Fixes#1164 by using a volatile variable around `setjmp`. It is hard to
say how this fixes crashes related to certain link-time optimizations.
This does not decrease the rendering performance.
* src/smooth/ftgrays.c (gray_convert_glyph_inner): Use volatile `error`.
* include/freetype/freetype.h (FT_GlyphSlotRec_): update doc
* src/cff/cffgload.c (cff_slot_load): do it
* src/truetype/ttgload.c (TT_Load_Glyph): do it
Fixes: #1156
This issue was discovered with an SVG based font with some documents
compressed and other uncompressed. After loading the first compressed
document the ownership flag on the glyph slot was set to true but never
set to false. As a result after loading a compressed document a glyph
from an uncompressed document would load fine, but when this glyph slot
was cleared it would try to free its document resulting in a wild free.
* src/base/ftobjs.c (ft_glyphslot_clear): clear correct flags
Fixes: #1162
* include/freetype/internal/ftmmtypes.h (FT_ItemVarDelta): Define type
to be used for delta arrays, upgrade to FT_long.
* src/truetype/ttgxvar.c: Adhere to long_words bit and read either
Short/Byte pairs or Long/Short pairs, as defined by spec. For better
readability, define macro for repetitive read code.
* truetype/ttgxvar.c (tt_hvadvance_adjust, tt_apply_mvar,
tt_var_get_item_delta): Remove special 0xFFFF handling in favor of less
redundant handling inside the tt_var_get_item_delta function, as it is
equivalent to returning a 0 delta. Avoids code-duplication checking for
special value 0xFFFF.
This is a preparation for handling `DeltaSetIdxMap` and `VarStore` as a
FreeType service.
* src/truetype/ttgxvar.c (ft_var_done_delta_set_index_map): New function.
(tt_done_blend): Use it.
This was introduced in OpenType 1.8.4.
* src/truetype/ttgxvar.c (ft_var_load_delta_set_index_mapping,
tt_hvadvance_adjust, ft_var_load_mvar, tt_apply_mvar): Handle special
inner/outer index values.
(ft_var_load_item_variation_store): Add test.
Fixes#1154.
==========================
Tag sources with `VER-2-12-1'.
* docs/VERSION.TXT: Add entry for version 2.12.1.
* docs/CHANGES, docs/release: Updated.
* README, src/base/ftver.rc, builds/windows/vc2010/index.html,
builds/windows/visualc/index.html, builds/windows/visualce/index.html,
builds/wince/vc2005-ce/index.html, builds/wince/vc2008-ce/index.html,
docs/freetype-config.1: s/2.12.0/2.12.1/, s/2120/2121/.
* include/freetype/freetype.h (FREETYPE_PATCH): Set to 1.
* builds/unix/configure.raw (version_info): Set to 24:3:18.
* CMakeLists.txt (VERSION_PATCH): Set to 1.
* src/sdf/ftsdfrend.c (ft_sdf_render, ft_bsdf_render): Return `FT_Err_Ok` if
width or height is zero, since some glyphs do not generate visible bitmaps.
Fixes#1150.
Fixes#1148 by moving the flag initialization back, partly reverting
7809007a and fd03dcc1. Initializing these flags elsewhere skips 'cvt'.
* src/truetype/ttinterp.c (TT_RunIns): Initialize the IUP flag here...
(TT_Run_Context): ... instead of here.
==========================
Tag sources with `VER-2-12-0'.
* docs/VERSION.TXT: Add entry for version 2.12.0.
* docs/CHANGES, docs/release: Updated.
* README, src/base/ftver.rc, builds/windows/vc2010/index.html,
builds/windows/visualc/index.html, builds/windows/visualce/index.html,
builds/wince/vc2005-ce/index.html, builds/wince/vc2008-ce/index.html,
docs/freetype-config.1: s/2.11.1/2.12.0/, s/2111/2120/.
* include/freetype/freetype.h (FREETYPE_MINOR): Set to 12.
(FREETYPE_PATCH): Set to 0.
* builds/unix/configure.raw (version_info): Set to 24:2:18.
* CMakeLists.txt (VERSION_MINOR): Set to 12.
(VERSION_PATCH): Set to 0.
* builds/toplevel.mk (do-dist): Generate `ChangeLog` entries for all commits
since version 2.11.0 (when we stopped creating this file manually).
This is another bit to handle 'sbix' tables as described in the OpenType
specification.
* include/freetype/ftparams.h (FT_PARAM_TAG_IGNORE_SBIX): New macro.
* src/sfnt/sfobjc.c (is_apple_sbix): Rename to...
(has_sbix): ... this.
Check for more sbit tables.
Handle `FT_PARAM_TAG_IGNORE_SBIX` to eventually control `has_sbix`.
Only call sbit table loader if an sbit table is present.
* src/sfnt/ttsbit.c (tt_face_load_sbix_image): Correct calculation of
'metrics->horiBearingY'.
Set vertical metrics.
* src/sfnt/sfobjs.c (sfnt_load_face): Adjust setting of `FT_FACE_FLAG_SBIX`.
Handle metrics of fonts with 'sbix' table.
* src/truetype/ttgload.c (TT_Load_Glyph): For 'sbix' embedded bitmaps, apply
bbox offset and bearing values of the corresponding glyph in the 'glyf'
table if it exists and has a contour.
* src/truetype/ttobjs.c (tt_face_init): Handle font with 'sbix' table.
Fixes issue #998.
Fonts with 'sbix' tables need special handling by the application.
* include/freetype/freetype.h (FT_FACE_FLAG_SBIX, FT_HAS_SBIX): New macros.
* src/sfnt/sfobjs.c (sfnt_load_face): Set `FT_FACE_FLAG_SBIX` if 'sbix'
table is present.
In the woff2 spec it has been proposed to allow the OVERLAP_SIMPLE flag
to be retained through the woff2 format [0].
[0] https://www.w3.org/TR/WOFF2/#glyf_table_format
* src/sfnt/sfwoff2.h (GLYF_OVERLAP_SIMPLE): add glyf flag.
* src/sfnt/sfwoff2.c (reconstruct_glyf): parse optionFlags and
overlapSimpleBitmap[]. (store_points): set OVERLAP_SIMPLE on first point's
flag if the overlap bit is set.
* src/sdf/ftsdf.c (sdf_generate_bounding_box): Always check for a corner if
two distances (for different curves) are very close.
(sdf_conic_to): Check whether the conic curve can be treated as a line
(which happens if the control point coincides with any end point).
* src/sdf/ftsdf.c (split_sdf_cubic, split_sdf_shape): Add checks to figure
out the deviation of Bezier curves and stop splitting if the curve is flat
enough.
* src/sdf/ftsdfcommon.h (ONE_PIXEL): New macro.
The `SVG_DOCUMENT_LIST_MINIMUM_SIZE` macro is non trivial and not
protected by parentheses. As a result, the expression
`table_size - SVG_DOCUMENT_LIST_MINIMUM_SIZE` expands to
`table_size - 2U + SVG_DOCUMENT_RECORD_SIZE` instead of the expected
`table_size - (2U + SVG_DOCUMENT_RECORD_SIZE)`. This causes an incorrect
bounds check which may lead to reading past the end of the `SVG ` table.
* src/sfnt/ttsvg.c (tt_face_load_svg): wrap macro definitions in
parentheses.
Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=45179
It is possible for OtherSubr 19 to be invoked when `decoder->buildchar` is
NULL (so that `decoder->len_buildchar` is 0), the `blend` is non-NULL with
`blend->num_designs` set to 2, and the user supplied `idx` to be large (for
example 0xFFFFFFFE). Since these are all `FT_UInt32` the existing bounds
check overflows in a well defined manner, allowing for an invalid call to
`memcpy`.
In addition, it is possible to call OtherSubr 19 with
`decoder->len_buildchar`, `blend->num_designs`, and `idx` all zero (implying
that `blend->weight_vector` and `decoder->buildchar` are NULL). This passes
the bounds check (it is logically always fine to copy nothing starting at
index zero) but may invoke undefined behavior in `ft_memcpy` if it is backed
by `memcpy`. Calling `memcpy` with either the `src` or `dst` NULL is
undefined behavior (even if `count` is zero).
* src/psaux/psintrp.c (cf2_interpT2CharString): Correctly check that
`blend->num_designs` can be copied to `decoder->buildchar[idx]`.
Also avoid passing NULL to `ft_memcpy`.
Bug: https://crbug.com/1299259
Before the change, the hinting engine frequently confused horizontal
stem and serif hints making some stems too thin and some serifs too
thick. The value was tuned using serif fonts from the URW+ base 35
collection.
* src/pshinter/pshalgo.c [PSH_STRONG_THRESHOLD_MAXIMUM]: s/30/12/.
Since Type42 fonts don't have a 'Private' dictionary, the return value
should be `FT_Err_Invalid_Argument`.
* src/type42/t42drivr.c (t42_ps_get_font_private): Removed.
(t42_service_ps_info): Updated.
In PS hinter, memory allocations persist until the module is done.
Therefore, we have to clear reused masks.
* src/pshinter/pshrec.c (ps_mask_table_alloc): Clear reused mask.
We forgot to update the number of bits when merging a larger mask
into a smaller one. This fix might have rendering effects.
* src/pshinter/pshrec.c (ps_mask_table_merge): Inherit the number
of bits from a larger mask. There is no need to zero unused bits,
already zeroed during allocation.
(ps_mask_clear_bit): Removed.
(ps_mask_ensure): Minor.
