0c14a3adb0
[truetype] Fix integer overflow.
...
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19305
* src/truetype/ttinterp.c (Ins_MIRP): Use `ADD_LONG'.
5 years ago
2c9a2d58ca
Another bunch of UBSan warnings on adding offsets to nullptr.
...
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19427
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19433
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19441
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19451
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19452
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=19457
* src/autofit/aflatin.c (af_latin_hints_compute_segments,
af_latin_hints_compute_edges): Use `FT_OFFSET'.
* src/base/ftstream.c (FT_Stream_EnterFrame): Use `FT_OFFSET'.
* src/psaux/cffdecode.c (cff_decoder_parse_charstrings): Exit early
if there is no charstring.
* src/psaux/psobjs.c (t1_decrypt): Use `FT_OFFSET'.
* src/smooth/ftsmooth.c (ft_smooth_render_generic): Exit early for
zero bitmap dimensions.
5 years ago
11d4ce23ac
Fix more UBSan warnings on adding offset to nullptr ( #57384 )
...
* src/smooth/ftsmooth.c (ft_smooth_render_generic),
src/psaux/psobjs.c (ps_table_add): Use `FT_OFFSET'.
5 years ago
dfc9a049de
* src/truetype/ttinterp.c (TT_RunIns): Use `FT_OFFSET'.
...
Reported as
https://bugs.chromium.org/p/chromium/issues/detail?id=1030614
5 years ago
551bd3a90e
More nullptr offset UBSan warnings ( #57331 , #57347 ).
...
* src/autofit/afcjk.c (af_cjk_hints_compute_segments),
src/psaux/psft.c (cf2_getSeacComponent), src/truetype/ttinterp.c
(Ins_UNKNOWN): Use `FT_OFFSET'.
5 years ago
4270e9f324
Avoid more nullptr offset UBSan warnings ( #57316 ).
...
* src/base/ftoutln.c (FT_Outline_Transform): Bail on empty points.
* src/cff/cffload.c (cff_subfont_load): Use `FT_OFFSET'.
* src/psaux/psft.c (cf2_decoder_parse_substrings): Early out if
`charstring_base' or `charstring_len' are null.
* src/sfnt/ttload.c (tt_face_load_name): Use `FT_OFFSET'.
5 years ago
d4f9c24989
[base] Really fix #57194 .
...
Apply accidentally missed second part of patch.
* src/base/ftgloadr.c (FT_GlyphLoader_CheckPoints): Call
`FT_GlyphLoader_CreateExtra'.
5 years ago
9df460b632
[truetype] Avoid sanitizer warning ( #57289 ).
...
* src/truetype/ttpload.c (tt_face_get_device_metrics): Use
`FT_OFFSET'.
5 years ago
c67b9a1c5b
[truetype] Fix integer overflow ( #57287 ).
...
* src/truetype/ttgload.c (compute_glyph_metrics): Use `SUB_LONG'.
5 years ago
3cb7b3f7cb
[sfnt] Avoid sanitizer warning ( #57286 ).
...
* src/sfnt/ttcmap.c (tt_face_build_cmaps): Avoid possible `NULL +
offset' computation.
Tag `table' as `const'.
5 years ago
2d1d60aac6
[base] Fix `NULL + offset' sanitizer warnings ( #57194 ).
...
* src/base/ftgloadr.c (FT_GlyphLoader_Adjust_Points,
FT_GlyphLoader_Adjust_Subglyphs): Use `FT_OFFSET'.
(FT_GlyphLoader_CreateExtra): Add short cut if some values are zero.
5 years ago
26d0f579c0
* include/freetype/internal/ftmemory.h (FT_OFFSET): New macro.
...
Use this for `base + offset' pointer calculations where `base' can
be NULL (triggering a sanitizer warning even if the resulting
pointer gets never dereferenced since it is undefined behaviour
in C).
Suggested by Ben Wagner.
5 years ago
9b0179597e
[sfnt] Ensure OTTO fonts have tables ( #57285 ).
...
* src/sfnt/ttload.c (tt_face_load_font_dir): Add test.
5 years ago
07c8d8bbdb
Minor fixes for recent compilers.
...
* src/gzip/infutil.h (inflate_mask): Add `const'.
* src/autofit/aflatin2.c: Include `ft2build.h'.
5 years ago
3aaae716b2
CMakeLists.txt: minor doc additions, compile builds/unix/ftsystem.c on UNIX
5 years ago
b75031a26e
* src/sfnt/sfwoff2.c (woff2_open_font): Check `num_fonts' for TTCs.
...
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18494
5 years ago
0a3d2bb99b
[doc] FT_Open_Args: Clarify the ownership of `pathname'.
...
Don't expect the function to deallocate the buffer. This may be obvious
in C, but it is not so obvious in FFI bindings for FreeType 2.
5 years ago
3b8bc65c50
* src/sfnt/sfwoff2.c (woff2_open_font): Avoid undefined shift.
...
Also improve tracing.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18390
5 years ago
90a30f154a
* src/sfnt/pngshim.c (premultiply_data): Optimize for __SSE__ only.
5 years ago
545a481a74
* src/sfnt/sfwoff2.c (reconstruct_glyf): Check `triplet_size'.
...
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18108
5 years ago
1e9229f0fc
[cff] Fix FT_FACE_FLAG_GLYPH_NAMES for CFF2 based fonts ( #57023 ).
...
* src/cff/cffobjs.c (cff_face_init): Don't set FT_FACE_FLAG_GLYPH_NAMES
for CFF2 based fonts.
5 years ago
5a1a79c0e8
[woff2] Fix SFNT table checks.
...
Also reduce number of SFNT table lookups.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18065
* include/freetype/internal/wofftypes.h (WOFF2_InfoRec): Add fields
`glyf_table', `loca_table', and `head_table'.
* src/sfnt/sfwoff2.c (reconstruct_glyf): Update signature.
Use table pointers in `info' parameter.
(get_x_mins): Check `maxp_table'
Use table pointers in `info' parameter.
(reconstruct_font): Use and set table pointers in `info' parameter.
Fix check for `glyf' and `loca' tables.
Update call to `reconstruct_glyf'.
(woff2_open_font): Updated.
5 years ago
1167bff3e9
* src/sfnt/sfwoff2 (reconstruct_glyf): Fix reallocation.
...
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18046
5 years ago
0fcf486e0d
Improve memory debugging.
...
* include/freetype/internal/ftmemory.h (FT_MEM_FREE): Use
`FT_DEBUG_INNER' to set source code file name and line.
* src/base/ftdbgmem.c (ft_mem_table_remove): Better formatting of
tracing message.
5 years ago
d355a73aa3
docs/DEBUG: Document environment variable `FT2_KEEP_ALIVE'.
...
Also do some formatting and minor edits.
5 years ago
1f4e5bcb19
* src/sfnt/sfwoff2 (reconstruct_font): Fix reallocation.
...
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17966
5 years ago
c912690d22
* src/base/ftstroke.c (ft_stroker_inside): Speed up.
5 years ago
94815d6efa
* src/sfnt/sfwoff2 (woff2_open_font): Initialize `woff2.ttc_fonts'.
...
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17804
5 years ago
839a023619
* src/sfnt/sfwoff2.c (reconstruct_font): Fix memory leak.
...
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17812
5 years ago
12696dcf9b
[woff2] Reject fonts without `head' table.
...
Also fix memory deallocation in case of error.
`head' problem reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17820
* src/sfnt/sfwoff2.c (reconstruct_glyf): Don't use `stream_close'.
Abort if `head_table' is NULL.
Don't free `transformed_buf' in case of error.
(woff2_open_font): Don't set `uncompressed_buf' to NULL.
5 years ago
ba06adafcd
[woff2] Fix compiler warnings.
...
Problem reported by Alexei.
* src/sfnt/sfwoff2.c (reconstruct_glyf): Initialize `x_min'.
(reconstruct_font): Initialize `num_hmetrics'.
(woff2_open_font): Initialize `info'.
5 years ago
c37a501458
* src/sfnt/sfwoff2.c (woff2_open_font): Fix sanity check.
...
Correct thinkos in patch from 2019-09-01.
5 years ago
2bf603bde6
[woff2] Fix memory leaks.
...
One of them reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17766
* src/sfnt/sfwoff2.c (woff2_open_font): Free `info->x_mins' and
`woff2->ttc_fonts'.
(reconstruct_glyf): Initialize `info->x_mins'.
5 years ago
b39576f984
* src/base/ftstroke.c (ft_stroker_cap): Speed up caps.
5 years ago
432efa25b3
* src/base/ftstroke.c (ft_stroker_outside): Speed up clipped miter.
...
* include/freetype/ftstroke.h: Wordsmith miter docs.
5 years ago
db4083fd7f
* src/sfnt/sfwoff2.c (woff2_open_font): Check (sum of) table sizes.
...
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17684
5 years ago
4881f75b7c
* src/base/ftstroke.c (ft_stroke_border_arcto): Speed up calculations.
5 years ago
5327092bb2
[woff2] Fix memory leaks.
...
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16896
* src/sfnt/sfwoff2.c (woff2_open_font): Fix error handling.
Free `uncompressed_buf'.
(reconstruct_font): Free `transformed_buf'.
5 years ago
04ebb2a000
* src/otvalid/otvcommon.c (otv_Coverage_get_last): Guard `count'.
...
Problem reported by Marc Schönefeld <marc.schoenefeld@gmx.org>.
5 years ago
99f23d6ff2
* src/sfnt/sfwoff2.c (woff2_open_font): Check table index.
...
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17100
5 years ago
cc17f852d5
[cmake] Don't fail if brotli is missing ( #56894 ).
...
The libs which cmake controls are commented out at
include/freetype/config/ftoption.h
and cmake un-comment each enabled library, but the brotli option was
not commented out, therefore `FT_CONFIG_OPTION_USE_BROTLI' remained
defined even if brotli was missing/disabled/etc.
Comment it such that cmake can control it, which means leaving it
undefined if brotli is missing.
* include/freetype/config/ftoption.h: Fix typo.
5 years ago
3de1b8d0b0
[cmake] Add brotli support.
...
* CMakeLists.txt (FT_WITH_BROTLI): New option.
* builds/cmake/FindBrotliDec.cmake: New file.
5 years ago
bbb14361db
FindHarfBuzz.cmake: Change indentation to two spaces; shorten lines.
5 years ago
87f5225256
Fix handling of `AF_CONFIG_OPTION_INDIC'.
...
* devel/ftoption.h, include/freetype/config/ftoption.h:
`AF_CONFIG_OPTION_INDIC' needs `AF_CONFIG_OPTION_CJK'.
5 years ago
12351eeefa
CMakeLists.txt: Fix generation of DLL related stuff ( #56852 ).
...
Extract `version_info' variable from `builds/unix/configure.raw' and
use the data to correctly set `LIBRARY_VERSION' and
`LIBRARY_SOVERSION'.
Also use the data to set `ft_version' field in `freetype2.pc'.
Also fix the needed minimum version of HarfBuzz in `freetype2.pc'.
5 years ago
3fa35aa420
* src/sfnt/sfwoff2.c (compute_ULong_sum): Fix undefined shift.
...
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16933
5 years ago
543a3b939d
* src/sfnt/sfwoff2.c (woff2_open_font): Add sanity check.
...
Don't trust `totalSfntSize' unconditionally.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16893
5 years ago
cbee985a2b
[woff2] Don't use `FT_UInt64' ( #56815 ).
...
* src/sfnt/sfwoff2.c (woff2_open_font): Use `FT_UInt32' for
`file_offset'. This fixes builds on platforms where `FT_LONG64' is
not defined while still being sufficient to store a file offset.
5 years ago
594156586b
[truetype] Prevent crash in `TT_Set_Named_Instance' ( #56813 ).
...
* src/truetype/ttgxvar.c (TT_Set_Named_Instance): Fix error
handling.
5 years ago
ed7e8194e0
CHANGES: Updated.
5 years ago
Werner Lemberg
Dominik Röttsches
John Stracke
Armin Hasitzka
Ben Wagner
Behdad Esfahbod
Nikolaus Waxweiler
Filip Filmar
Alexei Podtelezhnikov
John Tytgat
Nikhil Ramakrishnan
Avi Halachmi (:avih)