Due to incorrect casting negative numbers were shown as very large
(positive) integers on 64bit systems.
* src/psaux/t1decode.c (t1_decoder_parse_charstrings) <op_none>:
Use division instead of shift.
The functions in this patch *do* return non-trivial errors that must
be taken care of.
* src/autofit/afloader.c (af_loader_load_g), src/base/ftobjs.c
(FT_Render_Glyph_Internal), src/base/ftoutln.c (FT_Outline_Render),
src/cff/cffgload.c (cff_decoder_parse_charstrings) <cff_op_endchar>,
src/psaux/psobjs.c (ps_parser_load_field_table), src/psaux/t1decode
(t1_decoder_parse_charstrings) <op_endchar>, src/truetype/ttgload.c
(load_truetype_glyph <subglyph loop>, tt_loader_init,
TT_Load_Glyph), src/truetype/ttgxvar.c (TT_Set_MM_Blend),
src/truetype/ttobjs.c (tt_size_run_fpgm, tt_size_run_prep): Do it.
* src/base/ftcalc.c (FT_DivFix): Use unsigned values for
computations which use the left shift operator and convert to signed
as the last step.
* src/base/fttrigon.c (ft_trig_prenorm, FT_Vector_Rotate,
FT_Vector_Length, FT_Vector_Polarize): Ditto.
* src/cff/cffgload.c (cff_decoder_parse_charstrings): Simplify.
* src/cff/cffload.c (cff_subfont_load): Fix constant.
* src/cff/cffparse.c (cff_parse_integer, cff_parse_real, do_fixed,
cff_parse_fixed_dynamic): Use unsigned values for computations which
use the left shift operator and convert to signed as the last step.
* src/cid/cidload.c (cid_get_offset): Ditto.
* src/psaux/psconv.c (PS_Conv_ToFixed): Ditto.
* src/psaux/t1decode.c (t1_decoder_parse_charstrings): Ditto.
* src/truetype/ttinterp.c (TT_MulFix14, TT_DotFix14): Ditto.
This is essentially a mechanical conversion, adding inclusion of
`FT_INTERNAL_DEBUG_H' where necessary, and providing the macros for
stand-alone compiling modes of the rasterizer modules.
To convert the remaining occurrences of FT_Err_XXX and friends it is
necessary to rewrite the code. Note, however, that it doesn't harm
if some cases are not handled since FT_THROW is a no-op.
* include/freetype/config/ftstdlib.h (FT_USHORT_MAX): New macro.
* src/base/ftbitmap.c (FT_Bitmap_Convert): Protect against invalid
value of `target->rows'.
* src/psaux/t1decode.c (t1_decoder_parse_charstrings): Add check for
flex start.
* src/raster/ftrend1.c (ft_raster1_render): Check `width' and
`height'.
* src/truetype/ttgxvar.c (TT_Vary_Get_Glyph_Deltas): Protect against
invalid values in `localpoints' array.
Found with font fuzzying.
* src/psaux/t1decode.c (t1_decoder_parse_charstrings): Check
`decoder->buildchar'.
* src/type1/t1load.c (t1_load_keyword): Check `blend->num_designs'.
When shifting right a signed value, it is not defined by the
C standard whether one gets a sign extension or not. Use a macro to
do an explicit cast from a signed short (assuming that this is
16bit) to an int.
* src/psaux/t1decode.c (Fix2Int): New macro.
Use it where appropriate.
start_point, check_points, add_point, add_point1, close_contour
macros.
Remove add_contour macro.
Return error code from t1_builder_start_point and
t1_builder_check_points when there was one (instead of returning 0).
Previously we discovered fonts which used `setcurrentpoint' to set
the initial point of a contour to 0,0. This caused FreeType to
raise an error, because the `setcurrentpoint' operator is only
supposed to be used with the results from an OtherSubr subroutine.
This was fixed by simply ignoring the error and carrying on.
Now we have found a font which uses setcurrentpoint to actually
establish a non-zero point for a contour during the course of a
glyph program. FWIW, these files may be produced by an application
called `Intaglio' on the Mac, when converting TrueType fonts to
Type 1.
The fix allows the new invalid behaviour, the old invalid behaviour
and real proper usage of the operator to work the same way as Adobe
interpreters apparently do.
(t1_decoder_parse_charstrings): Make `setcurrentpoint' use the top
two elements of the stack to establish unconditionally the current x
and y coordinates.
Make the `flex' subroutine handling (OtherSubr 0) put the current
x,y coordinates onto the stack, instead of two dummy uninitialised
values.
Issue #28226 involved a work-around for a font which used the
`setcurrentpoint' operator in an invalid way; this operator is only
supposed to be used with the result of OtherSubrs, and the font used
it directly. The supplied patch removed the block of code which
checked this usage entirely.
This turns out to be a Bad Thing. If `setcurrentpoint' is being
used correctly it should reset the flex flag in the decoder. If we
don't do this then the flag never gets reset and we omit any further
contours from the glyph (at least until we close the path or
similar).
* src/psaux/t1decode.c (t1_decoder_parse_charstrings)
<op_setcurrentpoint>: Handle `flex_state' correctly.
This fixes Savannah bug #28226.
At least two wild PostScript files of unknown provenance contain
Type 1 fonts, apparently converted from TrueType fonts in earlier
PDF versions of the files, which use the `setcurrentpoint' operator
inappropriately.
FreeType currently throws an error in this case, but Ghostscript and
Adobe Distiller both accept the fonts and ignore the problem. This
commit #ifdefs out the check so PostScript interpreters using
FreeType can render these files.
The specification says `setcurrentpoint' should only be used to set
the point after a `Subr' call, but these fonts use it to set the
initial point to (0,0). Unnecessarily so, as they correctly use an
`hsbw' operation which implicitly sets the initial point.
This fixes Savannah bug #26867.
Previously, only integers have been used which can lead to serious
rounding errors.
However, fractional values are only used internally; after the
charstrings (of either Type 1 or 2) have been processed, the
resulting coordinates get rounded to integers currently -- before
applying scaling. This should be fixed; at the same time a new load
flag should be introduced, to be used in combination with
FT_LOAD_NO_SCALE, which indicates that font units are returned in
16.16 format. Similarly, the incremental interface should be
extended to allow fractional values for metrics.
* include/freetype/internal/psaux.h (T1_BuilderRec): Remove `shift'
field.
* include/freetype/internal/pshints.h (T1_Hints_SetStemFunc,
T1_Hints_SetStem3Func): Use FT_Fixed for coordinates.
* src/psaux/psobjs.c: Include FT_INTERNAL_CALC_H.
(t1_build_add_point): Always convert fixed to integer.
* src/psaux/t1decode.c (t1_decoder_parse_charstrings):
Use 16.16 format everywhere (except for large integers followed by a
`div').
[CAN_HANDLE_NON_INTEGRAL_T1_OPERANDS]: Remove #ifdef and activate
code uncoditionally.
Add support for random numbers and update remaining code
accordingly; this should work now.
(t1_operator_seac): Updated.
* src/psaux/pshrec.c: Include FT_INTERNAL_CALC_H.
(ps_hints_t1stem3, t1_hints_stem): Updated.
* src/cid/cidgload.c: Include FT_INTERNAL_CALC_H.
(cid_load_glyph) [FT_CONFIG_OPTION_INCREMENTAL],
(cid_face_compute_max_advance, cid_slot_load_glyph): Updated.
* src/type1/t1gload.c (T1_Parse_Glyph_And_Get_Char_String)
[FT_CONFIG_OPTION_INCREMENTAL], (T1_Get_Advances, T1_Load_Glyph):
Updated.
* src/type1/t1load.c: Include FT_INTERNAL_CALC_H.
* src/type1/t1objs.c (T1_Face_Init): Updated.
SEAC (Single Encoding Accented Characters) are composed of (basically) two
indices specifying two other glyphs, and a movement to position the accent
properly with respect to the main glyph.
To make it work with the incremental interface we now demand that the caller
handles the encoding by itself.
Fonts without a cmap must be handled correctly by FreeType (anything
else would be a bug).
* src/psaux/t1decode.c (t1_decoder_parse_charstrings)
[FT_DEBUG_LEVEL_TRACE]: Improve tracing message.
`t1_decoder_init' and let the caller of `t1_decoder_init' take care
of it.
Call the finisher for T1_Decoder in `cid_face_compute_max_advance'
and `T1_Compute_Max_Advance'.
* freetype2/include/freetype/internal/psaux.h (T1_DecoderRec):
Remove field `face', add `len_buildchar'.
* freetype2/include/freetype/internal/t1types.h (T1_FaceRec): Add
field `buildchar'.
* freetype2/src/cid/cidgload.c (cid_face_compute_max_advance): Call
finisher for T1_Decoder.
(cid_slot_load_glyph): Do not ignore failure when initializing the
T1_Decoder.
* freetype2/src/psaux/t1decode.c (t1_decoder_parse_charstrings):
Updated.
(t1_decoder_init): Remove initialization of fields `buildchar' and
`len_buildchar'.
(t1_decoder_done): Remove deallocation of field `buildchar'.
* freetype/src/type1/t1gload.c (T1_Compute_Max_Advance): Initialize
T1_Decoder's `buildchar' and `len_buildchar'; call finisher for
T1_Decoder.
(T1_Load_Glyph): Initialize T1_Decoder's `buildchar' and
`len_buildchar'; make sure to call finisher for T1_Decoder even in
case of error.
* freetype2/src/type1/t1load.c (T1_Open_Face): Allocate new field
`buildchar' of T1_FaceRec.
* freetype2/src/type1/t1objs.c (T1_Face_Done): Free new field
`buildchar' of T1_FaceRec.
IS_PS_NEWLINE, IS_PS_SPACE, IS_PS_SPECIAL, IS_PS_DELIM, IS_PS_DIGIT,
IS_PS_XDIGIT, and IS_PS_BASE85 (from freetype2/src/psaux/psconv.h).
(T1_FieldLocation): Add T1_FIELD_LOCATION_LOADER,
T1_FIELD_LOCATION_FACE, and T1_FIELD_LOCATION_BLEND.
(T1_DecoderRec): New fields `buildchar' and `face'.
(IS_PS_TOKEN): New macro.
* freetype2/include/freetype/internal/t1types.h (T1_FaceRec): New
fields `ndv_idx', `cdv_idx', and `len_buildchar'.
* freetype2/include/freetype/t1tables.h (PS_BlendRec): New fields
`default_design_vector' and `num_default_design_vector'.
* freetype2/src/psaux/psconv.h: Move macros IS_PS_NEWLINE,
IS_PS_SPACE, IS_PS_SPECIAL, IS_PS_DELIM, IS_PS_DIGIT, IS_PS_XDIGIT,
and IS_PS_BASE85 to freetype2/include/freetype/internal/psaux.h.
* freetype2/src/psaux/psobjs.c (ps_parser_to_token_array): Allow
`token' argument to be NULL if we want only to count the number of
tokens.
(ps_tocoordarray): Allow `coords' argument to be NULL if we just
want to skip the array.
(ps_tofixedarray): Allow `values' argument to be NULL if we just
want to skip the array.
* freetype2/src/psaux/t1decode.c (t1_decoder_parse_charstrings): Add
support for (partially commented out) othersubrs 19-25, 27, and 28.
(t1_decoder_init): Initialize new fields `face' and `buildchar'.
(t1_decoder_done): Release new field `buildchar'.
* freetype2/src/type1/t1load.c (parse_buildchar, parse_private): New
functions.
(t1_keywords): Register them.
(t1_allocate_blend): Updated.
(t1_load_keyword): Handle field types T1_FIELD_LOCATION_LOADER,
T1_FIELD_LOCATION_FACE and T1_FIELD_LOCATION_BLEND.
(parse_dict): Remove `keyword_flags' argument.
Use new macro IS_PS_TOKEN.
Changed function so that later PostScript definitions override
earlier ones.
(t1_init_loader): Initialize new field `keywords_encountered'.
(T1_Open_Face): Initialize new fields `ndv_idx', `cdv_idx', and
`len_buildchar'.
Remove `keywords_flags'.
* freetype2/src/type1/t1load.h (T1_LoaderRect): New field
`keywords_encountered'.
(T1_PRIVATE, T1_FONTDIR_AFTER_PRIVATE): New macros.
* freetype2/src/type1/t1tokens.h [!T1_CONFIG_OPTION_NO_MM_SUPPORT]:
New entries for parsing /NDV, /CDV, and /DesignVector.
(t1_decoder_parse_charstrings): Operator with
opcode 15 pops its two arguments.
Handle the case where the pops of an othersubr may be part of a
subroutine.
Handle unknown othersubrs gracefully: count their operands and let
the following pop operators push the operands as the results onto
the Type1 stack.
Improve handling of setcurrentpoint opcode.
return the FreeType version. Suggested by George Williams
<gww@silcom.com>.
* docs/CHANGES: Updated.
* src/otvalid/otvmod.c (otv_validate): Deallocate arrays in case
of error. Reported by YAMANO-UCHI Hidetoshi <mer@din.or.jp>.
* src/psaux/t1decode.c (t1_decoder_parse_charstrings)
<op_closepath>: Accept `T1_Parse_Have_Moveto' state also which can
happen in empty glyphs. Reported by Ian Brown
<ian.brown@printsoft.de>.