @@ -130,11 +133,15 @@ FT_Service_PfrMetrics service; + if ( !face ) + return FT_THROW( Invalid_Face_Handle ); + + if ( !aadvance ) + return FT_THROW( Invalid_Argument ); + service = ft_pfr_check( face ); if ( service ) - { error = service->get_advance( face, gindex, aadvance ); - } else /* XXX: TODO: PROVIDE ADVANCE-LOADING METHOD TO ALL FONT DRIVERS */ error = FT_THROW( Invalid_Argument ); diff --git a/src/base/ftstroke.c b/src/base/ftstroke.c index c63e138e1..d123e0274 100644 --- a/src/base/ftstroke.c +++ b/src/base/ftstroke.c @@ -797,6 +797,9 @@ if ( !library ) return FT_THROW( Invalid_Library_Handle ); + if ( !astroker ) + return FT_THROW( Invalid_Argument ); + memory = library->memory; if ( !FT_NEW( stroker ) ) @@ -822,6 +825,9 @@ FT_Stroker_LineJoin line_join, FT_Fixed miter_limit ) { + if ( !stroker ) + return; + stroker->radius = radius; stroker->line_cap = line_cap; stroker->line_join = line_join; @@ -1288,6 +1294,9 @@ FT_Fixed line_length; + if ( !stroker || !to ) + return FT_THROW( Invalid_Argument ); + delta.x = to->x - stroker->center.x; delta.y = to->y - stroker->center.y; @@ -1361,6 +1370,12 @@ FT_Bool first_arc = TRUE; + if ( !stroker || !control || !to ) + { + error = FT_THROW( Invalid_Argument ); + goto Exit; + } + /* if all control points are coincident, this is a no-op; */ /* avoid creating a spurious corner */ if ( FT_IS_SMALL( stroker->center.x - control->x ) && @@ -1557,6 +1572,12 @@ FT_Bool first_arc = TRUE; + if ( !stroker || !control1 || !control2 || !to ) + { + error = FT_THROW( Invalid_Argument ); + goto Exit; + } + /* if all control points are coincident, this is a no-op; */ /* avoid creating a spurious corner */ if ( FT_IS_SMALL( stroker->center.x - control1->x ) && @@ -1759,6 +1780,9 @@ FT_Vector* to, FT_Bool open ) { + if ( !stroker || !to ) + return FT_THROW( Invalid_Argument ); + /* We cannot process the first point, because there is not enough */ /* information regarding its corner/cap. The latter will be processed */ /* in the `FT_Stroker_EndSubPath' routine. */ @@ -1859,6 +1883,12 @@ FT_Error error = FT_Err_Ok; + if ( !stroker ) + { + error = FT_THROW( Invalid_Argument ); + goto Exit; + } + if ( stroker->subpath_open ) { FT_StrokeBorder right = stroker->borders; @@ -1984,6 +2014,12 @@ FT_Error error; + if ( !stroker ) + { + error = FT_THROW( Invalid_Argument ); + goto Exit; + } + error = ft_stroke_border_get_counts( stroker->borders + 0, &count1, &count2 ); if ( error ) @@ -1998,8 +2034,12 @@ num_contours = count2 + count4; Exit: - *anum_points = num_points; - *anum_contours = num_contours; + if ( anum_points ) + *anum_points = num_points; + + if ( anum_contours ) + *anum_contours = num_contours; + return error; } @@ -2011,6 +2051,9 @@ FT_StrokerBorder border, FT_Outline* outline ) { + if ( !stroker || !outline ) + return; + if ( border == FT_STROKER_BORDER_LEFT || border == FT_STROKER_BORDER_RIGHT ) { @@ -2262,18 +2305,20 @@ FT_Stroker stroker, FT_Bool destroy ) { - FT_Error error = FT_ERR( Invalid_Argument ); - FT_Glyph glyph = NULL; + FT_Error error = FT_ERR( Invalid_Argument ); + FT_Glyph glyph = NULL; + + /* for FT_OUTLINE_GLYPH_CLASS_GET (in PIC mode) */ FT_Library library = stroker->library; FT_UNUSED( library ); - if ( pglyph == NULL ) + if ( !pglyph ) goto Exit; glyph = *pglyph; - if ( glyph == NULL || glyph->clazz != FT_OUTLINE_GLYPH_CLASS_GET ) + if ( !glyph || glyph->clazz != FT_OUTLINE_GLYPH_CLASS_GET ) goto Exit; { @@ -2338,18 +2383,20 @@ FT_Bool inside, FT_Bool destroy ) { - FT_Error error = FT_ERR( Invalid_Argument ); - FT_Glyph glyph = NULL; + FT_Error error = FT_ERR( Invalid_Argument ); + FT_Glyph glyph = NULL; + + /* for FT_OUTLINE_GLYPH_CLASS_GET (in PIC mode) */ FT_Library library = stroker->library; FT_UNUSED( library ); - if ( pglyph == NULL ) + if ( !pglyph ) goto Exit; glyph = *pglyph; - if ( glyph == NULL || glyph->clazz != FT_OUTLINE_GLYPH_CLASS_GET ) + if ( !glyph || glyph->clazz != FT_OUTLINE_GLYPH_CLASS_GET ) goto Exit; { diff --git a/src/base/ftsynth.c b/src/base/ftsynth.c index fbe805db8..0567bd537 100644 --- a/src/base/ftsynth.c +++ b/src/base/ftsynth.c @@ -48,9 +48,14 @@ FT_GlyphSlot_Oblique( FT_GlyphSlot slot ) { FT_Matrix transform; - FT_Outline* outline = &slot->outline; + FT_Outline* outline; + if ( !slot ) + return; + + outline = &slot->outline; + /* only oblique outline glyphs */ if ( slot->format != FT_GLYPH_FORMAT_OUTLINE ) return; @@ -84,12 +89,18 @@ FT_EXPORT_DEF( void ) FT_GlyphSlot_Embolden( FT_GlyphSlot slot ) { - FT_Library library = slot->library; - FT_Face face = slot->face; + FT_Library library; + FT_Face face; FT_Error error; FT_Pos xstr, ystr; + if ( !slot ) + return; + + library = slot->library; + face = slot->face; + if ( slot->format != FT_GLYPH_FORMAT_OUTLINE && slot->format != FT_GLYPH_FORMAT_BITMAP ) return; diff --git a/src/base/fttrigon.c b/src/base/fttrigon.c index 64317fa27..9b2ccd5d6 100644 --- a/src/base/fttrigon.c +++ b/src/base/fttrigon.c @@ -359,6 +359,9 @@ FT_Vector_Unit( FT_Vector* vec, FT_Angle angle ) { + if ( !vec ) + return; + vec->x = FT_TRIG_SCALE >> 8; vec->y = 0; ft_trig_pseudo_rotate( vec, angle ); @@ -385,6 +388,9 @@ FT_Vector v; + if ( !vec ) + return; + v.x = vec->x; v.y = vec->y; @@ -422,6 +428,9 @@ FT_Vector v; + if ( !vec ) + return 0; + v = *vec; /* handle trivial cases */ @@ -458,6 +467,9 @@ FT_Vector v; + if ( !vec || !length || !angle ) + return; + v = *vec; if ( v.x == 0 && v.y == 0 ) @@ -481,6 +493,9 @@ FT_Fixed length, FT_Angle angle ) { + if ( !vec ) + return; + vec->x = length; vec->y = 0; diff --git a/src/base/fttype1.c b/src/base/fttype1.c index c1f9931db..47af19afb 100644 --- a/src/base/fttype1.c +++ b/src/base/fttype1.c @@ -4,7 +4,7 @@ /* */ /* FreeType utility file for PS names support (body). */ /* */ -/* Copyright 2002-2004, 2011 by */ +/* Copyright 2002-2004, 2011, 2014 by */ /* David Turner, Robert Wilhelm, and Werner Lemberg. */ /* */ /* This file is part of the FreeType project, and may only be used, */ @@ -17,6 +17,7 @@ #include +#include FT_INTERNAL_DEBUG_H #include FT_INTERNAL_OBJECTS_H #include FT_INTERNAL_SERVICE_H #include FT_SERVICE_POSTSCRIPT_INFO_H @@ -28,19 +29,22 @@ FT_Get_PS_Font_Info( FT_Face face, PS_FontInfoRec* afont_info ) { - FT_Error error = FT_ERR( Invalid_Argument ); + FT_Error error; + FT_Service_PsInfo service; - if ( face ) - { - FT_Service_PsInfo service = NULL; + if ( !face ) + return FT_THROW( Invalid_Face_Handle ); + if ( !afont_info ) + return FT_THROW( Invalid_Argument ); - FT_FACE_FIND_SERVICE( face, service, POSTSCRIPT_INFO ); + FT_FACE_FIND_SERVICE( face, service, POSTSCRIPT_INFO ); - if ( service && service->ps_get_font_info ) - error = service->ps_get_font_info( face, afont_info ); - } + if ( service && service->ps_get_font_info ) + error = service->ps_get_font_info( face, afont_info ); + else + error = FT_THROW( Invalid_Argument ); return error; } @@ -51,8 +55,8 @@ FT_EXPORT_DEF( FT_Int ) FT_Has_PS_Glyph_Names( FT_Face face ) { - FT_Int result = 0; - FT_Service_PsInfo service = NULL; + FT_Int result = 0; + FT_Service_PsInfo service; if ( face ) @@ -73,19 +77,22 @@ FT_Get_PS_Font_Private( FT_Face face, PS_PrivateRec* afont_private ) { - FT_Error error = FT_ERR( Invalid_Argument ); + FT_Error error; + FT_Service_PsInfo service; - if ( face ) - { - FT_Service_PsInfo service = NULL; + if ( !face ) + return FT_THROW( Invalid_Face_Handle ); + if ( !afont_private ) + return FT_THROW( Invalid_Argument ); - FT_FACE_FIND_SERVICE( face, service, POSTSCRIPT_INFO ); + FT_FACE_FIND_SERVICE( face, service, POSTSCRIPT_INFO ); - if ( service && service->ps_get_font_private ) - error = service->ps_get_font_private( face, afont_private ); - } + if ( service && service->ps_get_font_private ) + error = service->ps_get_font_private( face, afont_private ); + else + error = FT_THROW( Invalid_Argument ); return error; } diff --git a/src/base/ftutil.c b/src/base/ftutil.c index 9f3718941..56e2800eb 100644 --- a/src/base/ftutil.c +++ b/src/base/ftutil.c @@ -245,6 +245,9 @@ FT_ListNode cur; + if ( !list ) + return NULL; + cur = list->head; while ( cur ) { @@ -254,7 +257,7 @@ cur = cur->next; } - return (FT_ListNode)0; + return NULL; } @@ -264,9 +267,14 @@ FT_List_Add( FT_List list, FT_ListNode node ) { - FT_ListNode before = list->tail; + FT_ListNode before; + if ( !list || !node ) + return; + + before = list->tail; + node->next = 0; node->prev = before; @@ -285,9 +293,14 @@ FT_List_Insert( FT_List list, FT_ListNode node ) { - FT_ListNode after = list->head; + FT_ListNode after; + if ( !list || !node ) + return; + + after = list->head; + node->next = after; node->prev = 0; @@ -309,6 +322,9 @@ FT_ListNode before, after; + if ( !list || !node ) + return; + before = node->prev; after = node->next; @@ -333,6 +349,9 @@ FT_ListNode before, after; + if ( !list || !node ) + return; + before = node->prev; after = node->next; @@ -357,14 +376,19 @@ /* documentation is in ftlist.h */ FT_EXPORT_DEF( FT_Error ) - FT_List_Iterate( FT_List list, - FT_List_Iterator iterator, - void* user ) + FT_List_Iterate( FT_List list, + FT_List_Iterator iterator, + void* user ) { - FT_ListNode cur = list->head; + FT_ListNode cur; FT_Error error = FT_Err_Ok; + if ( !list || !iterator ) + return FT_THROW( Invalid_Argument ); + + cur = list->head; + while ( cur ) { FT_ListNode next = cur->next; @@ -392,6 +416,9 @@ FT_ListNode cur; + if ( !list || !memory ) + return; + cur = list->head; while ( cur ) { diff --git a/src/base/ftwinfnt.c b/src/base/ftwinfnt.c index 463ae761d..8e337fbe5 100644 --- a/src/base/ftwinfnt.c +++ b/src/base/ftwinfnt.c @@ -4,7 +4,7 @@ /* */ /* FreeType API for accessing Windows FNT specific info (body). */ /* */ -/* Copyright 2003, 2004 by */ +/* Copyright 2003, 2004, 2014 by */ /* David Turner, Robert Wilhelm, and Werner Lemberg. */ /* */ /* This file is part of the FreeType project, and may only be used, */ @@ -17,6 +17,7 @@ #include +#include FT_INTERNAL_DEBUG_H #include FT_WINFONTS_H #include FT_INTERNAL_OBJECTS_H #include FT_SERVICE_WINFNT_H @@ -32,17 +33,18 @@ FT_Error error; - error = FT_ERR( Invalid_Argument ); + if ( !face ) + return FT_THROW( Invalid_Face_Handle ); - if ( face != NULL ) - { - FT_FACE_LOOKUP_SERVICE( face, service, WINFNT ); + if ( !header ) + return FT_THROW( Invalid_Argument ); - if ( service != NULL ) - { - error = service->get_header( face, header ); - } - } + FT_FACE_LOOKUP_SERVICE( face, service, WINFNT ); + + if ( service ) + error = service->get_header( face, header ); + else + error = FT_THROW( Invalid_Argument ); return error; } diff --git a/src/bzip2/ftbzip2.c b/src/bzip2/ftbzip2.c index 749413027..59651361b 100644 --- a/src/bzip2/ftbzip2.c +++ b/src/bzip2/ftbzip2.c @@ -8,7 +8,7 @@ /* parse compressed PCF fonts, as found with many X11 server */ /* distributions. */ /* */ -/* Copyright 2010, 2012, 2013 by */ +/* Copyright 2010, 2012-2014 by */ /* Joel Klinghed. */ /* */ /* Based on src/gzip/ftgzip.c, Copyright 2002 - 2010 by */ @@ -456,10 +456,18 @@ FT_Stream source ) { FT_Error error; - FT_Memory memory = source->memory; + FT_Memory memory; FT_BZip2File zip = NULL; + if ( !stream || !source ) + { + error = FT_THROW( Invalid_Stream_Handle ); + goto Exit; + } + + memory = source->memory; + /* * check the header right now; this prevents allocating unnecessary * objects when we don't need them diff --git a/src/cache/ftccmap.c b/src/cache/ftccmap.c index ad0ad2db1..ab223663b 100644 --- a/src/cache/ftccmap.c +++ b/src/cache/ftccmap.c @@ -263,6 +263,9 @@ return 0; } + if ( !face_id ) + return 0; + query.face_id = face_id; query.cmap_index = (FT_UInt)cmap_index; query.char_code = char_code; diff --git a/src/cache/ftcmanag.c b/src/cache/ftcmanag.c index a65f94d6b..fff7a0882 100644 --- a/src/cache/ftcmanag.c +++ b/src/cache/ftcmanag.c @@ -186,7 +186,7 @@ FTC_MruNode mrunode; - if ( asize == NULL ) + if ( !asize || !scaler ) return FT_THROW( Invalid_Argument ); *asize = NULL; @@ -313,7 +313,7 @@ FTC_MruNode mrunode; - if ( aface == NULL ) + if ( !aface || !face_id ) return FT_THROW( Invalid_Argument ); *aface = NULL; @@ -366,6 +366,9 @@ if ( !library ) return FT_THROW( Invalid_Library_Handle ); + if ( !amanager || !requester ) + return FT_THROW( Invalid_Argument ); + memory = library->memory; if ( FT_NEW( manager ) ) @@ -451,11 +454,11 @@ FT_EXPORT_DEF( void ) FTC_Manager_Reset( FTC_Manager manager ) { - if ( manager ) - { - FTC_MruList_Reset( &manager->sizes ); - FTC_MruList_Reset( &manager->faces ); - } + if ( !manager ) + return; + + FTC_MruList_Reset( &manager->sizes ); + FTC_MruList_Reset( &manager->faces ); FTC_Manager_FlushN( manager, manager->num_nodes ); } @@ -667,6 +670,10 @@ { FT_UInt nn; + + if ( !manager || !face_id ) + return; + /* this will remove all FTC_SizeNode that correspond to * the face_id as well */ @@ -685,7 +692,9 @@ FTC_Node_Unref( FTC_Node node, FTC_Manager manager ) { - if ( node && (FT_UInt)node->cache_index < manager->num_caches ) + if ( node && + manager && + (FT_UInt)node->cache_index < manager->num_caches ) node->ref_count--; } diff --git a/src/gzip/ftgzip.c b/src/gzip/ftgzip.c index 2c60b6c57..83be22ba6 100644 --- a/src/gzip/ftgzip.c +++ b/src/gzip/ftgzip.c @@ -8,7 +8,7 @@ /* parse compressed PCF fonts, as found with many X11 server */ /* distributions. */ /* */ -/* Copyright 2002-2006, 2009-2013 by */ +/* Copyright 2002-2006, 2009-2014 by */ /* David Turner, Robert Wilhelm, and Werner Lemberg. */ /* */ /* This file is part of the FreeType project, and may only be used, */ @@ -603,10 +603,18 @@ FT_Stream source ) { FT_Error error; - FT_Memory memory = source->memory; + FT_Memory memory; FT_GZipFile zip = NULL; + if ( !stream || !source ) + { + error = FT_THROW( Invalid_Stream_Handle ); + goto Exit; + } + + memory = source->memory; + /* * check the header right now; this prevents allocating un-necessary * objects when we don't need them @@ -700,6 +708,11 @@ int err; + /* check for `input' delayed to `inflate' */ + + if ( !memory || ! output_len || !output ) + return FT_THROW( Invalid_Argument ); + /* this function is modeled after zlib's `uncompress' function */ stream.next_in = (Bytef*)input; diff --git a/src/lzw/ftlzw.c b/src/lzw/ftlzw.c index 82e6c0070..6092626b6 100644 --- a/src/lzw/ftlzw.c +++ b/src/lzw/ftlzw.c @@ -8,7 +8,7 @@ /* be used to parse compressed PCF fonts, as found with many X11 server */ /* distributions. */ /* */ -/* Copyright 2004-2006, 2009, 2010, 2012, 2013 by */ +/* Copyright 2004-2006, 2009, 2010, 2012-2014 by */ /* Albert Chin-A-Young. */ /* */ /* Based on code in src/gzip/ftgzip.c, Copyright 2004 by */ @@ -349,10 +349,18 @@ FT_Stream source ) { FT_Error error; - FT_Memory memory = source->memory; + FT_Memory memory; FT_LZWFile zip = NULL; + if ( !stream || !source ) + { + error = FT_THROW( Invalid_Stream_Handle ); + goto Exit; + } + + memory = source->memory; + /* * Check the header right now; this prevents allocation of a huge * LZWFile object (400 KByte of heap memory) if not necessary. diff --git a/src/truetype/ttinterp.c b/src/truetype/ttinterp.c index 405de0266..6bdffbca5 100644 --- a/src/truetype/ttinterp.c +++ b/src/truetype/ttinterp.c @@ -760,9 +760,14 @@ FT_EXPORT_DEF( TT_ExecContext ) TT_New_Context( TT_Driver driver ) { - FT_Memory memory = driver->root.root.memory; + FT_Memory memory; + if ( !driver ) + goto Fail; + + memory = driver->root.root.memory; + if ( !driver->context ) { FT_Error error; @@ -8221,6 +8226,9 @@ #ifdef TT_CONFIG_OPTION_STATIC_RASTER + if ( !exc ) + return FT_THROW( Invalid_Argument ); + cur = *exc; #endif