Also reduce number of SFNT table lookups.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18065
* include/freetype/internal/wofftypes.h (WOFF2_InfoRec): Add fields
`glyf_table', `loca_table', and `head_table'.
* src/sfnt/sfwoff2.c (reconstruct_glyf): Update signature.
Use table pointers in `info' parameter.
(get_x_mins): Check `maxp_table'
Use table pointers in `info' parameter.
(reconstruct_font): Use and set table pointers in `info' parameter.
Fix check for `glyf' and `loca' tables.
Update call to `reconstruct_glyf'.
(woff2_open_font): Updated.
* include/freetype/internal/ftmemory.h (FT_MEM_FREE): Use
`FT_DEBUG_INNER' to set source code file name and line.
* src/base/ftdbgmem.c (ft_mem_table_remove): Better formatting of
tracing message.
Also fix memory deallocation in case of error.
`head' problem reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17820
* src/sfnt/sfwoff2.c (reconstruct_glyf): Don't use `stream_close'.
Abort if `head_table' is NULL.
Don't free `transformed_buf' in case of error.
(woff2_open_font): Don't set `uncompressed_buf' to NULL.
The libs which cmake controls are commented out at
include/freetype/config/ftoption.h
and cmake un-comment each enabled library, but the brotli option was
not commented out, therefore `FT_CONFIG_OPTION_USE_BROTLI' remained
defined even if brotli was missing/disabled/etc.
Comment it such that cmake can control it, which means leaving it
undefined if brotli is missing.
* include/freetype/config/ftoption.h: Fix typo.
Extract `version_info' variable from `builds/unix/configure.raw' and
use the data to correctly set `LIBRARY_VERSION' and
`LIBRARY_SOVERSION'.
Also use the data to set `ft_version' field in `freetype2.pc'.
Also fix the needed minimum version of HarfBuzz in `freetype2.pc'.
* src/sfnt/sfwoff2.c (woff2_open_font): Use `FT_UInt32' for
`file_offset'. This fixes builds on platforms where `FT_LONG64' is
not defined while still being sufficient to store a file offset.
If table tag is not 0x3f, we expect a value between 0 and 62. If
this is not the case, exit with errors.
* src/sfnt/sfwoff2/c: Check whether table tag makes sense.
* src/sfnt/woff2tags.c: Return 0 if tag is out of bounds.
`reconstruct_hmtx' requires `info->x_mins' and `info->num_glyphs' to
reconstruct the hmtx table. In case glyf is not transformed, we
call `get_x_mins' which does the necessary work.
* src/sfnt/sfwoff2.c (get_x_mins): New function.
(reconstruct_font): Call get_x_mins.
Set correct value of `face->num_faces' for WOFF2 fonts. This is
being handled separately because we only load the tables for the
requested font face in `woff2_open_font' and create a single-face
sfnt stream.
The full discussion is at:
https://lists.gnu.org/archive/html/freetype-devel/2019-08/msg00000.html
* src/sfnt/sfobjs.c (sfnt_open_font): Add parameter
`woff2_num_faces'.
(sfnt_init_face): Introduce variable `woff2_num_faces', and change
`face->root.num_faces' if `woff2_num_faces' is set.
* src/sfnt/sfwoff2.c (woff2_open_font): Validate requested face
index and handle negative face indices.
* src/sfnt/sfwoff2.h (woff2_open_font): Add parameter `num_faces' to
declaration.
We do this by using `totalSfntSize' as an initial reference, and
extending the buffer when required. This reduces rendering time
considerably.
* include/freetype/internal/wofftypes.h (WOFF2_HeaderRec): Add
`totalSfntSize', rename `total_sfnt_size' to `actual_sfnt_size'.
* src/sfnt/sfwoff2.c (write_buf): Add parameter `dst_size' to keep
track of and update total size of stream.
(WRITE_SFNT_BUF, WRITE_SFNT_BUF_AT): Modify macros accordingly.
(pad4, store_loca, reconstruct_glyf, reconstruct_hmtx,
reconstruct_font): Update parameters to accept `sfnt_size'.
(woff2_open_font): Add variable `sfnt_size'. Use WOFF2 header field
`totalSfntSize' as initial reference (if value makes sense) and
allocate `totalSfntSize' bytes for the sfnt stream. `write_buf'
handles reallocation if and when required. Also resize the stream
to `actual_sfnt_size' after reconstruction.
Add necessary functions to reconstruct loca and hmtx tables (the two
remaining tables that can have a transform). `woff2_open_font' is
now capable of loading a woff2 font face. This code may still need
more refining and better memory management.
* include/freetype/internal/wofftypes.h (WOFF2_HeaderRec): Add total
(final) size of sfnt stream.
(WOFF2_InfoRec): Add header checksum value.
* src/sfnt/sfobjs.c (sfnt_open_font): Change `face_instance_index'
parameter to its pointer so its value can be modified by
`woff2_open_font'.
* src/sfnt/sfwoff2.c: (WRITE_SFNT_BUF_AT): New macro to write into
sfnt buffer at given position.
(write_buf): Add parameter `extend_buf' which allows caller to
specify whether buffer should be reallocated before copying data.
(WRITE_SFNT_BUF): Updated.
(pad4, store_loca, reconstruct_htmx): New functions.
(reconstruct_glyf): Calculate loca values and store them.
(reconstruct_font): Call `reconstruct_hmtx', write table record
entries, and calculate table checksums. Also calculate font
checksum and update `checksumAdjustment' entry in head table.
(woff2_open_font): Open stream for sfnt buffer, swap out input
stream and return.
* src/sfnt/sfwoff2.h (woff2_open_font): Modify parameter to accept
pointer to `face_index'.
Reconstruct `glyf' table if it is transformed in the uncompressed
table stream. Also add necessary structures, macros and functions.
* include/freetype/internal/wofftypes.h (WOFF2_InfoRec,
WOFF2_SubstreamRec, WOFF2_PointRec): New structures.
(WOFF2_TableRec): s/OrigLength/dst_length/.
* src/sfnt/sfwoff2.c (READ_255USHORT, READ_BASE128): Use
`FT_SET_ERROR' to set implicit `error' variable.
(WRITE_SHORT): New macro.
(N_CONTOUR_STREAM, N_POINTS_STREAM, FLAG_STREAM, GLYPH_STREAM,
COMPOSITE_STREAM, BBOX_STREAM, INSTRUCTION_STREAM): New macros to
refer to substreams of the transformed `glyf' tables.
(Read255UShort, ReadBase128): Return errors set by `FT_READ_XXX'
macros.
(with_sign, safe_int_addition): New functions to add sign to values
based on a flag and perform safe addition respectively.
(triplet_decode): Decode variable-length (flag, xCoordinate,
yCoordinate) triplet for a simple glyph. See
https://www.w3.org/TR/WOFF2/#triplet_decoding
(store_points, compute_bbox, composteGlyph_size, reconstruct_glyf):
New functions.
(reconstruct_font): Call `reconstruct_glyf'.
* src/sfnt/sfwoff2.h: Add required constants.
* src/sfnt/woff2tags.h: Move out constants to `sfwoff2.h'.
Copy un-transformed tables to the sfnt stream.
* src/sfnt/sfwoff2.c: (WRITE_SFNT_BUF): New macro.
(write_buf): New function. Extend memory of `dst' buffer and copy
bytes from `src'.
(compute_ULong_sum): New function. Calculate checksum of table.
(reconstruct_font): Change `FT_Byte* sfnt' to `FT_Byte**
sfnt_bytes'. This has been done because we reallocate memory to
`sfnt' multiple times, which may change the pointer value of `sfnt'.
This new pointer must be propogated back to the caller. Same reason
for using a double pointer in `write_buf'.
* src/sfnt/woff2tags.h (WOFF2_DEFAULT_MAX_SIZE): New macro used for
overflow checking.
Uncompressed buffer is now an `FT_Stream'.
Perform basic checks and start iterating over tables.
* src/sfnt/sfwoff2.c (stream_close, find_table, read_num_hmetrics):
New functions.
(reconstruct_font): Modify parameters and iterate over tables.
(woff2_open_font): Updated.
We `handle' TTCs by modifying the `indices' array to point to only
those tables that are part of the requested `face_index'.
Set and use `num_tables' in `WOFF2_TtcFont'.
* src/sfnt/sfwoff2.c (reconstruct_font): New function.
(woff2_open_font): Start reconstruction of font.
Change `KnownTags' to a function (`woff2_known_tags'). This avoids
introducing a global constant array. This function returns the
specified index without *any* checks. The caller must ensure that
`index' is within array limits.
* src/sfnt/sfwoff2.c (woff2_open_font): Change `KnownTags[...]'
notation to `woff2_known_tags( ... )'.
* src/sfnt/woff2tags.c: Perform changes.
* src/sfnt/woff2tags.h: Update definitions.
WOFF2 compressed stream is now uncompressed if Brotli is available.
This data is stored in a separate buffer (uncompressed_buf) because
it does not contain direct table data. Certain tables have
transformations applied to them, and they must be reconstructed
before we can write those tables to the SFNT stream.
`face_index' is now being passed as a parameter to
`woff2_open_font'.
* src/sfnt/sfobjs.c (sfnt_open_font): Add parameter
`face_instance_index'.
* src/sfnt/sfwoff2.c (woff2_uncompress): New function.
(woff2_open_font): Call `woff2_uncompress'.
(compute_first_table_offset): Fix return type.
* src/sfnt/sfwoff2.h (woff2_open_font): Modify declaration.