When matching the keywords, we avoid calculating their lengths by
checking the stored values. This itself is a sufficient pre-check
before diving into `memcmp`. Therefore, we remove explicit check of
the first characters.
* include/freetype/internal/psaux.h (T1_FieldRec): Store length.
* src/cid/cidload.c (cid_parse_dict): Use `memcmp` and stored length.
* src/type1/t1load.c (parse_dict): Ditto.
* src/type42/t42parse.c (t42_parse_dict): Ditto.
* src/cff/cffobjs.c (remove_style): Rewrite using pointers.
(remove_subset_prefix): Unwrap loop and use `memmove`.
* src/truetype/ttobjs.c (tt_skip_pdffont_random_tag): Unwrap loop
and avoid `strlen`.
This also reduces the used heap size by a large factor.
From Behdad.
* src/autofit/afcjk.h (AF_CJKAxisRec): Use `AF_BLUE_STRINGSET_MAX_LEN`.
* src/autofit/aflatin.h (AF_LatinAxisRec): Ditto.
==========================
Tag sources with `VER-2-13-2'.
* docs/VERSION.TXT: Add entry for version 2.13.2.
* docs/CHANGES: Updated.
* docs/release, docs/README, builds/macs/README: Updated.
* README, src/base/ftver.rc, builds/windows/vc2010/index.html,
builds/windows/visualc/index.html, builds/windows/visualce/index.html,
builds/wince/vc2005-ce/index.html, builds/wince/vc2008-ce/index.html,
docs/freetype-config.1: s/2.13.1/2.13.2/, s/2131/2132/.
* include/freetype/freetype.h (FREETYPE_PATCH): Set to 2.
* builds/unix/configure.raw (version_info): Set to 26:1:20.
* CMakeLists.txt (VERSION_PATCH): Set to 2.
`FT_NEW_ARRAY(p, 0)` sets `p` to `NULL`. `FT_Stream_ReadAt` with a
memory based stream uses `FT_MEM_COPY` which is `memcpy` which specifies
that it is undefined behavior for either the `src` or `dst` to be
`NULL`. Instead of forcing all callers work around calling
`FT_Stream_Read` when `buffer == NULL && count == 0` do the check in
`FT_StreamRead`. This allows any call with `count == 0` to succesfully
read zero bytes without UB.
* src/base/ftstream.c (FT_Stream_ReadAt): skip `FT_MEM_COPY` when
`count == 0`. (FT_Stream_TryRead): ditto
Fixes: #1250
The values read into `base_glyphs_offset_v1` and `layer_offset_v1` may
be in the range 0xFFFFFFFD-0xFFFFFFFF. On systems where `unsigned long`
is 32 bits adding 4 to such values will wrap and pass bounds checks but
accessing values at such offsets will be out of bounds.
On the other hand `table_size` has already been tested to be at least
`COLRV1_HEADER_SIZE` (34) so it is safe to subtract 4 from it.
* src/sfnt/ttcolr.c (tt_face_load_colr): subtract 4 from `table_size`
instead of adding 4 to font data offsets in bounds checks
Fixes: https://crbug.com/1469348
This is a fix for commit 85167dbd5, reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=60615
* src/sfnt/sfwoff2.c (MAX_SFNT_SIZE): New macro.
(woff2_open_font): Use it to limit the maximum size of an uncompressed WOFF2
font.
In WOFF the `totalSfntSize` must be correct, however in WOFF2 this value
is now just a hint and a conforming implementation must not reject
otherwise valid data if the `totalSfntSize` turns out not to be exact.
* src/sfnt/sfwoff2.c (woff2_open_font): remove check that uncompressed
woff2 data would fit in the sfnt size guess.
Fixes: #1235
The CFF2 blend operator takes N default values and corresponding
sets of deltas and pushes N values specific to a designspace
location. CFF has a floating point numeric type and the FreeType
blending code was not converting those into its internal 16.16
Fixed type format.
Fixes#1243.
* src/cff/cffparse.c (do_fixed): Handle floating point numbers.
Also fix scaling overflow check for integer-to-fixed conversion.
* src/cff/cffload.c (cff_blend_doBlend): Updated.
This is a follow-up to commit 49c74ac02, which creates a new local variable
"exec = loader->exec", and shortening a lot of "loader->exec". This commit
does two more such changes missed in that first commit.
Signed-off-by: Hin-Tak Leung <htl10@users.sourceforge.net>
`src/gzip/rules.mk` compiles the internal zlib sources even when using the
zlib development files provided by a host system. If the internal zlib
development files are not present, FreeType fails to build from source.
This patch ensures the internal zlib development files are only
prerequisites when not using zlib development files on a host system.
* src/gzip/rules.mk (GZIP_DRV_SRCS): Define conditionally.
This is a refinement of commit 7b3ebb9.
* src/sdf/ftsdfrend.c (ft_sdf_render): Goto 'Exit' instead of directly
returning.
(fd_bsdf_render): Ditto, also taking care of setting `FT_GLYPH_OWN_BITMAP`
correctly.
`FT_Fixed` and `FT_Long` are both typedef'ed to be `signed long`. However,
`FT_Fixed` implies that the lower 16 bits are being used to express
fractional values and so these two types should not be confused.
* include/freetype/internal/services/svmm.h (FT_Set_MM_Blend_Func): Use
`FT_Fixed` for `coords`. Users are passing `FT_Fixed` and implementations
are taking `FT_Fixed`.
(FT_Get_MM_Blend_Func): Ditto.
* src/autofit/afcjk.c (af_cjk_metrics_check_digits): Use `FT_Long` for
`advance` and `old_advance`. `advance`'s address is passed as `FT_Long*` to
`af_shaper_get_elem`, which writes the advance in em units (not fixed). The
exact value is not important here as it is only compared to check whether it
has changed.
* src/autofit/aflatin.c (af_latin_metrics_check_digits): Ditto.
In C it is undefined behavior to call a function through a function pointer
of a different type. This is now detected by the Control Flow Integrity
Sanitizer. All known issues have already been fixed. Prevent any
accidental re-introduction by removing function pointer casts when defining
services. The services will call the service functions through the function
pointers on the service. As a result the functions must have the same type
so there should be no need to cast. Removing the casts allows compilers to
warn about assignment to an incompatible function pointer type.
`deltaSet` is an array of packed integers that can be 32 bits, 16 bits, or
8 bits. Before this change, these values were unpacked to 32-bit integers.
However, this can cause big heap allocations, e.g., around 500 KByte for
'NotoSansCJK'. To reduce this amount, store the packed integers and unpack
them just before passing to the calculation. At calculation time, due to
the variable length of region indices, temporary heap allocations are
necessary. This heap allocation is not negligible and visible in `ftbench`
results. So, use stack-allocated arrays for short array calculations.
Fixes#1230.
* include/freetype/internal/ftmmtypes.h (GX_ItemVarDataRec): New fields
`wordDeltaCount` and `longWords`.
* src/truetype/ttgxvar.c (tt_var_load_item_variation_store): Load packed
data.
(tt_var_get_item_delta): Unpack data before applying.
Modern color fonts often contain both an 'SVG' and 'COLR' table. FreeType
always preferred 'SVG' over 'COLR' (this was a design decision), however,
this might not be the right choice for the user. The new flags makes
FreeType ignore the 'SVG' table while loading a glyph.
Fixes#1229.
* include/freetype/freetype.h (FT_LOAD_NO_SVG): New macro.
* src/base/ftobjs.c (FT_Load_Glyph), src/cff/cffgload.c (cff_slot_load),
src/truetype/ttgload.c (TT_Load_Glyph): Use it.
