In `FT_Stroker_ConicTo` and `FT_Stroker_CubicTo` there is a `bez_stack`.
`arc` is initialized with `arc = bez_stack` and is never set to point
into any different object. The main loop looks like `while ( arc >=
bez_stack )` which is depending on a later `arc -= 2` (or `arc -= 3`) to
make `arc` point to before `bez_stack`. However, using pointer
subtraction to make `arc` point outside the array is undefined behavior,
and attempting to use the value in the loop predicate is "very"
undefined behavior. (C99 "Additive operators" 6.5.6.8.)
This particular undefined behavior was discovered as either hangs or
MemorySantizer issues after "[InstCombine] Infer nuw for gep inbounds
from base of object" [0]. With this change, clang can infer that `arc`
must always point into the `bez_stack` object and therefore cannot be at
a "negative index" so the predicate is always true.
[0] e21ab4d16b
* src/base/ftstroke.c (FT_Stroker_ConicTo, FT_Stroker_CubicTo): test
loop exit condition (there are no more arcs to process) before
decrementing `arc`
Fixes: #1307
When `sfnt->load_face` succeeds it has already loaded any (optional)
cmap data. As a result, a subsequent call to `sfnt->load_cmap` will
overwrite the cmap data pointer with a new copy of the data but not free
the old, leading to a leak.
This is a fix for "* src/cff/cffobjs.c (cff_face_init): Better handling
of Type0 fonts.". This still allows the cmap to be missing but avoids
the leak by only calling `sfnt->load_cmap` when there is no `head`
table (the font data is not being loaded as OpenType/CFF).
* src/cff/cffobjs.c (cff_face_init): Fix leak
Fixes: #1306
This issue relates to the PDF specification and its usage of CFF-based
embedded Type0 fonts. For Type0 fonts containing CID-keyed descendant
CFF-based fonts, the glyph index is the CID present in the content stream.
As a result, there is no requirement for a 'cmap' table to be present in the
font since the glyph indices are derived directly from the CIDs. FreeType
throws an error when it doesn’t find a 'cmap' table for such an Open Type
font containing CFF outlines. This commit relaxes this requirement for a
'cmap' table for such fonts.
* builds/toplevel.mk: In `make dist`, checkout gnu-config
git repository at savannah, copy the latest versions of
`config.guess` and `config.sub` to builds/unix/. Also
the latest version of `gitlog-to-changelog` is used to
generate `ChangeLog`.
* src/base/ftobjs.c (destroy_size, destroy_face): This is such that the
generic destroy can be used to call `FT_Done_Library`. For that to work,
it needs to call it *after* having removed the face from the respective
module.
o Replace `test -e` by `test -d` (directory) and `-h`
(symlink), because pre-POSIX /bin/sh of Solaris 10
does not support `test -e`.
o Replace the combination of `head` and `sed ...` by
single sed command `sed -n 1...p`. GNU libtoolize
with Solaris 10 /bin/sh complains "Broken Pipe" for
the closure of stdout by `head`. Let `sed` receive
all stdout and discard.
Some output formats may rewrite symbol names during the output,
like the concatenation of "64__" suffix on VMS. To estimate
sufficient size to store symbol name, pass the output format
info to `names_add`. For VMS, `names_add` allocates longer
buffer to append "64__".
* apinames.c (SUFFIX_VMS_64ADDR): New macro of "64__".
(main): Pass the format info to `read_header_file`.
(read_header_file): Pass the format info to `names_add`.
(names_add): Receive the format info, and reserve the symbol
name buffer 4 byte longer in the case of VMS, to append the
suffix in `names_dump`.
* apinames.c (names_dump): For WATCOM_LBC format, the
DLL name with no suffix is constructed on a static
array temp[], but the scope is closed before use it.
The declaration of temp[] is moved to the wider
scope for the dumping part to refer it.
* src/tools/apinames.c: The first header file must be
given after the options. All arguments after the
first header file are dealt as header files to be
parsed, regardless with their leading "-".
For example,
"apinames include/freetype/freetype.h -dFREETYPE.DLL"
warns "unable to open -dFREETYPE.DLL".
Thus, the "header1" must be given after the arguments
to be parsed as the options.
* vms_name.com: Suppress a warning with the latest Clang compiler.
* builds/vms/apinames_vms.bash: Use absolute path to avoid dependency on the
environment.
* src/sfnt/ttsbit.c (tt_face_load_sbix_image): Currently undocumented by
Apple, this flips the bitmap data horizontally. It is used on macOS in
Apple Color Emoji; 19.4d6e1; 2024-02-05 (file `Apple Color Emoji.ttc`).
Fixes issue #1282.
* builds/unix/configure.raw: copy `CFLAGS` &
`LDFLAGS` values to `CFLAGS_BUILD` &
`LDFLAGS_BUILD`, in a self-hosting case.
* builds/unix/unix-cc.in: set `CCexe_CFLAGS` &
`CCexe_LDFLAGS` by `CFLAGS_BUILD` &
`LDFLAGS_BUILD`.
In some confused environments, simple building
like `cc -o apinames apinames.c` is no longer
able to build an executable running on the host.
The validity of `CC` is tested with consideration
of `CFLAGS` and `LDFLAGS`, thus, duplicating
`CFLAGS` & `LDFLAGS` to `CCexe_CFLAGS` &
`CCexe_LDFLAGS` (via XXX_BUILD) would be slightly
safer in a self-hosting build.
Fixes the issue #1296.
==========================
Tag sources with `VER-2-13-3'.
* docs/VERSION.TXT: Add entry for version 2.13.3.
* docs/CHANGES: Updated.
* docs/release, docs/README, builds/macs/README: Updated.
* README, src/base/ftver.rc, builds/windows/vc2010/index.html,
builds/windows/visualc/index.html, builds/windows/visualce/index.html,
builds/wince/vc2005-ce/index.html, builds/wince/vc2008-ce/index.html,
docs/freetype-config.1: s/2.13.2/2.13.3/, s/2132/2133/.
* include/freetype/freetype.h (FREETYPE_PATCH): Set to 3.
* builds/unix/configure.raw (version_info): Set to 26:2:20.
* CMakeLists.txt (VERSION_PATCH): Set to 3.
With ample checks against the table size, we should be able to use
macros without the limit checks and functional calls.
* src/truetype/ttgxvar.c (ft_var_readpacked{points,deltas}):
Use FT_NEXT_* instead of FT_GET_*.
The CMake build uses `find_package` to look for dependencies. Before calling `find_package` it looks to see if the dependency was disabled. If not the associated `_FOUND` variable will be set. This value is then checked to determine if the dependency is added.
However `find_package(PNG)` calls `find_package(ZLIB)` within its find module. So in the case of `FT_DISABLE_ZLIB=TRUE` and `FT_DISABLE_PNG=FALSE` the `ZLIB_FOUND` value can be set and even though `FT_DISABLE_ZLIB` is turned on.
Unset the value of `ZLIB_FOUND` after the call to `find_package(PNG)` so the value is only set when `FT_DISABLE_ZLIB` is turned off.
This change comes along with 2a7bb4596f ans is only meant to reduce
pointer casting in the code.
* include/freetype/ftimage.h (FT_Outline): Do it.
* src/*: Update `FT_Outline` users.
In C it is undefined behavior to do arithmetic on a null pointer, including
adding zero. When using NotoSansKhmer[wdth,wght].ttf UBSAN produces a report
like
ttgxvar.c:1052:31: runtime error: applying zero offset to null pointer
when adding zero to `varData->deltaSet` (which is null) to produce `bytes`.
Protect against all the potential issues of this kind by returning early if
`varData->regionIdxCount == 0`.
* src/truetype/ttgxvar.c (tt_var_get_item_delta): early return on no regions
Ben Wagner
Honnesh Ramachandra
suzuki toshiya
Behdad Esfahbod
Alexei Podtelezhnikov
Marian Klymov
Benoit Pierre
Jouk Jansen
Andrew Murray
luz paz
Werner Lemberg
Dan Rosser
Philip Race
Don Olmstead
Ben Wagner