Commit Graph

7693 Commits

Author SHA1 Message Date
Werner Lemberg
947fddc8da * src/sfnt/ttcolr.c (read_paint): Fix undefined left-shift operation.
Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43151
2022-01-11 08:27:26 +00:00
Werner Lemberg
639a02154b * src/type42/t42objs.c (T42_Open_Face): Avoid use of uninitialized memory.
Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43508
2022-01-11 09:14:48 +01:00
Werner Lemberg
33626164e8 .gitlab-ci.yml: Fix typo in previous commit. 2022-01-11 08:01:30 +01:00
Werner Lemberg
4c0db60772 .gitlab-ci.yml: Update Windows image.
The old image produced errors like

```
Downloading zlib patch from
  https://wrapdb.mesonbuild.com/v2/zlib_1.2.11-5/get_patch
A fallback URL could be specified using patch_fallback_url key in the wrap file
WrapDB connection failed to
  https://wrapdb.mesonbuild.com/v2/zlib_1.2.11-5/get_patch
with error
  <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify
   failed: certificate has expired (_ssl.c:1122)>
```
2022-01-11 07:52:28 +01:00
Werner Lemberg
2e62b7446b * subprojects/zlib.wrap: Update from upstream. 2022-01-11 05:37:56 +01:00
Werner Lemberg
4a89112b2a * src/sfnt/ttcolr.c (tt_face_get_color_glyph_clipbox): Add limit checks.
Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=40716
2022-01-10 18:31:17 +00:00
Werner Lemberg
3f9b78fc79 [zlib] Don't typedef ptrdiff_t.
While using zlib in 'solo' mode (via the `Z_SOLO` macro), we actually
include some standard header files, making the typedef fail on systems where
the native `ptrdiff_t` type differs.

Fixes #1124.

* src/zlib/zutil.h: Comment out definition; it doesn't work on Windows.

* src/zlib/patches/freetype-zlib.diff: Updated.
2022-01-10 18:24:56 +01:00
Werner Lemberg
da8a8b8bcf [zlib] Some organizational changes.
We now first apply zlib's `zlib2ansi` script, then FreeType's patch file.

* src/gzip/README.freetype: Updated.

* patches/0001-zlib-Fix-zlib-sources-to-compile-for-FreeType.patch: Renamed
to...
* patches/freetype-zlib.diff: This.
Clean up description, then regenerate it as follows:

  - Copy unmodified files from `zlib` repository.
  - Run `zlib2ansi` script.
  - Run `git diff -R > patches/freetype-zlib.diff.new`.
  - Insert patch description of old diff file, then replace old diff with
    new diff file.
2022-01-10 18:13:10 +01:00
David Turner
a25e85ed95 [gzip] Update sources to zlib 1.2.11
This can be tested by building with the Unix development build

  make setup devel
  make

or by building the freetype-demos programs with

  meson setup build -Dfreetype2:zlib=internal
  meson compile -C out

and trying to run `ftview` with a `.pcf.gz` font file.

* src/gzip/ftgzip.c, src/gzip/rules.mk: Update for new zlib sources.  Also
remove the temporary fix introduced in commit 6a431038 to work around the
fact that the internal sources were too old.

* src/gzip/README.freetype: New file describing the origin of the sources
and how they were modified.

* src/gzip/patches/*: Patch files applied to original sources.

* src/gzip/*: Updated zlib sources with the patch file(s) from
`src/gzip/patches/` applied, followed by a conversion with zlib's
`zlib2ansi` script.
2022-01-09 23:16:00 +01:00
David Turner
0d34386366 [meson] Change Zlib configuration option.
* meson_options.txt, meson.build: Change the format of the 'zlib' meson
build configuration option to be a combo with the following choices:

  - none: Do not support gzip-compressed streams at all.

  - internal: Support gzip-compressed streams using the copy of the gzip
    sources under `src/gzip/`; this should only be used during development
    to ensure these work properly.

  - external: Support gzip-compressed streams using the 'zlib' Meson
    subproject, linked as a static library.

  - system: Support gzip-compressed streams using a system-installed version
    of zlib.

  - auto: Support gzip-compressed streams using a system-installed version
    of zlib, if available, or using the 'zlib' subproject otherwise.  This
    is the default.

  - disabled: Backward-compatible alias for 'none'.

  - enabled: Backward-compatible alias for 'auto'.
2022-01-09 21:38:29 +01:00
Werner Lemberg
d276bcb7f0 [bzip2] Avoid use of uninitialized memory.
* src/bzip2/ftbzip2.c (FT_Stream_OpenBzip2): Don't use `FT_QNEW` but
`FT_NEW` for setting up `zip` to avoid uninitialized memory access while
handling malformed PCF fonts later on.

Fixes

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42800
2022-01-09 07:48:59 +01:00
Alexei Podtelezhnikov
ca01112894 [sfnt] Fix off-by-one error.
The 0-base index is equal to the number of previosly parsed entries.
It is an error to adjust it by one to get the number truncated by
a stream error.  This is probably inconsequential because valid
entries are correctly accounted for.

* src/sfnt/ttload.c (check_table_dir): Do not adjust the truncated
number of tables.
2022-01-08 22:28:44 -05:00
Werner Lemberg
7a493e3a40 [sfnt, type42] Correct previous commit.
Really fix https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42773.

* src/sfnt/ttload.c (check_table_dir): Revert change.

* src/type42/t42.parse.c (t42_parse_sfnts): Don't use `FT_QREALLOC` but
`FT_REALLOC` for setting up `ttf_data` to avoid uninitialized memory access
while handling malformed TrueType fonts later on.
2022-01-08 10:28:19 +01:00
Werner Lemberg
bf9b1ef905 * src/sfnt/ttload.c (check_table_dir): Initialize table.
Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42773
2022-01-07 10:25:52 +01:00
Werner Lemberg
b5c2172f59 [sfnt] Avoid 'runtime error: applying zero offset to null pointer'.
* src/sfnt/ttsbit.c (tt_sbit_decoder_load_byte_aligned): Exit early if
`line` is NULL.
2022-01-07 06:53:44 +01:00
Werner Lemberg
5aa2a5c34a [autofit, pshinter] Use FT_OFFSET.
This avoids

```
runtime error: applying zero offset to null pointer
```

warnings of clang's undefined behaviour sanitizer.

* src/autofit/afcjk.c (af_cjk_hints_link_segments,
af_cjk_hints_compute_edges, af_cjk_hints_compute_blue_edges,
af_cjk_hint_edges, af_cjk_align_edge_points): Do it.

* src/autofit/afhints.c (af_glyph_hints_align_edge_points,
af_glyph_hints_align_strong_points): Ditto.

* src/autofit/aflatin.c (af_latin_metrics_init_widths,
af_latin_hints_link_segments, af_latin_hints_compute_edges,
af_latin_hints_compute_blue_edges, af_latin_hint_edges): Ditto.

* src/pshinter/pshalgo.c (psh_hint_table_init): Ditto.
2022-01-07 06:41:36 +01:00
Ben Wagner
afb4ca0151 [truetype] Reset localpoints when varying cvt.
When iterating over the cvt tuples and reading in the points it is necessary
to set all of `localpoints`, `points`, and `point_count` in all cases.  The
existing code did not reset `localpoints` to `NULL` when there were no
private point numbers.  If the previous tuple did have private point numbers
and set `localpoints` to `ALL_POINTS` this would not be cleared and the
wrong branch would be taken later, leading to possible heap buffer overflow.

* src/truetype/ttgxvar.c (tt_face_vary_cvt): Reset `localpoints` to `NULL`
when it isn't valid.

Fixes: https://crbug.com/1284742
2022-01-06 19:13:00 +01:00
Werner Lemberg
2b672e7210 * builds/unix/configure.raw: Restore SYSTEM_ZLIB variable.
This was accidentally removed with commit 93ebcbd0 almost eight years ago.
2022-01-02 18:33:03 +01:00
Alexander Borsuk
4eb6cb8818 Fix warnings for CMake Unity builds.
* src/cache/ftcbasic.c (FT_COMPONENT): Undefine macro before redefinition.
* src/smooth/ftgrays.c (TRUNC, FRACT): Ditto.
2021-12-27 07:48:04 +01:00
Alexander Borsuk
4f35711844 Clang-Tidy warning fixes.
* src/base/ftobjs.c (FT_Get_Paint): Operator has equivalent nested operands.
* src/bdf/bdflib.c (_bdf_add_property): Value stored to `fp` is never read.
* src/sdf/ftbsdf.c (bsdf_init_distance_map): Value stored to `pixel` is
never read.
* src/sdf/ftsdf.c (split_sdf_shape): Value stored to `error` is never read.
2021-12-18 11:09:15 +01:00
Eli Schwartz
d6a5c57727 * meson.build: Optimize lookup for python3 program.
The python module's `find_installation` method is intended to provide
routines for compiling and installing python modules into the
`site-packages` directory.  It does a couple of slow things, including run
an introspection command to scrape sysconfig info from the detected
interpreter, which are not needed for the sole use case of invoking the
found installation as an executable.

Furthermore, when invoked without the name or path of a python binary, it is
hardcoded to always look for `python3` corresponding to the interpreter
meson itself uses to run.  So using `find_installation` did not even allow
detecting `python2` as a fallback.

Instead, switch to a simple `find_program` lookup that finishes as soon as
the program is found.
2021-12-17 10:47:13 +01:00
Eli Schwartz
57fd61805f * builds/meson/*.py: Fix name of python executable for auxiliary scripts.
The previous change to check the return code of `run_command` invocations
caused the CI to fail.  Although most scripts used `python_exe` as the
program command, the script to determine the project version did not.

But, all scripts used `python` as the shebang, and this is not available on
all systems.  Particularly Debian does not provide a `python` command,
though `python3` does exist.  This meant that formerly the version number
was lacking, and now the build simply fails.

Instead, rely on `python3` since it is guaranteed to exist when running
meson, and `python2` is end of life anyway.
2021-12-17 10:45:29 +01:00
Eli Schwartz
e342f83c0b * meson.build: Check the return value of run_command.
By default, errors are not checked and a command that is somehow broken will
just capture incorrect output (likely an empty string).  Current development
versions of meson now raise a warning for this implicit behavior, and advise
explicitly setting the `check:` keyword argumend to determine whether a
failing return code should be considered an error.

Since none of the commands in this project are expected to fail, mark them
as required to succeed.
2021-12-17 10:38:57 +01:00
Alexei Podtelezhnikov
0da2a1155e [truetype] Upstream the hdmx binary search.
* src/truetype/ttobjs.h (TT_SizeRec): Add `widthp` for the hdmx
widths.
* src/truetype/ttobjs.c (tt_size_reset): Initialize `widthp` even
though it might never be used by the interpreter.
* src/truetype/ttgload.c (tt_loader_init): Avoid repeated searches
in the hdmx table.
2021-12-13 11:44:24 -05:00
Alexei Podtelezhnikov
fd03dcc122 [truetype] Reset the IUP-called flags for each subglyph.
This fixes fall-out from 7809007a5b88b15, where the composite
accents were no longer hinted.

* src/truetype/ttgload.c (ttloader_init): Move the IUP-called flag
initialization from here...
* src/truetype/ttinterp.c (TT_Run_Context): ... to here.
2021-12-12 12:29:04 -05:00
Alexei Podtelezhnikov
7add5b2bcb [truetype] Binary search through the hdmx records.
The `hdmx` table is supposed to be sorted by ppem size, which
enables binary search.  We also drop the check for the sufficient
length of the record because it is now enforced when the table
is loaded.

* include/freetype/internal/tttypes.h (TT_FaceRec): Store the `hdmx`
record pointers sorted by ppem instead of ppem's themselves.
* src/truetype/ttpload.c (tt_face_load_hdmx): Prudently sort records.
(tt_face_get_device_metrics): Implement binary search to retrieve
advances.
2021-12-11 22:54:06 -05:00
Alexei Podtelezhnikov
a8ef33e3ae [truetype] Honor FT_LOAD_ADVANCE_ONLY if hdmx is usable.
This simply shortcuts the glyph loading if FT_LOAD_ADVANCE_ONLY
is specified by FT_Get_Advances and the `hdmx` data are located.
Particularly, the classic v35 interpreter or "verified" ClearType
fonts might see 100x speed up in retrieving the hdmx cache.

* src/truetype/ttgload.c (TT_Load_Glyph): Insert the shortcut.
2021-12-11 22:42:46 -05:00
Alexei Podtelezhnikov
6c831d658f [truetype] Initialize the loader with hdmx data.
The `hdmx` matching can be done before the glyph is loaded.

* include/freetype/internal/tttypes.h (TT_LoaderRec): Add a field.
* src/truetype/ttgload.c (compute_glyph_metrics): Relocate the `hdmx`
code from here...
(tt_loader_init): ... to here, before the glyph is loaded.
2021-12-11 22:34:27 -05:00
Alexei Podtelezhnikov
7809007a5b [truetype] Relocate subpixel flag setting.
`TT_RunIns` is too busy to deal with subpixel flags. It is better
to set them in `tt_loader_init`, which is executed before each
glyph program.

* src/truetype/ttinterp.c (TT_RunIns): Move the flag setting from
here...
* src/truetype/ttgload.c (tt_loader_init): ... to here.
2021-12-11 22:22:57 -05:00
Alexei Podtelezhnikov
a35b081ebc [truetype] Limit INSTCTRL appication within specs.
* src/truetype/ttinterp.c (Ins_INSTCTRL): Limit its global effects
to the CVT program and local effects to the glyph program.

This also fixes an Infinality buglet. The `ignore_x_mode` should be
locally unset by the glyph program.
2021-12-11 22:12:25 -05:00
Ben Wagner
bad92be927 [bdf] Fix use of uninitialized value.
In _bdf_readstream if the data contained no newline then the buffer
would continue to grow and uninitialized data read until either the
uninitialized data contained a newline or the buffer reached its
maxiumum size. The assumption was that the line was always too long and
the buffer had been filled, however this case can also happen when there
is not enough data to fill the buffer.

Correct this by properly setting the cursor to the end of the available
data, which may be different from the end of the buffer. This may still
result in one extra allocation, but only on malformed fonts.

* src/bdf/bdflib.c (_bfd_readstream): Correctly update cursor. Remove
unread set of `avail`.

Bug: https://lists.nongnu.org/archive/html/freetype-devel/2021-12/msg00001.html
2021-12-09 17:07:58 -05:00
Alexei Podtelezhnikov
012b00f3e6 [truetype] Reduce Infinality footprint again.
* src/truetype/ttgload.c (compute_glyph_metrics): Streamline and
prioritize the Infinality checks to use `hdmx`.
2021-12-07 10:19:06 -05:00
Cameron Cawley
1f95189875 [builds/windows] Guard some non-ancient API.
We can support Windows 98 and NT 4.0 in principle...

* builds/windows/ftdebug.c, builds/windows/ftsystem.c: Check for the
ancient SDK using _WIN32_WINDOWS, _WIN32_WCE, or _WIN32_WINNT.
2021-12-06 23:08:46 -05:00
Cameron Cawley
9a533aa27f * builds/windows/visualc/freetype.vcproj: Add missing file. 2021-12-06 21:46:47 -05:00
Werner Lemberg
3f83daeecb * Version 2.11.1 released.
==========================

Tag sources with `VER-2-11-1'.

* docs/VERSION.TXT: Add entry for version 2.11.1.
* docs/CHANGES, docs/release: Updated.

* README, src/base/ftver.rc, builds/windows/vc2010/index.html,
builds/windows/visualc/index.html, builds/windows/visualce/index.html,
builds/wince/vc2005-ce/index.html, builds/wince/vc2008-ce/index.html,
docs/freetype-config.1: s/2.11.0/2.11.1/, s/2110/2111/.

* include/freetype/freetype.h (FREETYPE_PATCH): Set to 1.

* builds/unix/configure.raw (version_info): Set to 24:1:18.
* CMakeLists.txt (VERSION_PATCH): Set to 1.

* builds/toplevel.mk (version_tag, CHANGELOG_SCRIPT): New variables.
(do-dist): Generate `ChangeLog` file with all commits since last release.
VER-2-11-1
2021-12-02 13:33:12 +01:00
Alexei Podtelezhnikov
03380482ce [builds/windows] Improve debugging.
* builds/windows/ftdebug.c (FT_Message, FT_Panic): Buffer output
and call `OutputDebugStringA` only if `IsDebuggerPresent`.
[_WIN32_WCE] (OutputDebugStringA): Implement the missing API.
2021-11-29 20:45:07 -05:00
Seigo Nonaka
3b45f564e9 * src/base/ftobjs.c (FT_Request_Metrics): Fix build warning on Android.
Use casts since `FT_USHORT_MAX` is unsigned short in bionic (libc used in
Android).
2021-11-29 18:21:27 +01:00
Alexei Podtelezhnikov
64e26ad3a2 * builds/windows/vc2010/freetype.vcxproj (DlgCopy): Minor tweak. 2021-11-27 22:31:17 -05:00
Alexei Podtelezhnikov
36a905e174 * src/truetype/ttpload.c (tt_face_load_hdmx): Added comments. 2021-11-26 09:15:46 -05:00
Alexei Podtelezhnikov
32f13c11a4 [truetype] Quietly reject out-of-spec hdmx tables.
The `hdmx` table is optional and can be safely rejected without
an error if it does not follow specifications. The record size
must be equal to the number of glyphs + 2 + 32-bit padding.

* src/truetype/ttpload.c (tt_face_load_hdmx): Thoroughly check
the record size and improve tracing.
2021-11-25 22:38:40 -05:00
Alexei Podtelezhnikov
cff026d415 [truetype] Partly revert 5b626281.
Fixes #1118.

* src/truetype/ttpload.c (tt_face_load_hdmx): Do not assume that
`record_size` is rounded even though the records are padded.
2021-11-23 16:05:12 -05:00
Alexei Podtelezhnikov
99086bf224 * builds/windows/vc2010/freetype.vcxproj (DlgCopy): Use transforms. 2021-11-23 16:02:02 -05:00
Werner Lemberg
3cabd142ce Update CHANGES files, other minor whitespace and documentation issues. 2021-11-22 19:58:21 +01:00
Werner Lemberg
81912a1385 formats.txt: Add info about WOFF and WOFF2. 2021-11-21 18:31:53 +01:00
Werner Lemberg
407f31ff87 meson.build: Initialize common_ldflags. 2021-11-21 11:01:59 +01:00
Lukas Oberhuber
896630bed6 * meson.build: Fix compatibility version on MacOS.
Fixes #1117.
2021-11-21 10:41:53 +01:00
Werner Lemberg
a11650d7fa * src/truetype/ttinterp.c (Ins_MD): Avoid FT_ABS.
Reported as

  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=38562
2021-11-21 07:54:49 +01:00
Alexei Podtelezhnikov
f8a4163a45 * include/freetype/fttypes.h (FT_MAKE_TAG): Remove the same casting. 2021-11-20 07:01:26 -05:00
Werner Lemberg
6da5f95fcf [gxvalid] Fix minor compilation warning.
* src/gxvalid/gxvmort5.c (gxv_mort_subtable_type5_subtable_setup): Declare
as static.
2021-11-20 09:29:09 +01:00
Werner Lemberg
f5ce182420 [smooth] Fix stand-alone compilation.
* src/smooth/ftgrays.c (FT_Trace_Enable, FT_Trace_Disable)[STANDALONE_]:
Define.
2021-11-20 07:58:40 +01:00