bdflib puts data from the input stream into a buffer in chunks of
1024 bytes. The data itself gets then parsed line by line, simply
increasing the current pointer into the buffer; if the search for
the final newline character exceeds the buffer size, more data gets
read.
However, in case the current line's end is very near to the buffer
end, and the keyword to compare with is longer than the current
line's length, an out-of-bounds read might happen since `memcmp'
doesn't stop properly at the string end.
* src/bdf/bdflib.c: s/ft_memcmp/ft_strncmp/ to make comparisons
stop at string ends.
Suggested by Akira Tagoh, see
http://lists.gnu.org/archive/html/freetype/2013-09/msg00030.html
* src/bdf/bdfdrivr.c (BDF_Face_Init): Return Invalid_Argument error
when the font could be opened but non-zero face_index is given.
* src/pcf/pcfdrivr.c (PCF_Face_Init): Ditto.
* src/type42/t42objs.c (T42_Face_Init): Remove unrequired FT_UNUSED
macro for face_index because it is validated in later.
Previously, the loading of a glyph was traced at level 4, if at all.
With this change, all font loading routines emit a tracing message
at level 1, making it easier to select tracing output (for example
using F2_DEBUG="any:1 afhints:7 aflatin:7").
* src/bdf/bdfdrivr.c (BDF_Glyph_Load): Add tracing message.
* src/cff/cffdrivr.c (cff_glyph_load): Ditto.
* src/cff/cffgload.c (cff_decoder_prepare): Improve tracing
messages.
* src/cid/cidgload.c (cid_load_glyph): Use level 1 for tracing
message.
* src/pcf/pcfdrivr.c (PCF_Glyph_Load): Ditto.
* src/pfr/pfrobjs.c (pfr_slot_load): Add tracing message.
* src/truetype/ttgload.c (TT_Load_Glyph): Ditto.
* src/type1/t1gload.c (T1_Load_Glyph): Ditto.
* src/type42/t42objs.c (T42_GlyphSlot_Load): Ditto.
* src/winfonts/winfnt.c (FNT_Load_Glyph): Ditto.
* src/base/ftobjs.c: Fix typo in MS pragma.
* src/base/bdflib.c (_bdf_set_default_spacing, _bdf_add_property):
`lineno' is only used in debug mode.
* src/cff/cf2ft.c (cf2_builder_moveTo): `params' is only used in
debug mode.
http://cppcheck.sourceforge.net/
Note that the current version heavily chokes on FreeType, delivering
even wrong results. I will report those issues to the cppcheck team
so that a newer version gives improved results hopefully.
*/* Improve variable scopes.
*/* Remove redundant initializations which get overwritten.
* src/base/ftmac.c ,builds/mac/ftmac.c (count_faces_scalable):
Remove unused variable.
* src/base/ftdbgmem.c (ft_mem_table_destroy): `table' can't be zero.
* src/gxvalid/gxvkern.c (gxv_kern_subtable_fmt1_entry_validate):
Remove functionless code.
* src/tools/ftrandom.c (main): Fix memory leak.
This is essentially a mechanical conversion, adding inclusion of
`FT_INTERNAL_DEBUG_H' where necessary, and providing the macros for
stand-alone compiling modes of the rasterizer modules.
To convert the remaining occurrences of FT_Err_XXX and friends it is
necessary to rewrite the code. Note, however, that it doesn't harm
if some cases are not handled since FT_THROW is a no-op.
* include/freetype/internal/ftserv.h (FT_SERVICE_UNAVAILABLE): Use
`logical not' operator instead of negation. The idea is that `~'
returns exactly the data type enforced by the cast to a pointer (be
it 32bit or 64bit or whatever), while a negative integer has not
this flexibility.
* src/cache/ftccmap.c (FTC_CMAP_UNKNOWN): Ditto.
* src/truetype/ttgxvar.c (ALL_POINTS, TT_Get_MM_Var): Ditto.
* src/type/t1load.c (T1_Get_MM_Var): Ditto.
(parse_blend_axis_types): Use cast.
* src/bdf/bdflib.c (_bdf_readstream): Use cast.
* src/bdf/bdflib.c (_bdf_list_ensure): Bring code in sync with
comment before `_bdf_list_split', this is, really allocate at least
five `field' elements.
* src/bdf/bdflib.c (_bdf_parse_glyphs) <DWIDTH, BBX>: Abort if
_BDF_ENCODING isn't set. We need this because access to the `glyph'
variable might be undefined otherwise.
ENCODING now covers the whole Unicode range.
Note, however, that this change is quite expensive since it
increases the size of three arrays by almost 400kByte in total. The
right fix is to replace the logic with something smarter.
Additionally, there exist very old BDFs for three-byte CCCII
encoding which exceeds the range of Unicode (another reason to have
a smarter logic).
* src/bdf/bdf.h (bdf_font_t): Increase size of `nmod' and `umod'
arrays.
* src/bdf/bdflib.c (bdf_parse_t): Increase size of `have' array.
* src/bdf/bdflib.c (_bdf_readstream): Use special error code to
indicate a redo operation.
(_bdf_parse_start): Handle `CHARS' keyword here too and pass current
input line to `_bdf_parse_glyph'.
* include/freetype/fterrdef.h
(BDF_Err_Missing_Fontboundingbox_Field): New error code.
* src/bdf/bdflib.c (_bdf_parse_start): Check for missing
`FONTBOUNDINGBOX' field.
Avoid memory leak if there are multiple `FONT' lines (which is
invalid but doesn't hurt).