Werner Lemberg pushed to branch master
at FreeType / FreeType
Commits:
-
1f005c09
by Werner Lemberg
at 2022-07-26T16:22:27+02:00
* src/pfr/*.c: Trivial improvements and formatting.
-
182295cb
by Werner Lemberg
at 2022-07-26T16:50:19+02:00
[pfr] Add some safety guards.
* src/pfr/pfrload.c (pfr_phy_font_load): Check resolutions and number of
characters.
Fixes #1174.
4 changed files:
Changes:
src/pfr/pfrgload.c
... |
... |
@@ -42,8 +42,7 @@ |
42
|
42
|
{
|
43
|
43
|
FT_ZERO( glyph );
|
44
|
44
|
|
45
|
|
- glyph->loader = loader;
|
46
|
|
- glyph->path_begun = 0;
|
|
45
|
+ glyph->loader = loader;
|
47
|
46
|
|
48
|
47
|
FT_GlyphLoader_Rewind( loader );
|
49
|
48
|
}
|
... |
... |
@@ -409,7 +408,7 @@ |
409
|
408
|
break;
|
410
|
409
|
|
411
|
410
|
case 6: /* horizontal to vertical curve */
|
412
|
|
- FT_TRACE6(( "- hv curve " ));
|
|
411
|
+ FT_TRACE6(( "- hv curve" ));
|
413
|
412
|
args_format = 0xB8E;
|
414
|
413
|
args_count = 3;
|
415
|
414
|
break;
|
src/pfr/pfrload.c
... |
... |
@@ -268,9 +268,7 @@ |
268
|
268
|
header->version > 4 ||
|
269
|
269
|
header->header_size < 58 ||
|
270
|
270
|
header->signature2 != 0x0D0A ) /* CR/LF */
|
271
|
|
- {
|
272
|
271
|
result = 0;
|
273
|
|
- }
|
274
|
272
|
|
275
|
273
|
return result;
|
276
|
274
|
}
|
... |
... |
@@ -406,11 +404,9 @@ |
406
|
404
|
}
|
407
|
405
|
|
408
|
406
|
if ( flags & PFR_LOG_BOLD )
|
409
|
|
- {
|
410
|
407
|
log_font->bold_thickness = ( flags & PFR_LOG_2BYTE_BOLD )
|
411
|
408
|
? PFR_NEXT_SHORT( p )
|
412
|
409
|
: PFR_NEXT_BYTE( p );
|
413
|
|
- }
|
414
|
410
|
|
415
|
411
|
if ( flags & PFR_LOG_EXTRA_ITEMS )
|
416
|
412
|
{
|
... |
... |
@@ -604,7 +600,7 @@ |
604
|
600
|
if ( FT_QNEW_ARRAY( snaps, count ) )
|
605
|
601
|
goto Exit;
|
606
|
602
|
|
607
|
|
- phy_font->vertical.stem_snaps = snaps;
|
|
603
|
+ phy_font->vertical.stem_snaps = snaps;
|
608
|
604
|
phy_font->horizontal.stem_snaps = snaps + num_vert;
|
609
|
605
|
|
610
|
606
|
for ( ; count > 0; count--, snaps++ )
|
... |
... |
@@ -621,7 +617,6 @@ |
621
|
617
|
}
|
622
|
618
|
|
623
|
619
|
|
624
|
|
-
|
625
|
620
|
/* load kerning pair data */
|
626
|
621
|
FT_CALLBACK_DEF( FT_Error )
|
627
|
622
|
pfr_extra_item_load_kerning_pairs( FT_Byte* p,
|
... |
... |
@@ -857,8 +852,16 @@ |
857
|
852
|
phy_font->bbox.yMax = PFR_NEXT_SHORT( p );
|
858
|
853
|
phy_font->flags = flags = PFR_NEXT_BYTE( p );
|
859
|
854
|
|
|
855
|
+ if ( !phy_font->outline_resolution ||
|
|
856
|
+ !phy_font->metrics_resolution )
|
|
857
|
+ {
|
|
858
|
+ error = FT_THROW( Invalid_Table );
|
|
859
|
+ FT_ERROR(( "pfr_phy_font_load: invalid resolution\n" ));
|
|
860
|
+ goto Fail;
|
|
861
|
+ }
|
|
862
|
+
|
860
|
863
|
/* get the standard advance for non-proportional fonts */
|
861
|
|
- if ( !(flags & PFR_PHY_PROPORTIONAL) )
|
|
864
|
+ if ( !( flags & PFR_PHY_PROPORTIONAL ) )
|
862
|
865
|
{
|
863
|
866
|
PFR_CHECK( 2 );
|
864
|
867
|
phy_font->standard_advance = PFR_NEXT_SHORT( p );
|
... |
... |
@@ -869,14 +872,13 @@ |
869
|
872
|
{
|
870
|
873
|
error = pfr_extra_items_parse( &p, limit,
|
871
|
874
|
pfr_phy_font_extra_items, phy_font );
|
872
|
|
-
|
873
|
875
|
if ( error )
|
874
|
876
|
goto Fail;
|
875
|
877
|
}
|
876
|
878
|
|
877
|
879
|
/* In certain fonts, the auxiliary bytes contain interesting */
|
878
|
880
|
/* information. These are not in the specification but can be */
|
879
|
|
- /* guessed by looking at the content of a few PFR0 fonts. */
|
|
881
|
+ /* guessed by looking at the content of a few 'PFR0' fonts. */
|
880
|
882
|
PFR_CHECK( 3 );
|
881
|
883
|
num_aux = PFR_NEXT_ULONG( p );
|
882
|
884
|
|
... |
... |
@@ -975,6 +977,13 @@ |
975
|
977
|
phy_font->num_chars = count = PFR_NEXT_USHORT( p );
|
976
|
978
|
phy_font->chars_offset = offset + (FT_Offset)( p - stream->cursor );
|
977
|
979
|
|
|
980
|
+ if ( !phy_font->num_chars )
|
|
981
|
+ {
|
|
982
|
+ error = FT_THROW( Invalid_Table );
|
|
983
|
+ FT_ERROR(( "pfr_phy_font_load: no glyphs\n" ));
|
|
984
|
+ goto Fail;
|
|
985
|
+ }
|
|
986
|
+
|
978
|
987
|
Size = 1 + 1 + 2;
|
979
|
988
|
if ( flags & PFR_PHY_2BYTE_CHARCODE )
|
980
|
989
|
Size += 1;
|
src/pfr/pfrobjs.c
... |
... |
@@ -130,14 +130,14 @@ |
130
|
130
|
if ( error )
|
131
|
131
|
goto Exit;
|
132
|
132
|
|
133
|
|
- /* now load the physical font descriptor */
|
|
133
|
+ /* load the physical font descriptor */
|
134
|
134
|
error = pfr_phy_font_load( &face->phy_font, stream,
|
135
|
135
|
face->log_font.phys_offset,
|
136
|
136
|
face->log_font.phys_size );
|
137
|
137
|
if ( error )
|
138
|
138
|
goto Exit;
|
139
|
139
|
|
140
|
|
- /* now set up all root face fields */
|
|
140
|
+ /* set up all root face fields */
|
141
|
141
|
{
|
142
|
142
|
PFR_PhyFont phy_font = &face->phy_font;
|
143
|
143
|
|
... |
... |
@@ -160,7 +160,7 @@ |
160
|
160
|
if ( nn == phy_font->num_chars )
|
161
|
161
|
{
|
162
|
162
|
if ( phy_font->num_strikes > 0 )
|
163
|
|
- pfrface->face_flags = 0; /* not scalable */
|
|
163
|
+ pfrface->face_flags &= ~FT_FACE_FLAG_SCALABLE;
|
164
|
164
|
else
|
165
|
165
|
{
|
166
|
166
|
FT_ERROR(( "pfr_face_init: font doesn't contain glyphs\n" ));
|
... |
... |
@@ -170,7 +170,7 @@ |
170
|
170
|
}
|
171
|
171
|
}
|
172
|
172
|
|
173
|
|
- if ( ( phy_font->flags & PFR_PHY_PROPORTIONAL ) == 0 )
|
|
173
|
+ if ( !( phy_font->flags & PFR_PHY_PROPORTIONAL ) )
|
174
|
174
|
pfrface->face_flags |= FT_FACE_FLAG_FIXED_WIDTH;
|
175
|
175
|
|
176
|
176
|
if ( phy_font->flags & PFR_PHY_VERTICAL )
|
... |
... |
@@ -338,7 +338,7 @@ |
338
|
338
|
}
|
339
|
339
|
|
340
|
340
|
/* try to load an embedded bitmap */
|
341
|
|
- if ( ( load_flags & ( FT_LOAD_NO_SCALE | FT_LOAD_NO_BITMAP ) ) == 0 )
|
|
341
|
+ if ( !( load_flags & ( FT_LOAD_NO_SCALE | FT_LOAD_NO_BITMAP ) ) )
|
342
|
342
|
{
|
343
|
343
|
error = pfr_slot_load_bitmap(
|
344
|
344
|
slot,
|
src/pfr/pfrsbit.c
... |
... |
@@ -391,7 +391,7 @@ |
391
|
391
|
}
|
392
|
392
|
|
393
|
393
|
|
394
|
|
- /* load bitmap metrics. `*padvance' must be set to the default value */
|
|
394
|
+ /* load bitmap metrics. `*aadvance' must be set to the default value */
|
395
|
395
|
/* before calling this function */
|
396
|
396
|
/* */
|
397
|
397
|
static FT_Error
|
... |
... |
@@ -628,7 +628,7 @@ |
628
|
628
|
if ( strike->flags & PFR_BITMAP_3BYTE_OFFSET )
|
629
|
629
|
char_len += 1;
|
630
|
630
|
|
631
|
|
- /* access data directly in the frame to speed lookups */
|
|
631
|
+ /* access data directly in the frame to speed up lookups */
|
632
|
632
|
if ( FT_STREAM_SEEK( phys->bct_offset + strike->bct_offset ) ||
|
633
|
633
|
FT_FRAME_ENTER( char_len * strike->num_bitmaps ) )
|
634
|
634
|
goto Exit;
|
... |
... |
@@ -744,8 +744,8 @@ |
744
|
744
|
ypos > FT_INT_MAX - (FT_Long)ysize ||
|
745
|
745
|
ypos + (FT_Long)ysize < FT_INT_MIN )
|
746
|
746
|
{
|
747
|
|
- FT_TRACE1(( "pfr_slot_load_bitmap:" ));
|
748
|
|
- FT_TRACE1(( "huge bitmap glyph %ldx%ld over FT_GlyphSlot\n",
|
|
747
|
+ FT_TRACE1(( "pfr_slot_load_bitmap:"
|
|
748
|
+ " huge bitmap glyph %ldx%ld over FT_GlyphSlot\n",
|
749
|
749
|
xpos, ypos ));
|
750
|
750
|
error = FT_THROW( Invalid_Pixel_Size );
|
751
|
751
|
}
|
|