[autofit] Avoid potential SEGV if running out of memory.

Problem reported by Shailesh Mistry <shailesh.mistry@hotmail.co.uk>.

* src/autofit/afshaper.c (af_shaper_buf_create,
af_shaper_buf_destroy) [!FT_CONFIG_OPTION_USE_HARFBUZZ]: Don't
allocate and free a four-byte buffer.  Instead, make those functions
no-ops; the calling functions will provide a pointer to a buffer
instead.

* src/autofit/afcjk.c (af_cjk_metrics_init_widths,
af_cjk_metrics_init_blues, af_cjk_metrics_check_digits),
src/autofit/aflatin.c (af_latin_metrics_init_widths,
af_latin_metrics_init_blues, af_latin_metrics_check_digits)
[!FT_CONFIG_OPTION_USE_HARFBUZZ]: Use pointer to local variable for
`shaper_buf'.
parthw-pk-vf
Werner Lemberg 7 years ago
parent f7b4fb3a21
commit e0015f7612
  1. 29
      ChangeLog
  2. 40
      src/autofit/afcjk.c
  3. 42
      src/autofit/aflatin.c
  4. 15
      src/autofit/afshaper.c

@ -1,10 +1,29 @@
2018-05-08 Werner Lemberg <wl@gnu.org>
[autofit] Avoid potential SEGV if running out of memory.
Problem reported by Shailesh Mistry <shailesh.mistry@hotmail.co.uk>.
* src/autofit/afshaper.c (af_shaper_buf_create,
af_shaper_buf_destroy) [!FT_CONFIG_OPTION_USE_HARFBUZZ]: Don't
allocate and free a four-byte buffer. Instead, make those functions
no-ops; the calling functions will provide a pointer to a buffer
instead.
* src/autofit/afcjk.c (af_cjk_metrics_init_widths,
af_cjk_metrics_init_blues, af_cjk_metrics_check_digits),
src/autofit/aflatin.c (af_latin_metrics_init_widths,
af_latin_metrics_init_blues, af_latin_metrics_check_digits)
[!FT_CONFIG_OPTION_USE_HARFBUZZ]: Use pointer to local variable for
`shaper_buf'.
2018-05-07 Nikolaus Waxweiler <madigens@gmail.com>
CMake: Allow using project as subfolder in other project
[cmake] Allow using project as subfolder in other project.
* CMakeLists.txt: Test for CMake build directory being diffent from source
directory. Provide other parts of the build system access the full include
directory.
* CMakeLists.txt: Test for CMake build directory being different
from source directory. Provide other parts of the build system
access the full include directory.
2018-05-07 Werner Lemberg <wl@gnu.org>
@ -24,6 +43,7 @@
2018-05-04 suzuki toshiya <mpsuzuki@hiroshima-u.ac.jp>
Support symbol visibility features of Sun / Oracle C compilers.
Reported by Kiyoshi Kanazawa:
https://lists.gnu.org/archive/html/freetype-devel/2018-05/msg00008.html
Thanks to the suggestions by Alexei and Alan Coopersmith.
@ -44,7 +64,6 @@
* CMakeLists.txt: Generate ftconfig.h on non-UNIX.
2018-05-02 Werner Lemberg <wl@gnu.org>
Remove FT_CONFIG_OPTION_PIC and related code.

@ -94,15 +94,26 @@
AF_StyleClass style_class = metrics->root.style_class;
AF_ScriptClass script_class = af_script_classes[style_class->script];
void* shaper_buf;
/* If HarfBuzz is not available, we need a pointer to a single */
/* unsigned long value. */
#ifdef FT_CONFIG_OPTION_USE_HARFBUZZ
void* shaper_buf;
#else
FT_ULong shaper_buf_;
void* shaper_buf = &shaper_buf_;
#endif
const char* p;
#ifdef FT_DEBUG_LEVEL_TRACE
FT_ULong ch = 0;
#endif
p = script_class->standard_charstring;
p = script_class->standard_charstring;
#ifdef FT_CONFIG_OPTION_USE_HARFBUZZ
shaper_buf = af_shaper_buf_create( face );
#endif
/* We check a list of standard characters. The first match wins. */
@ -290,7 +301,14 @@
AF_Blue_Stringset bss = sc->blue_stringset;
const AF_Blue_StringRec* bs = &af_blue_stringsets[bss];
void* shaper_buf;
/* If HarfBuzz is not available, we need a pointer to a single */
/* unsigned long value. */
#ifdef FT_CONFIG_OPTION_USE_HARFBUZZ
void* shaper_buf;
#else
FT_ULong shaper_buf_;
void* shaper_buf = &shaper_buf_;
#endif
/* we walk over the blue character strings as specified in the */
@ -301,7 +319,9 @@
"==========================\n"
"\n" ));
#ifdef FT_CONFIG_OPTION_USE_HARFBUZZ
shaper_buf = af_shaper_buf_create( face );
#endif
for ( ; bs->string != AF_BLUE_STRING_MAX; bs++ )
{
@ -559,15 +579,25 @@
FT_Bool started = 0, same_width = 1;
FT_Fixed advance = 0, old_advance = 0;
void* shaper_buf;
/* If HarfBuzz is not available, we need a pointer to a single */
/* unsigned long value. */
#ifdef FT_CONFIG_OPTION_USE_HARFBUZZ
void* shaper_buf;
#else
FT_ULong shaper_buf_;
void* shaper_buf = &shaper_buf_;
#endif
/* in all supported charmaps, digits have character codes 0x30-0x39 */
const char digits[] = "0 1 2 3 4 5 6 7 8 9";
const char* p;
p = digits;
p = digits;
#ifdef FT_CONFIG_OPTION_USE_HARFBUZZ
shaper_buf = af_shaper_buf_create( face );
#endif
while ( *p )
{

@ -85,16 +85,27 @@
AF_StyleClass style_class = metrics->root.style_class;
AF_ScriptClass script_class = af_script_classes[style_class->script];
void* shaper_buf;
/* If HarfBuzz is not available, we need a pointer to a single */
/* unsigned long value. */
#ifdef FT_CONFIG_OPTION_USE_HARFBUZZ
void* shaper_buf;
#else
FT_ULong shaper_buf_;
void* shaper_buf = &shaper_buf_;
#endif
const char* p;
#ifdef FT_DEBUG_LEVEL_TRACE
FT_ULong ch = 0;
#endif
p = script_class->standard_charstring;
shaper_buf = af_shaper_buf_create( face );
p = script_class->standard_charstring;
#ifdef FT_CONFIG_OPTION_USE_HARFBUZZ
shaper_buf = af_shaper_buf_create( face );
#endif
/*
* We check a list of standard characters to catch features like
* `c2sc' (small caps from caps) that don't contain lowercase letters
@ -323,7 +334,14 @@
FT_Pos flat_threshold = FLAT_THRESHOLD( metrics->units_per_em );
void* shaper_buf;
/* If HarfBuzz is not available, we need a pointer to a single */
/* unsigned long value. */
#ifdef FT_CONFIG_OPTION_USE_HARFBUZZ
void* shaper_buf;
#else
FT_ULong shaper_buf_;
void* shaper_buf = &shaper_buf_;
#endif
/* we walk over the blue character strings as specified in the */
@ -333,7 +351,9 @@
"============================\n"
"\n" ));
#ifdef FT_CONFIG_OPTION_USE_HARFBUZZ
shaper_buf = af_shaper_buf_create( face );
#endif
for ( ; bs->string != AF_BLUE_STRING_MAX; bs++ )
{
@ -1030,15 +1050,25 @@
FT_Bool started = 0, same_width = 1;
FT_Fixed advance = 0, old_advance = 0;
void* shaper_buf;
/* If HarfBuzz is not available, we need a pointer to a single */
/* unsigned long value. */
#ifdef FT_CONFIG_OPTION_USE_HARFBUZZ
void* shaper_buf;
#else
FT_ULong shaper_buf_;
void* shaper_buf = &shaper_buf_;
#endif
/* in all supported charmaps, digits have character codes 0x30-0x39 */
const char digits[] = "0 1 2 3 4 5 6 7 8 9";
const char* p;
p = digits;
p = digits;
#ifdef FT_CONFIG_OPTION_USE_HARFBUZZ
shaper_buf = af_shaper_buf_create( face );
#endif
while ( *p )
{

@ -591,14 +591,9 @@
void*
af_shaper_buf_create( FT_Face face )
{
FT_Error error;
FT_Memory memory = face->memory;
FT_ULong* buf;
FT_MEM_ALLOC( buf, sizeof ( FT_ULong ) );
FT_UNUSED( face );
return (void*)buf;
return NULL;
}
@ -606,10 +601,8 @@
af_shaper_buf_destroy( FT_Face face,
void* buf )
{
FT_Memory memory = face->memory;
FT_FREE( buf );
FT_UNUSED( face );
FT_UNUSED( buf );
}

Loading…
Cancel
Save