test for a valid glyph index must be deferred to the font drivers.
This patch fixes Savannah bug #18301.
* src/base/ftobjs.c (FT_Load_Glyph): Don't check `glyph_index'.
* src/bdf/bdfdrivr.c (BDF_Glyph_Load), src/cff/cffgload.c
(cff_slot_load), src/cid/cidgload.c (cid_slot_load_glyph),
src/pcf/pcfdrivr.c (PCF_Glyph_Load), src/pfr/pfrobjs.c
(pfr_slot_load), src/truetype/ttdriver.c (Load_Glyph),
src/type1/t1gload.c (T1_Load_Glyph), src/winfonts/winfnt.c
(FNT_Load_Glyph): Check validity of `glyph_index'.
and FT_FORCE_LEGACY_LCD_FILTER at compile time. Define these macros
when building the library to change the default LCD filter to be
used. This is only useful for experimentation
src/base/ftlcdfilt.c, src/smooth/ftsmooth.c: API change for
the LCD filter, the FT_LcdFilter value is a enum describing
which filter to apply, new values FT_LCD_FILTER_LIGHT and
FT_LCD_FILTER_LEGACY (the latter implements the LibXft original
algorithm which produces incredible color fringes for everything
except very-well hinted text)
* src/autofit/aflatin.c: various tiny improvements that drastically
improve the handling of serif fonts and of LCD/LCD_V hinting modes.
src/base/ftobjs.c: fixed a bug in the automatic unpatented
hinting support which prevented normal bytecode hinting to
work properly
* src/autofit/aftypes.h: undefining AF_DEBUG to get rid of
traces
for an upcoming 2.2.2 release
* include/freetype/ftlcdfil.h, src/freetype/ftlcdfil.c:
added a new API to support color filtering of subpixel glyph
bitmaps. In default build, the function FT_Library_SetLcdFilter
returns FT_Err_Unimplemented_Feature; you need to #define
FT_CONFIG_OPTION_SUBPIXEL_RENDERING in ftoption.h to compile
the real implementation
* src/smooth/ftsmooth.c: adding support for sub-pixel color
filtering; simplifying a few function calls
* include/freetype/config/ftheader.h: adding FT_LCD_FILTER_H
macro that points to <freetype/ftlcdfil.h>
Fix miscellaneous compiler warnings.
* freetype2/include/freetype/internal/ftobjs.h: close
comment with `*/' to avoid `/* in comment' compiler warning.
* freetype2/src/base/ftdbgmem.c (ft_mem_table_get_source): Turn
cast `(FT_UInt32)(void*)' into `(FT_UInt32)(FT_PtrDist)(void*)'
since on 64-bit platforms void* is larger than FT_UInt32.
* freetype2/src/base/ftobjs.c (t_validator_error): cast
away volatileness of argument to ft_longjmp. Spotted by
Werner `Putzfrau' Lemberg.
* freetype2/src/bdf/bdflib.c (bdf_load_font): initialize
local variable `lineno'.
* freetype2/src/gxvalid/gxvmod.c (classic_kern_validate):
mark local variable `error' volatile.
include/freetype/internal/tttypes.h, src/base/ftgloadr.c,
src/base/ftobjs.c, src/truetype/ttgload.c, src/truetype/ttinterp.c,
src/truetype/ttobjs.c: improvements to native TrueType hinting,
this is a first try, controlled by the FIX_BYTECODE macro in
src/truetype/ttinterp.c
src/autofit/afcjk.c, src/autofit/afhints.c, src/autofit/aflatin.c,
src/autofit/aftypes.h, src/base/ftcalc.c, src/base/ftoutln.c,
src/gzip/ftgzip.c, src/psaux/psconv.c, src/truetype/ttgload.c,
src/type1/t1gload.c:
this is a major patch used to drastically improve the performance
of loading glyphs. This both speeds up loading the glypn vector
themselves and the auto-fitter.
note that we've started using inline assembler with GCC to
implement FT_MulFix, given that this function is so damn
important for the engine's performance.
the resulting speed-up is about 25%.
src/base/ftmac.c, src/base/ftrfork.c, src/lzw/ftzopen.c,
src/raster/ftrend1.c, src/sfnt/ttpost.c, src/truetype/ttgxvar.c,
src/type42/t42parse.c, src/winfonts/winfnt.c: hardening the code
against out-of-bounds conditions when allocating arrays. This is
for the cases where FT_NEW_ARRAY and FT_RENEW_ARRAY are not used
already. Introducing the new FT_ALLOC_MULT and FT_REALLOC_MULT
macros.
include/freetype/internal/ftmemory.h, src/base/ftdbgmem.c,
src/base/ftutil.c: udpating the memory management functions and
macros to safely deal with array size buffer overflows, this
corresponds to attemps to allocate arrays that are too large. For
an example, consider the following code:
count = read_uint32_from_file();
array = malloc( sizeof(Item) * count );
for ( nn = 0; nn < count; nn++ )
array[nn] = read_item_from_file();
if 'count' is larger than FT_UINT_MAX/sizeof(Item), the multiplication
will overflow and the array allocated will be smaller than the data
read from the file. In this case, the heap will be trashed, and this
can be used as a denial-of-service, or make the engine crash later.
the FT_ARRAY_NEW and FT_ARRAY_RENEW macro now check that the new
count is no more than FT_INT_MAX/item_size, otherwise, a new error,
named 'FT_Err_Array_Too_Large' will be returned.
note that the memory debugger now works again when FT_DEBUG_MEMORY
is defined, and FT_STRICT_ALIASING has disappeared, the corresponding
code being now the default.
msn2@bidyut.com.
* include/freetype/config/ftstdlib.h (FT_CHAR_BIT, FT_FILE,
ft_fopen, ft_fclose, ft_fseek, ft_ftell, ft_fread, ft_smalloc,
ft_scalloc, ft_srealloc, ft_sfree, ft_labs): New wrapper macros for
C library functions. Update all users accordingly (and catch some
other places where the C library function was used instead of the
wrapper functions).
* src/base/ftsystem.c: Don't include stdio.h and stdlib.h.
* src/gzip/zutil.h [MSDOS && !(__TURBOC__ || __BORLANDC__)]: Don't
include malloc.h.