If memory allocations fail at certain points while opening a font,
FreeType can either crash due to a NULL dereference or leak memory.
* include/freetype/internal/ftobjs.c (FT_Face_InternalRec,
FT_LibraryRec): Make `refcount' a signed integer. If, for example,
FT_Open_Face() fails in a memory allocation before the face's
reference count is set to 1, a subsequent `FT_Done_Library' call
would otherwise loop over `FT_Done_Face' 2^32 times before freeing
the face.
* src/base/ftobjs.c (open_face): Initialize `stream' and friends
earlier.
(FT_Open_Face) <Fail>: Behave correctly if `node' is NULL.
(FT_Destroy_Module) <Fail>: Check that `renderer_clazz' is valid.
* include/freetype/internal/ftdebug.h: Remove pragmas.
* include/freetype/internal/ftserv.h: Use push and pop for pragmas.
* include/freetype/internal/ftvalid.h: Handle warning C4324.
* src/base/ftobjs.c: Use push and pop for pragmas.
* src/gzip/ftgzip.c: Handle warning C4244.
* src/base/ftobjs.c: Fix typo in MS pragma.
* src/base/bdflib.c (_bdf_set_default_spacing, _bdf_add_property):
`lineno' is only used in debug mode.
* src/cff/cf2ft.c (cf2_builder_moveTo): `params' is only used in
debug mode.
http://cppcheck.sourceforge.net/
Note that the current version heavily chokes on FreeType, delivering
even wrong results. I will report those issues to the cppcheck team
so that a newer version gives improved results hopefully.
*/* Improve variable scopes.
*/* Remove redundant initializations which get overwritten.
* src/base/ftmac.c ,builds/mac/ftmac.c (count_faces_scalable):
Remove unused variable.
* src/base/ftdbgmem.c (ft_mem_table_destroy): `table' can't be zero.
* src/gxvalid/gxvkern.c (gxv_kern_subtable_fmt1_entry_validate):
Remove functionless code.
* src/tools/ftrandom.c (main): Fix memory leak.
A new load flag, FT_LOAD_COLOR, makes FreeType load color
embedded-bitmaps, following this draft specification
https://color-emoji.googlecode.com/git/specification/v1.html
which defines two new SFNT tables, `CBDT' and `CBLC' (named and
modeled after `EBDT' and `EBLC', respectively). The color bitmaps
are stored in the new FT_PIXEL_MODE_BGRA format to represent BGRA
pre-multiplied sRGB images. If PNG support is available, PNG color
images as defined in the same proposed specification are supported
also.
Note that color bitmaps are converted to grayscale if client didn't
ask for color.
* builds/unix/configure.raw: Search for libpng.
Add `--without-png' option.
* devel/ftoption.h, include/freetype/config/ftoption.h
(FT_CONFIG_OPTION_USE_PNG): New macro.
* include/freetype/freetype.h (FT_LOAD_COLOR): New load flag.
* include/freetype/ftimage.h (FT_Pixel_Mode): Add
`FT_PIXEL_MODE_BGRA'.
* include/freetype/tttags.h (TTAG_CBDT, TTAG_CBLC): New tags.
* src/base/ftbitmap.c (FT_Bitmap_Embolden): Updated.
(ft_gray_for_premultiplied_srgb_bgra): New function.
(FT_Bitmap_Convert): Handle FT_PIXEL_MODE_BGRA.
* src/sfnt/pngshim.c, src/sfnt/pngshim.h: New files.
* src/sfnt/sfnt.c: Include `pngshim.c'.
* src/sfnt/ttsbit.c: Include FT_BITMAP_H and `pngshim.h'
(tt_face_load_eblc): Load `CBLC'.
(tt_sbit_decoder_init): Load `CBDT'.
(tt_sbit_decoder_alloc_bitmap): Pass load flags to select between
color and grayscale bitmaps.
Set `num_grays'. This is used by `ftview' to choose the blending
algorithm.
(tt_sbit_decoder_load_byte_aligned,
tt_sbit_decoder_load_bit_aligned, tt_sbit_decoder_load_compound,
tt_sbit_decoder_load_image): Pass load flag.
s/write/pwrite/.
Don't call `tt_sbit_decoder_alloc_bitmap'.
Updated.
(tt_sbit_decoder_load_png) [FT_CONFIG_OPTION_USE_PNG]: New function.
(tt_sbit_decoder_load_bitmap): Pass load flag.
Handle new glyph formats 17, 18, and 19.
Call `tt_sbit_decoder_alloc_bitmap'.
Flatten color bitmaps if necessary.
(tt_face_load_sbit_image): Updated.
* src/sfnt/rules.mk (SFNT_DRV_SRC): Add `pngshim.c'.
* docs/CHANGES: Updated.
* src/base/ftcalc.c (FT_DivFix): Use unsigned values for
computations which use the left shift operator and convert to signed
as the last step.
* src/base/fttrigon.c (ft_trig_prenorm, FT_Vector_Rotate,
FT_Vector_Length, FT_Vector_Polarize): Ditto.
* src/cff/cffgload.c (cff_decoder_parse_charstrings): Simplify.
* src/cff/cffload.c (cff_subfont_load): Fix constant.
* src/cff/cffparse.c (cff_parse_integer, cff_parse_real, do_fixed,
cff_parse_fixed_dynamic): Use unsigned values for computations which
use the left shift operator and convert to signed as the last step.
* src/cid/cidload.c (cid_get_offset): Ditto.
* src/psaux/psconv.c (PS_Conv_ToFixed): Ditto.
* src/psaux/t1decode.c (t1_decoder_parse_charstrings): Ditto.
* src/truetype/ttinterp.c (TT_MulFix14, TT_DotFix14): Ditto.
Use `FT2_DEBUG=bitmap:3' for tracing.
* src/base/md5.c, src/base/md5.h: New files, taken from
http://openwall.info/wiki/people/solar/software/public-domain-source-code/md5
* include/freetype/internal/fttrace.h: Add `bitmap'.
* src/base/ftobjs.c [FT_DEBUG_LEVEL_TRACE]: Include `md5.c'
(FT_Render_Glyph_Internal) [FT_DEBUG_LEVEL_TRACE]: For tracing,
convert resulting bitmap to a uniform format and compute a checksum.
Use `bitmap' category for the tracing message.
* src/base/rules.mk (BASE_H): Updated.
* docs/LICENSE.TXT: Updated.
This is essentially a mechanical conversion, adding inclusion of
`FT_INTERNAL_DEBUG_H' where necessary, and providing the macros for
stand-alone compiling modes of the rasterizer modules.
To convert the remaining occurrences of FT_Err_XXX and friends it is
necessary to rewrite the code. Note, however, that it doesn't harm
if some cases are not handled since FT_THROW is a no-op.
The idea is to replace code like
return FT_Err_Foo_Bar;
or
return CFF_Err_Foo_Bar;
with
return FT_THROW( Foo_Bar );
The FT_THROW macro has two functions:
. It hides the module specific prefix.
. In debug mode, it calls the empty function `FT_Throw' which can
be thus used to set a breakpoint.
* include/freetype/internal/ftdebug.h (FT_THROW): New macro.
(FT_Throw): New prototype.
* src/base/ftdebug.c (FT_Throw): New function.
* src/base/ftbbox.c (BBox_Cubic_Check): New bisecting algorithm
for extremum search built around simple condition that defines
which half contains the extremum.
* include/freetype/fttrigon.h (FT_Hypot): Declare it.
* src/base/fttrigon.c (FT_Hypot): Define it.
* src/truetype/ttgload.c (TT_Process_Composite_Component): Use it
instead of explicit expressions.
* src/truetype/ttinterp.c (Current_Ratio, Normalize): Use it instead
of TT_VecLen.
(TT_VecLen): Removed.
The recent optimizations of CORDIC iterations drastically reduce
the expansion factor. The vector components with MSB of 29 are now
safe from overflow.
* src/base/fttrigon.c (FT_TRIG_SAFE_MSB): New macro.
(ft_trig_prenorm): Use it and remove dead code.
* src/base/fttrigon.c: Document the algorithm in a large comment.
(FT_TRIG_COSCALE): Remove macro.
(FT_Tan: Use `FT_TRIG_SCALE' instead.
(FT_Cos, FT_Vector_Unit): Ditto and round the return values.
After we get within 45 degrees by means of true 90-degree rotations,
we can remove initial 45-degree CORDIC iteration and start from
atan(1/2) pseudorotation, reducing expansion factor thereby.
* src/base/fttrigon.c (FT_TRIG_SCALE, FT_TRIG_COSCALE): Update macros.
(ft_trig_pseudo_rotate, ft_trig_pseudo_polarize): Update.
* src/tools/cordic.py: Bring up to date with trigonometric core.
* docs/CHANGES: Old typo.
Problem reported by Robin Watts <robin.watts@artifex.com>.
* src/base/ftoutln.c (FT_Outline_New_Internal): Ensure that
`numContours' and `numPoints' fit into FT_Outline's `n_points' and
`n_contours', respectively.
