Found with font fuzzying.
* src/psaux/t1decode.c (t1_decoder_parse_charstrings): Check
`decoder->buildchar'.
* src/type1/t1load.c (t1_load_keyword): Check `blend->num_designs'.
When shifting right a signed value, it is not defined by the
C standard whether one gets a sign extension or not. Use a macro to
do an explicit cast from a signed short (assuming that this is
16bit) to an int.
* src/psaux/t1decode.c (Fix2Int): New macro.
Use it where appropriate.
We want to unset FT_FACE_FLAG_SCALABLE only if there are bitmap
strikes in the font.
* src/truetype/ttobjs.c (tt_face_init): Implement it.
* docs/CHANGES: Updated.
The main problems
-----------------
o If FT_STROKER_LINEJOIN_BEVEL was specified, unlimited miter
joins (not bevel joins) were generated. Indeed, the meanings of
`miter' and `bevel' were incorrectly reversed (consistently) in
both the code and comments.
o The way bevel joins were constructed (whether specified
explicitly, or created as a result of exceeding the miter limit)
did not match what is required for stroked text in PostScript or
PDF.
The main fixes
--------------
o The behaviour of FT_STROKER_LINEJOIN_BEVEL has been corrected.
o A new line join style, FT_STROKER_LINEJOIN_MITER_FIXED, has been
introduced to support PostScript and PDF miter joins.
o FT_STROKER_LINEJOIN_MITER_VARIABLE has been introduced as an
alias for FT_STROKER_LINEJOIN_MITER.
Additionally, a variety of stroking errors have been fixed. These
would cause various artifacts (including points `at infinity'),
especially when stroking poor quality fonts.
See
http://lists.gnu.org/archive/html/freetype-devel/2011-07/msg00001.html
for example documents. The FreeType stroker now produces results
very similar to that produced by GhostScript and Distiller for these
fonts.
Other problems
--------------
The following problems have been resolved:
o Inside corners could be generated incorrectly. Intersecting the
inside corner could cause a missing triangular area and other
effects.
The intersection point can only be used if the join is between
two lines and both lines are long enough. The `optimization'
condition in `ft_stroker_inside' has been corrected; this
requires the line length to be passed into various functions and
stored in `FT_StrokerRec'.
o Incorrect cubic curves could be generated. The angle
calculations in `FT_Stroker_CubicTo' have been corrected to
handle the case of the curve crossing the +/-PI direction.
o If the border radius was greater than the radius of curvature of
a curve, then the negative sector would end up outside (not
inside) the border. This situation is now recognized and the
negative sector is circumnavigated in the opposite direction.
(If round line joins are being used, this code is disabled
because the line join will always cover the negative sector.)
o When a curve is split, the arcs may not join smoothly (especially
if the curve turns sharply back on itself). Changes in
direction between adjacent arcs were not handled. A round
corner is now added if the deviation from one arc to the next is
greater than a suitable threshold.
o The current direction wasn't retained if a the outline contained
a zero length lineto or a curve that was determined to be
`basically a point'. This could cause a spurious join to be
added.
o Cubics with close control points could be mishandled. All eight
cases are now distinguished correctly.
Other improvements
------------------
o Borders for cubic curves could be too `flat'.
FT_SMALL_CUBIC_THRESHOLD has been reduced a little to prevent
this.
o The handling and use of movable points has been simplified a
little.
o Various values are now computed only if the results are actually
needed.
o The directions of the outer and inner borders have been swapped,
as recommended by Graham Asher.
* src/base/ftstroke.c: Revised.
* include/freetype/ftstroke.h: Updated.
Passing uninitialized pointer to the buffer allocator is
not problematic theoretically (as far as the returned
pointer is checked before writing), but g++4.6 dislikes
it and warns by -Wuninitialized. Initialize them by NULL.
* src/base/ftobjs.c (FT_Stream_New): Init `stream'.
(new_memory_stream): Ditto.
(FT_New_GlyphSlot): Init `slot'.
(FT_CMap_New): Init `cmap'.
(open_face_PS_from_sfnt_stream): Init `sfnt_ps'.
(Mac_Read_POST_Resource): Init `pfb_data'.
(Mac_Read_sfnt_Resource): Init `sfnt_data'.
* src/base/ftrfork.c (FT_Raccess_Get_DataOffsets):
Init `offsets_internal' and `ref'.
(raccess_guess_darwin_hfsplus): Init `newpath'.
(raccess_guess_darwin_newvfs): Ditto.
* src/base/ftbitmap.c (ft_bitmap_assure_buffer):
Init `buffer'.
* src/base/ftstroke.c (FT_Stroker_New): Init `stroker'.
Some invalid, overrunning, unrecommended non-zero values
are cared in paranoid validation mode only. There are
many lines looking like:
if ( valid->root->level >= FT_VALIDATE_PARANOID )
FT_INVALID_xxx;
To simplify them, GXV_SET_ERR_IF_PARANOID( err ) is
introduced for more paranoid validation in future.
* src/gxvalid/gxvcommn.h (IS_PARANOID_VALIDATION):
New macro to assure valid->root->level is more or
equal to FT_VALIDATE_PARANOID. (GXV_SET_ERR_IF_PARANOID):
New macro to raise an error if in paranoid validation.
* src/gxvalid/gxvcommn.c: Use GXV_SET_ERR_IF_PARANOID().
* src/gxvalid/gxvfeat.c: Ditto.
* src/gxvalid/gxvjust.c: Ditto.
* src/gxvalid/gxvkern.c: Ditto.
* src/gxvalid/gxvmort.c: Ditto.
* src/gxvalid/gxvmort0.c: Ditto.
* src/gxvalid/gxvmort1.c: Ditto.
* src/gxvalid/gxvmort2.c: Ditto.
* src/gxvalid/gxvmorx1.c: Ditto.
* src/gxvalid/gxvmorx2.c: Ditto.
* src/gxvalid/gxvmort.c (gxv_mort_subtables_validate):
Conditionalize unvalidated variable `subFeatureFlags'.
(gxv_mort_chain_validate): Conditionalize unvalidated
variable `defaultFlags'.
* src/gxvalid/gxmort0.c
(gxv_mort_subtable_type0_entry_validate): Check the
conflict of the marks for the glyphs.
* src/gxvalid/gxmort1.c
(gxv_mort_subtable_type1_offset_to_subst_validate):
Local variables `min_gid', `max_gid' are replaced by
variables in the validator.
(gxv_mort_subtable_type1_entry_validate): Conditionalize
unvalidated variables; `setMark', `dontAdvance'.
(gxv_mort_subtable_type1_substTable_validate):
Validate the GID by the min/max GIDs in the validator.
* src/gxvalid/gxvmort2.c
(gxv_mort_subtable_type2_ligActionOffset_validate):
Conditionalize unvalidated variables; `last', `store'.
Checking for overrunning offset is added.
(gxv_mort_subtable_type2_entry_validate):
Conditionalize unvalidated variables; `setComponent',
`dontAdvance'.
(gxv_mort_subtable_type2_ligatureTable_validate):
Check if the GID for ligature does not exceed the
max GID in `maxp' table.
* src/gxvalid/gxvmort5.c
(gxv_mort_subtable_type5_InsertList_validate):
Conditionalize unvalidated loading of `insert_glyphID'
array. (gxv_mort_subtable_type5_entry_validate):
Conditionalize unvalidated variables; `setMark',
`dontAdvance', `currentIsKashidaLike',
`markedIsKashidaLike', `currentInsertBefore',
`markedInsertBefore'.
* src/gxvalid/gxvjust.c (gxv_just_check_max_gid):
New function to unify the checks of too large GID.
(gxv_just_wdp_entry_validate): Conditionalize unvalidated
variables; `beforeGrowLimit', `beforeShrinkGrowLimit',
`afterGrowLimit', `afterShrinkGrowLimit', `growFlags',
`shrinkFlags'. Additional check for non-zero values in
unused storage `justClass' is added.
(gxv_just_actSubrecord_type0_validate): Conditionalize
unvalidated variable `order'. GID is checked by
gxv_just_check_max_gid(). Additional check for upside-down
relationship between `lowerLimit' and `upperLimit' is added.
(gxv_just_actSubrecord_type1_validate): GID is checked by
gxv_just_check_max_gid().
(gxv_just_actSubrecord_type2_validate): Conditionalize
unvalidated variable `substThreshhold'. GID is checked by
gxv_just_check_max_gid().
(gxv_just_actSubrecord_type5_validate): GID is checked by
gxv_just_check_max_gid().
(gxv_just_classTable_entry_validate): Conditionalize
unvalidated variables; `setMark', `dontAdvance',
`markClass', `currentClass'.
* src/gxvalid/gxvcommn.h (GXV_LOAD_TRACE_VARS): New macro to
conditionalize the variable which is only used for trace messages.
Automatically set by FT_DEBUG_LEVEL_TRACE.
(GXV_LOAD_UNUSED_VARS): New macro to conditionalize the loading of
unvalidated variables. Undefined by default to calm gcc4.6 warning.
(GXV_ValidatorRec.{min_gid,max_gid}): New variables to hold defined
GID ranges, for the comparison of GID ranges in different subtables.
* src/autofit/afcjk.c (af_cjk_metrics_init_blues): Use casts and
remove unused variables.
* src/autofit/aflatin.c (af_latin_hints_compute_edges): Comment out
`up_dir'.
* src/smooth/ftsmooth.c (ft_smooth_render_generic): Use `height_org'
and `width_org' conditionalized.
To remove extremas of vertical strokes of CJK Ideographs at
low resolution and make the top and bottom horizontal stems
aligned, bluezones for CJK Ideographs are calculated from
sample glyphs. At present, vertical bluezones (bluezones
to align vertical stems) are disabled by default. For detail, see
http://lists.gnu.org/archive/html/freetype-devel/2011-04/msg00070.htmlhttp://lists.gnu.org/archive/html/freetype-devel/2011-04/msg00092.htmlhttp://lists.gnu.org/archive/html/freetype-devel/2011-05/msg00001.html
* include/freetype/internal/fttrace.h: New trace component `afcjk'.
* src/autofit/afcjk.h (AF_CJK{Blue,Axis,Metric}Rec): Add CJK version
for AF_Latin{Blue,Axis,Metric}Rec.
(af_cjk_metrics_check_digits): Ditto, shared with Indic module.
(af_cjk_metrics_init_widths): Ditto.
(af_cjk_metrics_init): Take AF_CJKMetric instead of AF_LatinMetric.
(af_cjk_metrics_scale): Ditto (declaration).
(af_cjk_hints_init): Ditto (declaration).
(af_cjk_hints_apply): Ditto (declaration).
* src/autofit/afcjk.c (af_cjk_metrics_scale): Ditto (body).
(af_cjk_hints_init): Ditto (body).
(af_cjk_hints_apply): Ditto (body).
(af_cjk_metrics_init_widths): Duplicate af_latin_metrics_init_widths.
(af_cjk_metrics_check_digits): Duplicate af_latin_metrics_check_digits.
(af_cjk_metrics_init): Call CJK bluezone initializer.
(af_cjk_metrics_scale_dim): Add code to scale bluezones.
(af_cjk_hints_compute_blue_edges): New function, CJK version of
af_latin_hints_compute_blue_edges.
(af_cjk_metrics_init_blues): New function, CJK version of
af_latin_metrics_init_blues.
(af_cjk_hints_edges): Add code to align the edge stems to blue zones.
* src/autofit/afindic.c (af_indic_metrics_init): Take AF_CJKMetric
instead of AF_LatinMetric, and initialize as af_cjk_metrics_init.
However bluezones are not initialized.
(af_indic_metrics_scale): Take AF_CJKMetric instead of AF_LatinMetric.
(af_indic_hints_init): Ditto.
(af_indic_hints_apply): Ditto.
* docs/CHANGES: Note about CJK bluezone support.
* src/truetype/ttobjs.c (tt_check_trickyness_sfnt_ids):
Add 8 checksum sets for NEC FA family. For the tricky fonts
without some tables (e.g. NEC FA fonts lack cvt table),
extra check is added to assure that 0-length table in the
registry is not included in the font.
Some PDF generators mangle the family name badly, prioritize
the check by the sfnt table checksums than the check by the
family name. For sample PDF, see
http://lists.gnu.org/archive/html/freetype-devel/2011-04/msg00073.html
* src/truetype/ttobjs.c (tt_check_trickyness): Exchange the order
of tt_check_trickyness_family() and tt_check_trickyness_sfnt_ids().
This makes FT_LOAD_IGNORE_GLOBAL_ADVANCE_WIDTH redundant,
deprecated, and ignored. The new behavior is what every major user
of FreeType has been requesting. Global advance is broken in many
CJK fonts. Just ignoring it by default makes most sense.
* src/truetype/ttdriver.c (tt_get_advances),
src/truetype/ttgload.c (TT_Get_HMetrics, TT_Get_VMetrics,
tt_get_metrics, compute_glyph_metrics, TT_Load_Glyph),
src/truetype/ttgload.h: Implement it.
* docs/CHANGES: Updated.
Werner Lemberg
Dirk Müller
Chris Morgan
Elton Chung
Steven Chu
Matthias Drochner
Алексей Подтележников
Just Fill Bugs
David Bevan
suzuki toshiya
Daniel Zimmermann
sssa
Behdad Esfahbod