The call was (from the top-level of the FreeType tree):
cppcheck --force \
--enable=all \
-I /usr/include \
-I /usr/local/include \
-I /usr/lib/gcc/i586-suse-linux/4.7/include \
-I include \
-I include/freetype \
-I include/freetype/config \
-I include/freetype/internal \
-DFT2_BUILD_LIBRARY \
. &> cppcheck.log
using cppcheck git commit f7e93f99.
Note that cppcheck still can't handle `#include FOO' (with `FOO' a
macro).
*/* Improve variable scopes.
*/* Remove redundant initializations which get overwritten.
* src/gxvalid/*: Comment out redundant code or guard it with
FT_DEBUG_LEVEL_TRACE.
http://cppcheck.sourceforge.net/
Note that the current version heavily chokes on FreeType, delivering
even wrong results. I will report those issues to the cppcheck team
so that a newer version gives improved results hopefully.
*/* Improve variable scopes.
*/* Remove redundant initializations which get overwritten.
* src/base/ftmac.c ,builds/mac/ftmac.c (count_faces_scalable):
Remove unused variable.
* src/base/ftdbgmem.c (ft_mem_table_destroy): `table' can't be zero.
* src/gxvalid/gxvkern.c (gxv_kern_subtable_fmt1_entry_validate):
Remove functionless code.
* src/tools/ftrandom.c (main): Fix memory leak.
This is essentially a mechanical conversion, adding inclusion of
`FT_INTERNAL_DEBUG_H' where necessary, and providing the macros for
stand-alone compiling modes of the rasterizer modules.
To convert the remaining occurrences of FT_Err_XXX and friends it is
necessary to rewrite the code. Note, however, that it doesn't harm
if some cases are not handled since FT_THROW is a no-op.
The idea is to always have FT_ERR_PREFIX available internally.
* include/freetype/fterrors.h: Use FT2_BUILD_LIBRARY to guard
undefinition of FT_ERR_PREFIX
* src/gxvalid/gxverror.h, src/otvalid/otverror.h,
src/sfnt/sferrors.h: Updated.
Patch submitted by anonymous reporter.
* src/gxvalid/gxvcommn.c (gxv_XStateTable_subtable_setup):
gxv_set_length_by_ulong_offset() must be called with 3, not 4,
the number of the subtables in the state tables; classTable,
stateArray, entryTable.
Some invalid, overrunning, unrecommended non-zero values
are cared in paranoid validation mode only. There are
many lines looking like:
if ( valid->root->level >= FT_VALIDATE_PARANOID )
FT_INVALID_xxx;
To simplify them, GXV_SET_ERR_IF_PARANOID( err ) is
introduced for more paranoid validation in future.
* src/gxvalid/gxvcommn.h (IS_PARANOID_VALIDATION):
New macro to assure valid->root->level is more or
equal to FT_VALIDATE_PARANOID. (GXV_SET_ERR_IF_PARANOID):
New macro to raise an error if in paranoid validation.
* src/gxvalid/gxvcommn.c: Use GXV_SET_ERR_IF_PARANOID().
* src/gxvalid/gxvfeat.c: Ditto.
* src/gxvalid/gxvjust.c: Ditto.
* src/gxvalid/gxvkern.c: Ditto.
* src/gxvalid/gxvmort.c: Ditto.
* src/gxvalid/gxvmort0.c: Ditto.
* src/gxvalid/gxvmort1.c: Ditto.
* src/gxvalid/gxvmort2.c: Ditto.
* src/gxvalid/gxvmorx1.c: Ditto.
* src/gxvalid/gxvmorx2.c: Ditto.
* src/gxvalid/gxvmort.c (gxv_mort_subtables_validate):
Conditionalize unvalidated variable `subFeatureFlags'.
(gxv_mort_chain_validate): Conditionalize unvalidated
variable `defaultFlags'.
* src/gxvalid/gxmort0.c
(gxv_mort_subtable_type0_entry_validate): Check the
conflict of the marks for the glyphs.
* src/gxvalid/gxmort1.c
(gxv_mort_subtable_type1_offset_to_subst_validate):
Local variables `min_gid', `max_gid' are replaced by
variables in the validator.
(gxv_mort_subtable_type1_entry_validate): Conditionalize
unvalidated variables; `setMark', `dontAdvance'.
(gxv_mort_subtable_type1_substTable_validate):
Validate the GID by the min/max GIDs in the validator.
* src/gxvalid/gxvmort2.c
(gxv_mort_subtable_type2_ligActionOffset_validate):
Conditionalize unvalidated variables; `last', `store'.
Checking for overrunning offset is added.
(gxv_mort_subtable_type2_entry_validate):
Conditionalize unvalidated variables; `setComponent',
`dontAdvance'.
(gxv_mort_subtable_type2_ligatureTable_validate):
Check if the GID for ligature does not exceed the
max GID in `maxp' table.
* src/gxvalid/gxvmort5.c
(gxv_mort_subtable_type5_InsertList_validate):
Conditionalize unvalidated loading of `insert_glyphID'
array. (gxv_mort_subtable_type5_entry_validate):
Conditionalize unvalidated variables; `setMark',
`dontAdvance', `currentIsKashidaLike',
`markedIsKashidaLike', `currentInsertBefore',
`markedInsertBefore'.
* src/gxvalid/gxvjust.c (gxv_just_check_max_gid):
New function to unify the checks of too large GID.
(gxv_just_wdp_entry_validate): Conditionalize unvalidated
variables; `beforeGrowLimit', `beforeShrinkGrowLimit',
`afterGrowLimit', `afterShrinkGrowLimit', `growFlags',
`shrinkFlags'. Additional check for non-zero values in
unused storage `justClass' is added.
(gxv_just_actSubrecord_type0_validate): Conditionalize
unvalidated variable `order'. GID is checked by
gxv_just_check_max_gid(). Additional check for upside-down
relationship between `lowerLimit' and `upperLimit' is added.
(gxv_just_actSubrecord_type1_validate): GID is checked by
gxv_just_check_max_gid().
(gxv_just_actSubrecord_type2_validate): Conditionalize
unvalidated variable `substThreshhold'. GID is checked by
gxv_just_check_max_gid().
(gxv_just_actSubrecord_type5_validate): GID is checked by
gxv_just_check_max_gid().
(gxv_just_classTable_entry_validate): Conditionalize
unvalidated variables; `setMark', `dontAdvance',
`markClass', `currentClass'.
* src/gxvalid/gxvcommn.h (GXV_LOAD_TRACE_VARS): New macro to
conditionalize the variable which is only used for trace messages.
Automatically set by FT_DEBUG_LEVEL_TRACE.
(GXV_LOAD_UNUSED_VARS): New macro to conditionalize the loading of
unvalidated variables. Undefined by default to calm gcc4.6 warning.
(GXV_ValidatorRec.{min_gid,max_gid}): New variables to hold defined
GID ranges, for the comparison of GID ranges in different subtables.
extern const FT_Module_Class
(or similar for C++). However, the actual types of the variables
being declared are often different, e.g., FT_Driver_ClassRec or
FT_Renderer_Class. (Some are, indeed, FT_Module_Class.)
This works with most C compilers (since those structs begin with an
FT_Module_Class struct), but technically it's undefined behavior.
To quote the ISO/IEC 9899:TC2 final committee draft, section 6.2.7
paragraph 2:
All declarations that refer to the same object or function shall
have compatible type; otherwise, the behavior is undefined.
(And they are not compatible types.)
Most C compilers don't reject (or even detect!) code which has this
issue, but the GCC LTO development branch compiler does. (It
outputs the types of the objects while generating .o files, along
with a bunch of other information, then compares them when doing the
final link-time code generation pass.)
Patch from Savannah bug #25133.
* src/base/ftinit.c (FT_USE_MODULE): Include variable type.
* builds/amiga/include/freetype/config/ftmodule.h,
include/freetype/config/ftmodule.h, */module.mk: Updated to declare
pass correct types to FT_USE_MODULE.
recursion depth of 1. This was the maximum value in TrueType 1.0,
and some older fonts don't set this field correctly.
* src/gxvalid/gxvmort1.c
(gxv_mort_subtable_type1_substTable_validate): Fix tracing message.
Fix miscellaneous compiler warnings.
* freetype2/include/freetype/internal/ftobjs.h: close
comment with `*/' to avoid `/* in comment' compiler warning.
* freetype2/src/base/ftdbgmem.c (ft_mem_table_get_source): Turn
cast `(FT_UInt32)(void*)' into `(FT_UInt32)(FT_PtrDist)(void*)'
since on 64-bit platforms void* is larger than FT_UInt32.
* freetype2/src/base/ftobjs.c (t_validator_error): cast
away volatileness of argument to ft_longjmp. Spotted by
Werner `Putzfrau' Lemberg.
* freetype2/src/bdf/bdflib.c (bdf_load_font): initialize
local variable `lineno'.
* freetype2/src/gxvalid/gxvmod.c (classic_kern_validate):
mark local variable `error' volatile.
Fix for previous commit, which caused many compiler warnings/errors
about addresses of volatile objects passed as function arguments
as non-volatile pointers.
* freetype2/include/freetype/internal/ftvalid.h: Make
FT_Validator typedef a pointer to a volatile object.
* freetype2/src/gxvalid/gxvmod.c (gxv_load_table): Make function
argument `table' a pointer to a volatile object.
* freetype2/src/otvalid/otvmod.c (otv_load_table): Make function
argument `table' a pointer to a volatile object.
* freetype2/src/gxvalid/gxvmod.c (GXV_TABLE_DECL): Mark local
variable `_sfnt' as volatile since it must keep its value across
a call to ft_setjmp.
(gxv_validate): Same for local variables `memory' and `valid'.
(classic_kern_validate): Same for local variables `memory',
`ckern', and `valid'.
* freetype2/src/otvalid/otvmod.c (otv_validate): Same for function
parameter `face' and local variables `base', `gdef', `gpos', `gsub',
`jstf', and 'valid'.
* freetype2/src/sfnt/ttcmap.c (tt_face_build_cmaps): Same for
local variable `cmap'.