We simply ignore such instructions. This is invalid, but it doesn't
harm; and indeed, there exist such subsetted fonts in PDFs.
Reported by Albert Astals Cid <aacid@kde.org>.
* src/cff/cffgload.c (cff_decoder_parse_charstrings)
[cff_op_hlineto]: Ignore instruction if there aren't any arguments
on the stack.
=========================
Tag sources with `VER-2-4-4'.
* docs/CHANGES: Updated.
* docs/VERSION.DLL: Update documentation and bump version number to
2.4.4
* README, Jamfile (RefDoc),
builds/win32/vc2005/freetype.vcproj, builds/win32/vc2005/index.html,
builds/win32/vc2008/freetype.vcproj, builds/win32/vc2008/index.html,
builds/win32/visualc/freetype.dsp,
builds/win32/visualc/freetype.vcproj,
builds/win32/visualc/index.html, builds/win32/visualce/freetype.dsp,
builds/win32/visualce/freetype.vcproj,
builds/win32/visualce/index.html,
builds/wince/vc2005-ce/freetype.vcproj,
builds/wince/vc2005-ce/index.html,
builds/wince/vc2008-ce/freetype.vcproj,
builds/wince/vc2008-ce/index.html: s/2.4.3/2.4.4/, s/243/244/.
* include/freetype/freetype.h (FREETYPE_PATCH): Set to 4.
* builds/unix/configure.raw (version_info): Set to 12:2:6.
start_point, check_points, add_point, add_point1, close_contour
macros.
Remove add_contour macro.
Return error code from t1_builder_start_point and
t1_builder_check_points when there was one (instead of returning 0).
Some Latin TrueType fonts are still expected to be unhinted.
Fix Savannah bug #31645.
* src/truetype/ttobjs.c (tt_check_trickyness): Divided to...
(tt_check_trickyness_family): this checking family name, and
(tt_check_trickyness_sfnt_ids): this checking cvt/fpgm/prep.
(tt_get_sfnt_checksum): Function to retrieve the sfnt checksum
for specified subtable even if cleared by lazy PDF generators.
(tt_synth_sfnt_checksum): Function to calculate the checksum.
Reported by Johnson Y. Yan <yinsen_yan@foxitsoftware.com>.
* src/truetype/ttpload.c (tt_face_load_loca): While sanitizing,
handle case where `loca' is the last table in the font.
Since 2010-07-04, find_variant_selector_charmap() returns
the first cmap subtable always under rogue-compatible
configuration, it causes NULL pointer dereference and
make UVS-related functions crashed.
* src/base/ftobjs.c (Fix find_variant_selector_charmap):
Returns UVS cmap correctly.
UVS supporting functions assume the variation handler functions
are valid. When a font without cmap format 14 is given, these
function pointers are left as NULL, so calling these functions
causes NULL pointer dereference.
* src/base/ftobjs.c (FT_Face_GetCharVariantIndex): Check the pointer
FT_CMap_Class->char_var_index before calling it.
(FT_Face_GetCharVariantIsDefault): Check the pointer
FT_CMap_Class->char_var_default before calling it.
(FT_Face_GetVariantSelectors): Check the pointer
FT_CMap_Class->variant_list before calling it.
(FT_Face_GetVariantsOfChar): Check the pointer
FT_CMap_Class->charvariant_list before calling it.
(FT_Face_GetCharsOfVariant): Check the pointer
FT_CMap_Class->variantchar_list before calling it.
* src/smooth/ftsmooth.c (gray_render_conic): Since version 2.4.3,
cubic deviations have been estimated _after_ UPSCALE, whereas
conic ones have been evaluated _before_ UPSCALE, which produces
inferior rendering results. Fix this.
Partially undo change from 2010-10-15 by using ONE_PIXEL/4; this has
been tested with demo images sent to the mailing list. See
http://lists.gnu.org/archive/html/freetype-devel/2010-10/msg00055.html
and later mails in this thread.
Problem reported by Tom Bishop <wenlin@wenlin.com>; see
thread starting with
http://lists.gnu.org/archive/html/freetype/2010-10/msg00049.html
* src/raster/ftraster.c (Line_Up): Replace FMulDiv with SMulDiv
since the involved multiplication exceeds 32 bits.
* src/cache/ftccache.h (FTC_CACHE_LOOKUP_CMP): Revert
the type of `_idx' from FT_PtrDist (by previous change)
to original FT_UFast, to match with FT_CacheRec.
On LLP64 platforms (e.g. Win64), FT_ULong (32-bit)
variables are inappropriate to calculate hash values
from the memory address (64-bit). The hash variables
are extended from FT_ULong to FT_PtrDist and new
hashing macro functions are introduced. The hash
values on 16-bit memory platforms are changed, but
ILP32 and LP64 are not changed. The hash value in
the cache subsystem is not reverted to the memory
address, so using signed type FT_PtrDist is safe.
* src/cache/ftccache.h (_FTC_FACE_ID_HASH): New hash
function to replace FTC_FACE_ID_HASH() for portability.
* src/cache/ftcmanag.h (FTC_SCALER_HASH): Replace
FTC_FACE_ID_HASH() by _FTC_FACE_ID_HASH().
* src/cache/ftccmap.c (FTC_CMAP_HASH): Ditto.
* src/cache/ftccache.h (FTC_NodeRec): The type of the
member `hash' is changed from FT_UInt32 to FT_PtrDist.
* src/cache/ftccache.h (FTC_Cache_Lookup): The type of the
argument `hash' is changed from FT_UInt32 to FT_PtrDist.
(FTC_Cache_NewNode): Ditto.
* src/cache/ftccache.c (ftc_cache_add): Ditto.
(FTC_Cache_Lookup): Ditto. (FTC_Cache_NewNode): Ditto.
* src/cache/ftcglyph.h (FTC_GCache_Lookup): Ditto.
* src/cache/ftcglyph.c (FTC_GCache_Lookup): Ditto.
* src/cache/ftcbasic.c (FTC_ImageCache_Lookup): The type
of the internal variable `hash' is changed to FT_PtrDist
from FT_UInt32. (FTC_ImageCache_LookupScaler): Ditto.
(FTC_SBitCache_Lookup): Ditto.
(FTC_SBitCache_LookupScaler): Ditto.
* src/cache/ftccmap.c (FTC_CMapCache_Lookup): Ditto.
* src/cache/ftccache.h (FTC_CACHE_LOOKUP_CMP): Ditto.
Also the type of the internal variable `_idx' is changed to
FT_PtrDist from FT_UInt32 for better pointer calculation.
FT_POINTER_TO_ULONG(), FTC_FACE_ID_HASH() and
FTC_IMAGE_TYPE_HASH() are enclosed by
FT_CONFIG_OPTION_OLD_INTERNALS and hidden from
normal clients.
For the history of these macros, see the investigation:
http://lists.gnu.org/archive/html/freetype/2010-10/msg00022.html
On LLP64 platforms (e.g. Win64), unsigned long (32-bit)
cannot cover the memory address (64-bit). FT_MEM_VAL() is
used for hashing only and not dereferred, so using signed
type FT_PtrDist is safe.
* src/base/ftdbgmem.c (FT_MEM_VAL): Change the type of the
return value from FT_ULong to FT_PtrDist.
(ft_mem_table_resize): The type of hash is changed to
FT_PtrDist. (ft_mem_table_get_nodep): Ditto.
On LLP64 platforms (e.g. Win64), long (32-bit) cannot cover
the memory address (64-bit). Also the casts from the pointer
type to long int should be removed to preserve the address
correctly.
* src/raster/ftraster.c (New_Profile): Replace "%lx" by "%p".
(End_Profile) Ditto.
* src/truetype/ttinterp.c (Init_Context): Ditto.
FT_MAX_CURVE_DEVIATION is dependent on the value of ONE_PIXEL.
* src/smooth/ftgrays.c (FT_MAX_CURVE_DEVIATION): Remove it and
replace it everywhere with ONE_PIXEL/8.
When a resource fork access rule by Darwin VFS could open the
resource fork but no font is found in it, the rest of rules
by Darwin VFS are skipped. It reduces the warnings of the
deprecated resource fork access method by recent Darwin kernel.
Fix MacPorts ticket #18859:
http://trac.macports.org/ticket/18859
* src/base/ftobjs.c (load_face_in_embedded_rfork):
When FT_Stream_New() returns FT_Err_Cannot_Open_Stream, it
means that the file is possible to be fopen()-ed but zero-sized.
Also there is a case that the resource fork is not zero-sized,
but no supported font exists in it. If a rule by Darwin VFS
falls into such cases, there is no need to try other Darwin VFS
rules anymore. Such cases are marked by vfs_rfork_has_no_font.
If it is TRUE, the Darwin VFS rules are skipped.
MacOS X/Darwin kernel supports a few tricky methods to access
a resource fork via ANSI C or POSIX interface. Current resource
fork accessor tries all possible methods to support all kernels.
But if a method could open a resource fork but no font is found,
there is no need to try other methods older than tested method.
To determine whether the rule index is for Darwin VFS, a local
function ftrfork.c::raccess_rule_by_darwin_vfs() is introduced.
To use this function in ftobjs.c etc but it should be inlined,
it is exposed by ftbase.h.
* src/base/ftrfork.c (FT_RFork_Rule): New enum type to identify
the rules to access the resource fork.
(raccess_guess_rec): New structure to bind the rule function and
rule enum type.
(FT_Raccess_Guess): The list of the rule functions is replaced by
(raccess_guess_table): This. This is exposed to be used by other
intra module functions.
(raccess_rule_by_darwin_vfs): A function to return a boolean
if the rule specified by the rule index is based on Darwin VFS.
builds/unix/ftsystem.c prevents to open an useless stream from
zero-sized file and returns FT_Err_Cannot_Open_Stream, but the
stream drivers for ANSI C, Amiga and VMS return useless streams.
For cross-platform consistency, all stream drivers should act
same.
* src/base/ftsystem.c (FT_Stream_Open): If the size of the opened
file is zero, FT_Err_Cannot_Open_Stream is returned.
* builds/amiga/src/base/ftsystem.c (FT_Stream_Open): Ditto.
* src/vms/ftsystem.c (FT_Stream_Open): Ditto.
=========================
Tag sources with `VER-2-4-3'.
* docs/CHANGES: Updated.
* docs/VERSION.DLL: Update documentation and bump version number to
2.4.3
* README, Jamfile (RefDoc),
builds/win32/vc2005/freetype.vcproj, builds/win32/vc2005/index.html,
builds/win32/vc2008/freetype.vcproj, builds/win32/vc2008/index.html,
builds/win32/visualc/freetype.dsp,
builds/win32/visualc/freetype.vcproj,
builds/win32/visualc/index.html, builds/win32/visualce/freetype.dsp,
builds/win32/visualce/freetype.vcproj,
builds/win32/visualce/index.html,
builds/wince/vc2005-ce/freetype.vcproj,
builds/wince/vc2005-ce/index.html,
builds/wince/vc2008-ce/freetype.vcproj,
builds/wince/vc2008-ce/index.html: s/2.4.2/2.4.3/, s/242/243/.
* include/freetype/freetype.h (FREETYPE_PATCH): Set to 3.
* builds/unix/configure.raw (version_info): Set to 12:1:6.
Based on a patch from Alexander Stohr <Alexander.Stohr@gmx.de>.
* configure: Compare directories using `ls -id'.
Check existence of `reference' subdirectory before creating it.
This fixes the flattening of cubic, S-shaped curves and speeds up
the handling of both the conic and cubic arcs.
See the discussions on the freetype-devel mailing list in late
August and September 2010 for details.
* src/smooth/ftgrays.c (FT_MAX_CURVE_DEVIATION): New macro.
(TWorker): Remove `conic_level' and `cubic_level' elements.
(gray_render_conic): Simplify algorithm.
(gray_render_cubic): New algorithm; details are given in the code
comments.
(gray_convert_glyph): Remove heuristics.
* src/cff/cffload.c (cff_charset_compute_cids): `charset->sids[i]'
is `FT_UShort'.
(cff_index_access_element): Don't use additions in comparison.
* src/sfnt/ttpost.c (load_format_20): Make `post_limit' of type
`FT_Long'.
Don't use additions in comparison.
Improve tracing messages.
(load_format_25, load_post_names): Make `post_limit' of type
`FT_Long'.
See Savannah bug #30975.
* src/cff/cffload.c (cff_index_access_element): `off2', the
offset to the next element is truncated at the end of the
stream to prevent invalid I/O. As `off1', the offset to the
requested element has been checked by FT_STREAM_SEEK(),
`off2' should be checked similarly.
See Savannah bug #30975.
* src/cff/cffload.c (cff_charset_compute_cids): Ignore CID if
greater than 0xFFFFU. CFF font spec does not mention about
maximum CID in the font, but PostScript and PDF spec define
that maximum CID is 0xFFFFU.
See Savannah bug #30975.
* src/cff/cffload.c (cff_charset_compute_cids): Don't increment
max_cid after detecting max CID. The array CFF_Charset->cids
is allocated by max_cid + 1.
(cff_charset_cid_to_gindex): Permit CID is less than or equal
to CFF_Charset->max_cid.
* src/cff/cffobjs.c (cff_face_init): FT_Face->num_glyphs is
calculated as CFF_Charset->max_cid + 1.
* src/truetype/ttpload.c (tt_face_get_location): If `pos1', the
offset to the requested entry in `glyf' exceeds the end of the
table, return offset=0, length=0. If `pos2', the offset to the
next entry in `glyf' exceeds the end of the table, truncate
the entry length at the end of `glyf' table.
See Savannah bug #31040.
* src/sfnt/ttpost.c (load_post_names): Get the length of
`post' table and pass the limit of `post' table to
load_format_20() and load_format_25().
(load_format_20): Stop the parsing when we reached at the
limit of `post' table. If more glyph names are required,
they are filled by NULL names. See Savannah bug #31040.
* src/truetype/ttinterp.c (free_buffer_in_size): Don't duplicate
FT_GlyphZoneRec size->twilight to be freed. If duplicated,
FT_FREE() erases the duplicated pointers only and leave original
pointers. They can cause the double-free crash when the burst
errors occur in TrueType interpreter and free_buffer_in_size()
is invoked repeatedly. See Savannah bug #31040 for detail.
Patch is suggested by Adrian Bunk, to prevent unexpected
reflection of environmental LIBTOOL. See:
http://savannah.nongnu.org/patch/?7290
* builds/unix/unix-cc.in: LIBTOOL is unconditionally set to
$(FT_LIBTOOL_DIR)/libtool. FT_LIBTOOL_DIR is set to $(BUILD_DIR)
by default.
* configure: When configured for the building out of source tee,
FT_LIBTOOL_DIR is set to $(OBJ_DIR).
* src/truetype/ttinterp.c (TT_RunIns): Decrease the trace level
showing the error when the interpreter returns with an error,
from FT_TRACE7() to FT_TRACE1().
* src/truetype/ttinterp.c (free_buffer_in_size): New function to
free the buffer allocated during the interpretation of this glyph.
(TT_RunIns): Unset FT_Face->size->{cvt_ready,bytecode_ready} if
an error occurs in the bytecode interpretation. The interpretation
of invalid bytecode may break the function definitions and referring
them in later interpretation is danger. By unsetting these flags,
`fpgm' and `prep' tables are executed again in next interpretation.
Fix Savannah bug #30798, reported by Robert Swiecki.
* src/cff/cffload.c (cff_charset_load): Fix change from 2009-03-20:
The threshold for SIDs is not applicable here. I misinterpreted the
`SID values 65000 and above are available for implementation use'
sentence in the CFF specification.
Problem reported by Ivan Ninčić <inincic@pdftron.com>.
=========================
Tag sources with `VER-2-4-2'.
* docs/CHANGES: Updated.
* docs/VERSION.DLL: Update documentation and bump version number to
2.4.2
* README, Jamfile (RefDoc),
builds/win32/vc2005/freetype.vcproj, builds/win32/vc2005/index.html,
builds/win32/vc2008/freetype.vcproj, builds/win32/vc2008/index.html,
builds/win32/visualc/freetype.dsp,
builds/win32/visualc/freetype.vcproj,
builds/win32/visualc/index.html, builds/win32/visualce/freetype.dsp,
builds/win32/visualce/freetype.vcproj,
builds/win32/visualce/index.html,
builds/wince/vc2005-ce/freetype.vcproj,
builds/wince/vc2005-ce/index.html,
builds/wince/vc2008-ce/freetype.vcproj,
builds/wince/vc2008-ce/index.html: s/2.4.1/2.4.2/, s/241/242/.
* include/freetype/freetype.h (FREETYPE_PATCH): Set to 2.
* builds/unix/configure.raw (version_info): Set to 12:0:6.
* src/base/ftobjs.c (FT_Done_Library): Specify the order of font
drivers in face closing process. Type42 faces should be closed
before TrueType faces, because a Type42 face refers another
internal TrueType face which is created from sfnt[] array on the
memory.
* src/truetype/ttinterp.c (BOUNDSL): New macro.
Change `BOUNDS' to `BOUNDSL' where appropriate.
* src/truetype/ttinterp.h (TT_ExecContextRec): Fix type of
`cvtSize'.
=========================
Tag sources with `VER-2-4-1'.
* docs/CHANGES: Updated.
* docs/VERSION.DLL: Update documentation and bump version number to
2.4.1.
* README, Jamfile (RefDoc),
builds/win32/vc2005/freetype.vcproj, builds/win32/vc2005/index.html,
builds/win32/vc2008/freetype.vcproj, builds/win32/vc2008/index.html,
builds/win32/visualc/freetype.dsp,
builds/win32/visualc/freetype.vcproj,
builds/win32/visualc/index.html, builds/win32/visualce/freetype.dsp,
builds/win32/visualce/freetype.vcproj,
builds/win32/visualce/index.html,
builds/wince/vc2005-ce/freetype.vcproj,
builds/wince/vc2005-ce/index.html,
builds/wince/vc2008-ce/freetype.vcproj,
builds/wince/vc2008-ce/index.html: s/2.4.0/2.4.1/, s/240/241/.
* include/freetype/freetype.h (FREETYPE_PATCH): Set to 1.
* builds/unix/configure.raw (version_info): Set to 11:1:5.
Problem reported by Tobias Wolf <towolf@gmail.com>.
* src/cff/cffgload.c (cff_decoder_parse_charstrings)
<cff_op_hintmask>: Sigh. I'm apparently too silly to fix this
correctly in less than three tries.
=========================
Tag sources with `VER-2-4-0'.
* docs/CHANGES: Updated.
* docs/VERSION.DLL: Update documentation and bump version number to
2.4.0.
* README, Jamfile (RefDoc),
builds/win32/vc2005/freetype.vcproj, builds/win32/vc2005/index.html,
builds/win32/vc2008/freetype.vcproj, builds/win32/vc2008/index.html,
builds/win32/visualc/freetype.dsp,
builds/win32/visualc/freetype.vcproj,
builds/win32/visualc/index.html, builds/win32/visualce/freetype.dsp,
builds/win32/visualce/freetype.vcproj,
builds/win32/visualce/index.html,
builds/wince/vc2005-ce/freetype.vcproj,
builds/wince/vc2005-ce/index.html,
builds/wince/vc2008-ce/freetype.vcproj,
builds/wince/vc2008-ce/index.html: s/2.3.12/2.4.0/, s/2312/240/.
* include/freetype/freetype.h (FREETYPE_MINOR): Set to 4.
(FREETYPE_PATCH): Set to 0.
* builds/unix/configure.raw (version_info): Set to 11:0:5.
Permit a face for Type1, Type42 and CFF without charmap,
patch by Tor Andersson.
* src/type1/t1objs.c (T1_Face_Init): Reset the error if it
is FT_Err_No_Unicode_Glyph_Name.
* src/type42/t42objs.c (T42_Face_Init): Ditto.
* src/cff/cffobjs.c (cff_face_init): Ditto.
Too serious check of errors by `FT_CMap_New' since 2010-07-04
is fixed. Reported by Tor Andersson.
* include/freetype/fterrdef.h
(PSnames_Err_No_Unicode_Glyph_Name): New error code to
indicate the Unicode charmap synthesis failed because
no Unicode glyph name is found.
* src/psnames/psmodule.c (ps_unicodes_init): Return
PSnames_Err_No_Unicode_Glyph_Name when no Unicode glyph name
is found in the font.
* src/cff/cffcmap.c (cff_cmap_unicode_init): Return
CFF_Err_No_Unicode_Glyph_Name when no SID is available.
* src/type1/t1objs.c (T1_Face_Init): Proceed if `FT_CMap_New'
is failed by the lack of Unicode glyph name.
* src/type42/t42objs.c (T42_Face_Init): Ditto.
* src/cff/cffobjs.c (cff_face_init): Ditto.
Problem reported by malc <av1474@comtv.ru>.
* src/cff/cffgload.c (cff_decoder_parse_charstrings)
<cff_op_hintmask>: It is possible that there is just a single byte
after the `hintmask' or `cntrmask', e.g., a `return' instruction.
Fix for Savannah bug #30059.
* src/cache/ftccmap.c (FTC_CMapCache_Lookup): Replace `16' the
minimum character code passed by a legacy rogue client by...
* include/freetype/config/ftoption.h (FT_MAX_CHARMAP_CACHEABLE):
This. It is undefined when FT_CONFIG_OPTION_OLD_INTERNALS is
undefined (thus the rogue client compatibility is not required).
* src/cff/cffobjs.c (cff_face_init): Abort the automatic
selection or synthesis of Unicode cmap subtable when the charmap
index exceeds FT_MAX_CHARMAP_CACHEABLE.
* src/sfnt/ttcmap.c (tt_face_build_cmaps): Issue error message
when the charmap index exceeds FT_MAX_CHARMAP_CACHEABLE.
* src/base/ftobjs.c (find_unicode_charmap): When Unicode charmap
is found after FT_MAX_CHARMAP_CACHEABLE, ignore it and search
earlier one.
(find_variant_selector_charmap): When UVS charmap is found after
FT_MAX_CHARMAP_CACHEABLE, ignore it and search earlier one.
(FT_Select_Charmap): When a charmap matching with requested
encoding but after FT_MAX_CHARMAP_CACHEABLE, ignore and search
earlier one.
(FT_Set_Charmap): When a charmap matching with requested
charmap but after FT_MAX_CHARMAP_CACHEABLE, ignore and search
earlier one.
(FT_Get_Charmap_Index): When a requested charmap is found
after FT_MAX_CHARMAP_CACHEABLE, return the inverted charmap
index.
* src/base/ftobjs.c (Mac_Read_POST_Resource): If the type
of the POST fragment is 0, the segment is completely ignored.
The declared length of the segment is not cared at all.
According to Adobe Technical Note 5040, type 0 segment is
comment only and should not be loaded for the interpreter.
Reported by Robert Swiecki.
* src/base/ftobjs.c (Mac_Read_POST_Resource): Check `rlen'
the length of fragment declared in the POST fragment header
and prevent an underflow in length calculation. Some fonts
set the length to zero in spite of the exist of following
16bit `type'. Reported by Robert Swiecki.