Re: [ft-devel] Amalgamation details

[Vinnie]

> From: Alan Coopersmith <address@hidden>


> Do you know where most of the FreeType security issues in the past few years
> has been found?   By people trying to hack smartphones via downloads of
> malicious PDF's or opening webpages with bad webfonts.

That's
 only a vulnerability of the application in question allows loading of 
arbitrary fonts. For the case where an application simply wants hinted 
output of its own font used in a user interface, with the entire font 
file embedded in the application as static data or a resource (100% of 
my users) there is no issue!

> Of course, those smartphone OS'es are providing system font rendering using
> FreeType so you don't have to shove in another copy there.

I
 agree and its on my to-do list to refine the amalgamation so that it 
detects and uses the system provided library on environments where it 
exists. This behavior will be overridable with a configuration macro, for those 
people who have built a rich GUI on top of a hinted 
font and did all their testing with a specific version of FreeType, and 
don't want to be exposed to a bug in a shared FreeType library making 
their application look bad (for example, a defect discovered in the auto
 hinter).

The end-game is to build rich open source 
GUI components on top of the FreeType amalgamation which will seamlessly 
provide FreeType either through the amalgamated sources or the system provided 
libraries (at the programmer's option), 
with the ability to distribute these GUI components without external 
dependencies (by including the amalgamation in the source distribution). All 
this, with no Makefiles or platform specific configuration required. In other 
words, for dummies.

Of
 course it is worth repeating once again this use-case is contemplated 
ONLY FOR FONTS EMBEDDED IN THE APPLICATION and not for fonts which come 
from external files!

I know this is a difficult concept for a lot of people who have no experience 
writing shrink-wrapped applications (which seem to be going the way of the 
Dodo) so here is an example (again):

http://m.artician.com/pu/3G665GVDE5WXL3A7SOS6MP4RCOI6MJHB.preview.jpeg

This is GUI for an audio plugin. These plugins typically have compact 
interfaces with small text, which is a great candidate for hinting. A plugin 
author can choose a good hinted font, embed it in their application (using a 
command tool that converts a binary file into a giant C-style static array), 
and then use FreeType to draw the font and get nice output at the small sizes. 
The benefit of using a statically linked FreeType is that you can design your 
interface, test it against the specific FreeType version, and then be assured 
that no matter what the user has on their system in terms of FreeType 
libraries, the application or plugin appearance will not change.

Most audio plugins are built on JUCE (http://rawmaterialsoftware/juce.php) 
which is specifically tuned for making it easy to write cross platform user 
interfaces and audio plugins in particular. For this reason, I have built a 
class that works with the JUCE font rendererer to provide hinted output for 
embedded fonts:

http://vinniefalco.github.com/VFLib/class_free_type_faces.html

I hope this rant has helped to provide a broadened view of the variety of ways 
in which FreeType may be used.