bdflib.c:1562 could be reached with `font->glyphs_used == 0'. That
caused an underflow of the unsigned value which results in undefined
behaviour.
* src/bdf/bdflib.c (src/bdf/bdflib.c): Bail out earlier than before
if the `ENCODING' keyword cannot be found.
This monster commit was created by applying Nikhil's scripts
`docconverter.py' and `markify.py' to all C header and source files,
followed up by minor manual clean-up.
No change in functionality, of course.
I used commit f7419907bc6044b9b7057f9789866426c804ba82 from
https://github.com/nikramakrishnan/freetype-docs.git.
* src/base/fthash.c (hash_num_lookup, hash_num_compare): New
functions.
(ft_hash_init): Add argument to select between number and string
hashing.
(ft_hash_num_insert, ft_hash_num_lookup): New functions.
* include/freetype/internal/fthash.h: Updated.
* src/bdf/bdflib.c (_bdf_parse_start): Updated.
We want to support both an integer and a string key later on.
* include/freetype/internal/fthash.h (FT_Hashkey): New union.
(FT_HashnodeRec): Updated.
(ft_hash_insert, ft_hash_lookup): Renamed to ...
(ft_hash_str_insert, ft_hash_str_lookup): ... this.
* src/base/fthash.c (hash_bucket): Updated.
(ft_hash_insert, ft_hash_lookup): Renamed to ...
(hash_insert, hash_lookup): ... this.
(ft_hash_str_insert, ft_hash_str_lookup): New wrapper functions.
* src/bdf/bdflib.c: Updated.
* src/bdf/bdf.h: Include FT_INTERNAL_HASH_H.
(hashnode, hashtable): Removed.
(bdf_font_t): Use `FT_HashRec' type for `proptbl'.
* src/bdf/bdflib.c: Remove all hash functions.
Update code for new hash structure and function names.
The BDF specification only allows decimal numbers, no octal or
hexidecimal decoding is needed.
* src/bdf/bdflib.c (_bdf_atoul, _bdf_atol, _bdf_atous,
_bdf_atos): Remove unused code and parameters.
Update all callers.
(odigits): Remove.
* src/bdf/bdflib.c (ACMSG17): New message macro.
(_bdf_parse_t): Add member `size'.
(bdf_load_font): Set `size'.
(_bdf_parse_glyphs): Adjust `cnt' if necessary.
bdflib puts data from the input stream into a buffer in chunks of
1024 bytes. The data itself gets then parsed line by line, simply
increasing the current pointer into the buffer; if the search for
the final newline character exceeds the buffer size, more data gets
read.
However, in case the current line's end is very near to the buffer
end, and the keyword to compare with is longer than the current
line's length, an out-of-bounds read might happen since `memcmp'
doesn't stop properly at the string end.
* src/bdf/bdflib.c: s/ft_memcmp/ft_strncmp/ to make comparisons
stop at string ends.
* src/base/ftobjs.c: Fix typo in MS pragma.
* src/base/bdflib.c (_bdf_set_default_spacing, _bdf_add_property):
`lineno' is only used in debug mode.
* src/cff/cf2ft.c (cf2_builder_moveTo): `params' is only used in
debug mode.
http://cppcheck.sourceforge.net/
Note that the current version heavily chokes on FreeType, delivering
even wrong results. I will report those issues to the cppcheck team
so that a newer version gives improved results hopefully.
*/* Improve variable scopes.
*/* Remove redundant initializations which get overwritten.
* src/base/ftmac.c ,builds/mac/ftmac.c (count_faces_scalable):
Remove unused variable.
* src/base/ftdbgmem.c (ft_mem_table_destroy): `table' can't be zero.
* src/gxvalid/gxvkern.c (gxv_kern_subtable_fmt1_entry_validate):
Remove functionless code.
* src/tools/ftrandom.c (main): Fix memory leak.
This is essentially a mechanical conversion, adding inclusion of
`FT_INTERNAL_DEBUG_H' where necessary, and providing the macros for
stand-alone compiling modes of the rasterizer modules.
To convert the remaining occurrences of FT_Err_XXX and friends it is
necessary to rewrite the code. Note, however, that it doesn't harm
if some cases are not handled since FT_THROW is a no-op.
* include/freetype/internal/ftserv.h (FT_SERVICE_UNAVAILABLE): Use
`logical not' operator instead of negation. The idea is that `~'
returns exactly the data type enforced by the cast to a pointer (be
it 32bit or 64bit or whatever), while a negative integer has not
this flexibility.
* src/cache/ftccmap.c (FTC_CMAP_UNKNOWN): Ditto.
* src/truetype/ttgxvar.c (ALL_POINTS, TT_Get_MM_Var): Ditto.
* src/type/t1load.c (T1_Get_MM_Var): Ditto.
(parse_blend_axis_types): Use cast.
* src/bdf/bdflib.c (_bdf_readstream): Use cast.
* src/bdf/bdflib.c (_bdf_list_ensure): Bring code in sync with
comment before `_bdf_list_split', this is, really allocate at least
five `field' elements.
