Instead of validating variation axes in every access, OpenType specs
suggest that peak = 0 be used to tag invalid ranges. This implements
just that once during loading.
* src/cff/cffload.c (cff_blend_build_vector): Move the range checks...
(cff_vstore_load): ... here.
* src/truetype/ttgxvar.c (tt_var_get_item_delta): Ditto...
(tt_var_load_item_variation_store): ... ditto.
This should achieve quicker results for common cases.
* src/cff/cffload.c (cff_blend_build_vector): Rearrange conditionals.
* src/truetype/ttgxvar.c (tt_var_get_item_delta): Ditto.
For default variable instances `cff_face_init` did not set the blend. This
mostly worked as later use of the unset blend produced the default
variation. However, if a user called `TT_Get_MM_Var` the blend would be
partially set up, but not fully. In particular the number of axes, the axis
definitions, and the instance locations would be set up, but not the current
instance location (`coords` and `normalizedcoords`). This could lead to the
default instances of CFF2 fonts erroring on any use of `blend`.
Ensure the default variable instance is fully set up by always calling
`FT_Set_Named_Instance` on a variable face.
* src/cff/cffobjs.c (cff_face_init): Call `FT_Set_Named_Instance` on
default instances.
* src/truetype/ttobjs.c (tt_face_init): Ditto.
Fixes#1268.
This is a follow-up to commit 26a7f047,
[cff] Make blend operator work with floats in private dicts.
which addressed the 'party baseline' bug. However, the reporting user
indicated that the default location and some other points in design space
rendered OK, but other points in design space still had problems. The most
obvious issue being that the x-heights of lower-case letters did not align;
see
https://github.com/adobe-fonts/source-serif/issues/121#issuecomment-1773794136
After some analysis we determined that this was due to an interaction
between `BlueValue` rounding and the zone-based algorithm. In short, for a
point to be considered in a zone it must fall within the bounds of the zone.
(There is a slop factor in some cases, but only a very small one.) In the
Adobe-contributed side of the code, point values are not integer-rounded,
instead they're kept as (some form of) fixed. Rounding just the `BlueValues`
means that points that need to be considered within a zone will fall outside
of it at some points in design space.
The majority of this patch changes the storage and parsing of `BlueValues`
to keep them as `FT_Fixed`. No significant code changes were needed because
the values are converted to `Fixed` anyway when stored in `CF_BlueRec`. No
attempt was made to address problems in the older pshinter code beyond
converting the values from `FT_Fixed` to `FT_Short` when copying the private
dictionary. (However, as the point values are also rounded in that code,
the problem is much less likely to occur, although inconsistency between
rounding and truncation could cause an analogous problem.)
* include/freetype/internal/cfftypes.h (CFF_PrivateRec): Use `FT_Fixed` for
`blue_values`, `other_blues`, `family_blues`, and `family_other_blues`.
* src/cff/cffload.c (cff_blend_doBlend): Updated.
* src/cff/cffobjs.c (CFF_fixedToInt): New macro.
(cff_make_private_dict): Use it.
* src/cff/cffparse.h (cff_kind_delta_fixed): New enum value.
* src/cff/cffparse.c (do_fixed): Updated.
(CFF_FIELD_DELTA, CFF_FIELD_DELTA_FIXED, CFF_DELTA_KIND): New set of macros,
replacing `CFF_FIELD_DELTA`.
(cff_parser_run): Updated to handle fixed-float deltas.
* src/cff/cfftoken.h: Updated to use `CFF_FIELD_DELTA_FIXED` for blue
values.
* src/psaux/psblues.c (cf2_blueToFixed): Removed, no longer needed.
(cf2_blues_init): Updated.
* src/pxaux/psft.c, src/pxaux/psft.h (cf2_getBlueValues, cf2_getOtherBlues,
cf2_getFamilyBlues, cf2_getFamilyOtherBlues): Updated signatures.
* src/psaux/psobjs.c (t1_make_subfont): Updated.
* src/cff/cffobjs.c (remove_style): Rewrite using pointers.
(remove_subset_prefix): Unwrap loop and use `memmove`.
* src/truetype/ttobjs.c (tt_skip_pdffont_random_tag): Unwrap loop
and avoid `strlen`.
The CFF2 blend operator takes N default values and corresponding
sets of deltas and pushes N values specific to a designspace
location. CFF has a floating point numeric type and the FreeType
blending code was not converting those into its internal 16.16
Fixed type format.
Fixes#1243.
* src/cff/cffparse.c (do_fixed): Handle floating point numbers.
Also fix scaling overflow check for integer-to-fixed conversion.
* src/cff/cffload.c (cff_blend_doBlend): Updated.
In C it is undefined behavior to call a function through a function pointer
of a different type. This is now detected by the Control Flow Integrity
Sanitizer. All known issues have already been fixed. Prevent any
accidental re-introduction by removing function pointer casts when defining
services. The services will call the service functions through the function
pointers on the service. As a result the functions must have the same type
so there should be no need to cast. Removing the casts allows compilers to
warn about assignment to an incompatible function pointer type.
Modern color fonts often contain both an 'SVG' and 'COLR' table. FreeType
always preferred 'SVG' over 'COLR' (this was a design decision), however,
this might not be the right choice for the user. The new flags makes
FreeType ignore the 'SVG' table while loading a glyph.
Fixes#1229.
* include/freetype/freetype.h (FT_LOAD_NO_SVG): New macro.
* src/base/ftobjs.c (FT_Load_Glyph), src/cff/cffgload.c (cff_slot_load),
src/truetype/ttgload.c (TT_Load_Glyph): Use it.
Ensure that all driver functions use the signature of the service or driver.
This avoids pointer mismatches, which are technically undefined behaviour.
Recent compilers are more picky in catching them as part of Control Flow
Integrity tests.
A variation font's PostScript name of a named instance is usually different
from the PostScript name of an unnamed instance. However, if a change
between a named instance and an unnamed instance with exactly the same
design axis values happened, it was possible that the PostScript name wasn't
correctly updated.
This commit reorganizes the code to handle this issue within the top-level
API functions, using a new service to trigger recomputation of the
PostScript name.
* include/freetype/internal/services/svmm.h (FT_Construct_PS_Name_Func): New
typedef.
(FT_Service_MultiMasters): New field `construct_ps_name`.
(FT_DEFINE_SERVICE_MULTIMASTERSREC): Updated.
* src/base/ftmm.c (FT_Set_Var_Design_Coordinates,
FT_Set_MM_Blend_Coordinates, FT_Set_Var_Blend_Coordinates): Call
`mm->construct_ps_name` to handle `postscript_name`.
(FT_Set_Named_Instance): Call `mm->construct_ps_name` to handle
`postscript_name`.
Use shortcut.
* src/cff/cffdrivr.c (cff_construct_ps_name): New function.
(cff_service_multi_masters): Updated.
* src/truetype/ttgxvar.c (tt_set_mm_blend): Don't handle `postscript_name`.
(TT_Set_MM_Blend): Simplify.
(TT_Set_Named_Instance): Return -1 if axis values haven't changed.
Don't set `face_index`.
(tt_construct_ps_name): New function.
* src/truetype/ttgxvar.h: Updated.
* src/truetype/ttdriver.c (tt_service_gx_multi_masters): Updated.
* src/type1/t1driver.c (t1_service_multi_masters): Updated.
* src/type1/t1load.c (T1_Set_MM_Blend): Simplify.
According to the documentation, the functions `FT_Set_Named_Instance`,
`FT_Set_MM_Design_Coordinates`, `FT_Set_Var_Design_Coordinates`, and
`FT_Set_Var_Blend_Coordinates` can unset the `FT_FACE_FLAG_VARIATION` flag.
(The same is true for `FT_Set_MM_WeightVector` but this information was
accidentally omitted from the documentation.)
However, if a call of these functions didn't change the axis values this
could fail because internal shortcuts exited too early.
This commit reorganizes the code to handle `FT_FACE_FLAG_VARIATION` in the
top-level API functions, also taking care of the issue at hand.
* src/base/ftmm.c (FT_Set_MM_Design_Coordinates, FT_Set_MM_WeightVector,
FT_Set_Var_Design_Coordinates, FT_Set_MM_Blend_Coordinates,
FT_Set_Var_Blend_Coordinates): Handle `FT_FACE_FLAG_VARIATION`.
* src/truetype/ttgxvar.c (TT_Set_MM_Blend, TT_Set_Var_Design,
TT_Set_Named_Instance) Don't handle `FT_FACE_FLAG_VARIATION`.
* src/type1/t1load.c (T1_Set_MM_Blend, T1_Set_MM_WeightVector,
T1_Set_MM_Design): Ditto.
* src/cff/cffobjs.c (cff_face_init): Use `FT_Set_Named_Instance` instead of
low-level functions.
* src/truetype/ttobjs.c (tt_face_init): Ditto.
The situation can happen if `FT_New_Face` (or one of its siblings) is called
with a negative index to get the number of contained faces, followed
immediately by a call to `FT_Get_Postscript_Name`. While this is not a valid
use of the FreeType library there is no need for a crash.
Fixes#1219.
This is a generalization of commit
```
commit e6699596af5c5d6f0ae0ea06e19df87dce088df8
Author: Werner Lemberg <wl@gnu.org>
Date: Thu Feb 2 11:38:04 2017 +0100
[truetype] Fix MVAR post-action handling.
```
It is also possible for plain `CFF ` style fonts to contain an `fvar` and
`MVAR` table and use `cff_metrics_adjust`. `tt_size_reset` should only be
called with `TT_Size` and never with `CFF_Size`.
Allow the "metrics-variations" service to specify the correct function (if
any) to reset `FT_Size`s after adjusting metrics.
* src/truetype/ttobjs.c (tt_size_reset): Split off some functionality
into...
(tt_size_reset_height): ... this new function.
* src/truetype/ttdriver.c (tt_service_metrics_variations): Add
`size_reset`.
(tt_size_select, tt_size_request): Updated.
* src/truetype/ttobjs.h: Updated.
* include/freetype/internal/services/svmetric.h (MetricsVariations): Add
`size_reset`.
(FT_DEFINE_SERVICE_METRICSVARIATIONSREC): Updated.
* include/freetype/internal/tttypes.h (TT_FaceRec_): Rename `var` to
`tt_var` and add `face_var`.
* src/cff/cffdrivr.c (cff_service_metrics_variations): Add `size_reset`.
(cff_hadvance_adjust, cff_metrics_adjust): Updated.
* src/cff/cffobjs.c (cff_face_init): Use `face_var`.
* src/sfnt/sfobjs.c (sfnt_init_face): Initialize `face_var`.
* src/sfnt/ttmtx.c (tt_face_get_metrics): Use `tt_var`.
* src/truetype/ttgxvar.c (tt_size_reset_iterator): Renamed to...
(ft_size_reset_iterator): ... this new function.
Call `size_reset`.
(tt_apply_mvar): Pass `size_reset` to `ft_size_reset_iterator`.
Fixes#1211
This is mostly cosmetic because FT_UInt and FT_UInt32 are likely identical.
* src/sfnt/ttcmap.c, src/cff/cffcmap.c, src/psaux/t1cmap.c,
src/psnames/psmodule.c, include/freetype/internal/service/svpcsmap.h,
src/pfr/pfrcmap.c, src/winfonts/winfnt.c (*_char_next): return FT_UInt.
* src/cff/cffparse.c (cff_parser_run): Allocate the charstring buffers
and the list nodes together so that they can be freed at once.
(finalize_t2_strings): Removed as no longer needed.
(cff_parser_done): Updated.
The old stream limit checks, before 6986ddac1ece, were good but
pointless for the crafted t2_strings. Checking limits there is
not necessary as they are created to hold all data. By using two
conditions, we can detect the actual crossing of the stream boundary
as appropriate for the stream pointer only. The t2_strings parsing
will not be triggering these checks.
* src/cff/cffparse.c (cff_parser_within_limits): Removed.
(cff_parse_real, cff_parse_integer): Redesign the stream limit check.
(cff_parse_num, do fixed, cff_parse_fixed_dynamic): Update callers.
* src/cff/cffparse.c (finalize_t2_strings): Fix NULL-dereferencing
in the out-of-memory situation, use `FT_FREE`.
(cff_parser_run): Use FreeType memory allocation macros and avoid
uninitialized pointers.
This is unnecessary for predefined standard and expert encodings.
Even for custom encodings the arrays might be already zeroed when
CFF_FontRec is created but we keep it just in case.
Otherwise we get zillions of clang 15 warnings.
* src/autofit/afcjk.c, src/autofit/afhints.c, src/autofit/aflatin.c,
src/base/ftobjs.c, src/base/ftoutln.c, src/cff/cffparse.c,
src/raster/ftraster.c, src/sfnt/pngshim.c, src/truetype/ttgload.c,
src/truetype/ttgxvar.c, src/truetype/ttobjs.c, src/type1/t1gload.c: Use
`double` cast in debugging and tracing macros.
Use pre-calculated scaling factors. Also, the advance widths used
to be rounded, which was incorrect.
* src/cff/cffgload.c (cff_slot_load): Use `x_scale` and `y_scale`.
* src/truetype/ttgload.c (TT_Load_Glyph): Ditto.
This ancient option stayed completely undocumented. Given that the 'cff'
driver requires the 'psnames' module, it makes no sense today to have this
macro.
* src/cff/cffdrivr.c (cff_services), src/cff/cffobjs.c (cff_face_init):
Remove corresponding conditional code.
* include/freetype/freetype.h (FT_GlyphSlotRec_): update doc
* src/cff/cffgload.c (cff_slot_load): do it
* src/truetype/ttgload.c (TT_Load_Glyph): do it
Fixes: #1156
