This avoids additional calls to `tt_face_lookup_table' for the
`glyf' table, which can be expensive.
* include/freetype/internal/tttypes.h (TT_LoaderRec): Move
`glyf_offset' field to ...
(TT_FaceRec): ... this structure.
* src/truetype/ttgload.c (load_truetype_glyph): Updated.
(tt_loader_init): Move initialization of `glyf_offset' to ...
* src/truetype/ttpload.c (tt_face_load_loca): .. this function.
This speeds up FreeType's handling of malformed fonts.
* src/truetype/ttinterp.c (TT_RunIns): Set up limits for the number
of twilight points, the total number of negative jumps, and the
total number of loops in LOOPCALL opcodes. The values are based on
the number of points and entries in the CVT table.
(Ins_JMPR): Test negative jump counter.
(Ins_LOOPCALL): Test loopcall counter.
* src/truetype/ttinterp.h (TT_ExecContext): Updated.
* docs/CHANGES: Updated.
Without this patch, a loca sequence like `0 100000 0 100000 ...',
where value 100000 is larger than the `glyf' table size, makes
FreeType handle the whole `glyf' table as a single glyph again and
again, which is certainly invalid (and can be very slow, too).
* src/truetype/ttpload.c (tt_face_get_location): Implement.
Improve tracing messages.
Problems reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=40
We now map the strike index right before accessing the physical
data, not earlier.
* src/sfnt/sfobjs.c (sfnt_load_face): Set `face->sbit_strike_map'
after creating the map so that...
* src/sfnt/ttsbit.c (tt_face_load_strike_metrics): ... this function
can be used before and after setting up `sbit_strike_map'.
(tt_face_set_sbit_strike): Revert change.
(tt_sbit_decoder_init, tt_face_load_sbix_image): Map strike index.
* src/truetype/ttdriver.c (tt_size_select): Revert change.
FreeType tries to sanitize strike header data; we now reject
completely broken ones.
* include/freetype/internal/tttypes.h (TT_FaceRec): New
`sbit_strike_map' array pointer.
* src/base/ftobjs.c (FT_Match_Size): Reject matches where either
width or height would be zero.
Add tracing message in case of error.
* src/sfnt/sfobjs.c (sfnt_load_face): Populate `sbit_strike_map',
only using (more or less) valid strike header data for
FT_Face's `available_sizes' array.
(sfnt_done_face): Updated.
* src/sfnt/ttsbit.c (tt_face_set_sbit_strike): Use
`sbit_strike_map'.
(tt_face_load_strike_metrics): Improve tracing.
* src/truetype/ttdriver.c (tt_size_select): Use `sbit_strike_map'.
Problems reported by Bob Taylor <Bob.Taylor@monotype.com>.
* src/truetype/ttgxvar.c (TT_Vary_Apply_Glyph_Deltas): Fix rough
sanity test for glyph variation array header size.
Always set stream position before reading packed x and y deltas.
Fix thinko w.r.t. `localpoints' array.
Since 2016-05-16 we detect infinite recursion directly.
* src/sfnt/ttload.c (tt_face_load_maxp): Don't adjust
`maxComponentDepth'.
* src/truetype/ttgload.c (load_truetype_glyph): Don't abort if
`maxComponentDepth' is not valid. Instead, simply adjust its value
and emit a tracing message.
To match the logic in FDEF. The value of the end is only used for
bound-checking in `Ins_JMPR', so it may not have been obvious that
it was not recorded. Tested (as part of Font Validator 2.0) all the
fonts on Fedora and did not see any change.
* src/truetype/ttinterp.c (Ins_IDEF): Updated.
GETDATA[], opcode 0x92
bytecode instruction. It always returns 17, and we have absolutely
no idea what it is good for...
* src/truetype/ttinterp.c (Pop_Push_Count, opcode_name): Updated.
(Ins_GETDATA): New function.
(TT_RunIns): Add it.
This commit implements undocumented (but confirmed) stuff from
Apple's old bytecode engine.
GETVARIATION[], opcode 0x91
This opcode pushes normalized variation coordinates for all axes
onto the stack (in 2.14 format). Coordinate of first axis gets
pushed first.
GETINFO[], selector bit 3
If GX variation support is enabled, bit 10 of the result is set
to 1.
* src/truetype/ttinterp.c: Include FT_MULTIPLE_MASTERS_H.
(opcode_name) [TT_CONFIG_OPTION_GX_VAR_SUPPORT]: Updated.
(Ins_GETINFO) [TT_CONFIG_OPTION_GX_VAR_SUPPORT]: Handle selector
bit 3, checking support for variation glyph hinting.
(Ins_GETVARIATION) [TT_CONFIG_OPTION_GX_VAR_SUPPORT]: New function
to implement opcode 0x91.
(TT_RunIns) [TT_CONFIG_OPTION_GX_VAR_SUPPORT]: Handle opcode 0x91.
This finally fixes the rendering of the cyclist and the lizard in
the `Zycon' font.
* src/truetype/ttgxvar.c (ft_var_readpackedpoints): `first' point
index is always cumulative.
(tt_handle_deltas): Rename to...
(tt_interpolate_deltas): ... This.
Add new parameter for output point array.
Update caller.
(TT_Vary_Apply_Glyph_Deltas): Add `points_out' array; it now holds
the intermediate results of `tt_interpolate_deltas' that are to be
added to `outline->points'.
The coordinates of the base font should be used for interpolation
purposes, NOT the current points (i.e., the result of accumulation
of previous deltas).
* src/truetype/ttgxvar.c (TT_Vary_Apply_Glyph_Deltas): Initialize
`points_org' before looping over all tuples.
This commit covers the most important one.
* src/autofit/afmodule.c (af_property_set): Handle `warping',
`darkening-parameters', and `no-stem-darkening'.
* src/cff/cffdrivr.c (cff_property_set): Handle
`darkening-parameters', `hinting-engine', and `no-stem-darkening'.
* src/truetype/ttdriver.c (tt_property_set): Handle
`interpreter-version'.
This is a preparation for handling an `FREETYPE_PROPERTIES'
environment variable to control (some) driver properties.
No change in functionality.
* src/base/ftobjs.c (ft_property_do): Add `value_is_string'
parameter.
(ft_property_string_set): New function.
(FT_Property_Set, FT_Property_Get): Updated.
* include/freetype/internal/ftobjs.h: Updated.
* include/freetype/internal/services/svprop.h
(FT_Properties_SetFunc): Add `value_is_string' parameter.
* src/autofit/afmodule.c (af_property_set), src/cff/cffdrivr.c
(cff_property_set), src/truetype/ttdriver.c (tt_property_set):
Updated, emitting an error currently if `value_is_string' is set.
* src/truetype/ttinterp.c (Ins_SHPIX): Allow SHPIX to move points in
the twilight zone. Otherwise, treat SHPIX the same as DELTAP.
Unbreaks various fonts such as older versions of Rokkitt and DTL
Argo T Light that would glitch severly after calling ALIGNRP after a
blocked SHPIX.
This patch prepares data structures and the like.
See added comments in `ttinterp.h' for more information on this and
the following commits in the series.
* devel/ftoption.h, include/freetype/config/ftoption.h
(TT_CONFIG_OPTION_SUBPIXEL_HINTING): Assign values to differentiate
between subpixel versions.
(TT_SUPPORT_SUBPIXEL_HINTING_INFINALITY,
TT_SUPPORT_SUBPIXEL_HINTING_MINIMAL): New macros.
* include/freetype/ftttdrv.h (TT_INTERPRETER_VERSION_40): New macro.
* include/freetype/internal/tttypes.h (TT_FaceRec): Updated.
* src/truetype/ttinterp.h (TT_ExecContextRec): Define new fields
`subpixel_hinting_lean', `vertical_lcd_lean',
`backwards_compatibility', `iupx_called', iupy_called', and
`grayscale_cleartype' for new hinting mode.
* src/truetype/ttdriver.c (tt_property_set): Handle v38 and v40
interpreters conditionally.
* src/truetype/ttgload.c (TT_Hint_Glyph): Save phantom points unless
in v38 backwards compatibility mode.
Updated.
(compute_glyph_metrics): Add v38 backwards compatibility mode
constraint for adjusting advance widths.
Updated.
(tt_loader_init): Handle new flags `subpixel_hinting_lean',
`grayscale_cleartype', and `vertical_lcd_lean'.
Updated.
(tt_get_metrics, TT_Process_Simple_Glyph, TT_LOADER_SET_PP):
Updated.
* src/truetype/ttobjs.c (tt_driver_init): Conditionally set
default interpreter version number.
* src/truetype/ttsubpix.c, src/truetype/ttsubpix.h: Updated.
The previous fix for #46372 misunderstood a composite glyph referring
same component twice as a recursive reference. See the discussion
http://lists.gnu.org/archive/html/freetype/2016-05/msg00000.html
Thanks to Khaled Hosny for finding this issue.
* src/truetype/ttgload.c (ft_list_get_node_at): A function to get
the i-th node from FT_List. (load_truetype_glyph): In the traversal
scan of the reference tree in the composite glyph, we clear the
nodes filled by previous sibling chain.
Otherwise some properties could be set to arbitrary values, which is
harmless, but querying could give wrong positive results.
* src/cff/cffdrivr.c (cff_property_set) [hinting-engine],
* src/truetype/ttdriver.c (tt_property_set) [interpreter-version]:
Only allow defined values.
We probably did not notice this as all fonts we tested had only
tuple_coords[i] be +1 or -1 for non-intermediate tuples.
* src/truetype/ttgxvar.c (ft_var_apply_tuple): Implement it.
