summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Update to latest bitmap codearv-testingArvinder Bhathal2017-07-283-43/+397
|
* Merge branch 'master' of git.sv.gnu.org:/srv/git/freetype/freetype2 into ↵Arvinder Bhathal2017-07-033-2/+17
|\ | | | | | | arv-testing
| * [truetype] Integer overflow.Werner Lemberg2017-07-032-1/+11
| | | | | | | | | | | | | | | | Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2455 * src/truetype/ttinterp.c (Ins_SCFS): Use SUB_LONG.
| * * src/sfnt/sfobjs.c (sfnt_load_face): Ignore No_Unicode_Glyph_Name.Alexei Podtelezhnikov2017-07-012-1/+6
| |
* | Add html generating codeArvinder Bhathal2017-06-306-0/+920
| |
* | Add tests folderArvinder Bhathal2017-06-291-0/+0
|/
* Avoid Microsoft compiler warnings (#51331).Ben Wagner2017-06-283-3/+15
| | | | | | | | | | While clang's sanitizer recommends a cast to unsigned for safe negation (to handle -INT_MIN), both MSVC and Visualc emit warning C4146 if an unsigned value gets negated. * include/freetype/internal/ftcalc.h (NEG_LONG, NEG_INT32), src/base/ftcalc.c (FT_MOVE_SIGN): Replace negation with a subtraction.
* * src/cff/cffparse.c (do_fixed): Fix typo.Werner Lemberg2017-06-272-1/+7
| | | | Spotted by chris <chris@gcjd.org>.
* [truetype] Integer overflows.Werner Lemberg2017-06-273-10/+24
| | | | | | | | | | | | Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2384 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2391 * src/base/ftcalc.c (FT_MulDiv, FT_MulDiv_No_Round, FT_DivFix): Use NEG_LONG. * src/truetype/ttinterp.c (Ins_SxVTL): Use NEG_LONG.
* [truetype] Integer overflows.Werner Lemberg2017-06-242-2/+12
| | | | | | | | Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2364 * src/truetype/ttinterp.c (Ins_ISECT): Use NEG_LONG.
* [cff, truetype] Integer overflows.Werner Lemberg2017-06-223-16/+31
| | | | | | | | | | | | Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2323 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2328 * src/cff/cf2blues.c (cf2_blues_capture): Use ADD_INT32 and SUB_INT32. * src/truetype/ttinterp.c (Ins_SDPVTL): Use SUB_LONG and NEG_LONG.
* [sfnt] Synthesize a Unicode charmap if one is missing.Alexei Podtelezhnikov2017-06-216-6/+163
| | | | | | | | | | | | | | | | * src/sfnt/ttcmap.h (tt_cmap_unicode_class_rec): Declare it. * src/sfnt/ttcmap.c (tt_get_glyph_name, tt_cmap_unicode_init, tt_cmap_unicode_done, tt_cmap_unicode_char_index, tt_cmap_unicode_char_next, tt_cmap_unicode_class_rec): Implement synthetic Unicode charmap class. (tt_get_cmap_info): Make sure the callback is available. * src/sfnt/sfobjs.c (sfnt_load_face) [FT_CONFIG_OPTION_POSTSCRIPT_NAMES]: If Unicode charmap is missing, synthesize one. * include/freetype/config/ftoption.h: Document it. * devel/ftoption.h: Ditto.
* Remove deprecated comment.Werner Lemberg2017-06-201-1/+0
|
* Fix pkg-config in freetype-config for cross-compiling (#51274).Tony Theodore2017-06-203-10/+21
| | | | | | | * builds/unix/unix-def.in (PKG_CONFIG): New variable. (freetype-config): Use it in sed expression. * builds/unix/freetype-config.in: s/pkg-config/%PKG_CONFIG%/.
* [cff, truetype] Integer overflows.Werner Lemberg2017-06-203-12/+34
| | | | | | | | | | | Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2300 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2313 * src/cff/cf2hints.c (cf2_hintmap_adjustHints): Use ADD_INT32. * src/truetype/ttinterp.c (Ins_ABS): Avoid FT_ABS.
* [base, smooth] LCD filtering cleanups.Alexei Podtelezhnikov2017-06-173-125/+104
| | | | | | | * src/base/ftlcdlil.c (ft_lcd_filter_fir, _ft_lcd_filter_legacy): Clean up, start filtering from the bottom-left origin. * src/smooth/ftsmooth.c (ft_smooth_render_generic): Updated.
* [truetype] Integer overflows.Werner Lemberg2017-06-162-11/+28
| | | | | | | | | | Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2270 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2278 * src/truetype/ttinterp.c (Ins_MDRP, _iup_worker_interpolate): Use ADD_LONG and SUB_LONG.
* [bdf, cff] Integer overflows.Werner Lemberg2017-06-153-13/+30
| | | | | | | | | | | | | Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2244 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2261 * src/bdf/bdfdrivr.c (BDF_Face_Init): Replace calls to FT_ABS with direct code to avoid value negation. * src/cff/cf2blues.c (cf2_blues_capture): Use SUB_INT32 and ADD_INT32.
* * src/winfonts/winfnt.c (FNT_Face_Init): Don't set active encoding.Werner Lemberg2017-06-149-44/+8
| | | | FreeType only sets a default active encoding for Unicode.
* [cff, truetype] Integer overflows.Werner Lemberg2017-06-133-6/+23
| | | | | | | | | | | Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2216 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2218 * src/cff/cf2fixed.h (cf2_fixedAbs): Use NEG_INT32. * src/truetype/ttinterp.c (Ins_IP): Use SUB_LONG.
* [cff] Integer overflows.Werner Lemberg2017-06-113-4/+20
| | | | | | | | | | | | | Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2200 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2210 * src/cff/cf2hints.c (cf2_hintmap_insertHint): Use SUB_INT32 and ADD_INT32. * src/cff/cf2intrp.c (cf2_interpT2CharString) <cf2_cmdVMOVETO>: Use ADD_INT32.
* [truetype] Fix TT_Set_Var_Design.Werner Lemberg2017-06-102-2/+11
| | | | | | | Reported by Nikolaus Waxweiler <madigens@gmail.com>. * src/truetype/ttgxvar.c (TT_Set_Var_Design): Correctly handle the case where we have less input coordinates than axes.
* * src/base/ftcalc.c (FT_DivFix): Fix embarrassing typo.Werner Lemberg2017-06-102-1/+7
| | | | Bug introduced 2017-05-28.
* [cff, truetype] Integer overflows.Werner Lemberg2017-06-093-26/+61
| | | | | | | | | | | | | | | | | | | | Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2144 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2151 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2153 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2173 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2186 * src/cff/cf2blues.c (cf2_blues_init): Use SUB_INT32. * src/truetype/ttinterp.c (Round_None, Round_To_Grid, Round_To_Half_Grid, Round_Down_To_Grid, Round_Up_To_Grid, Round_To_Double_Grid, Round_Super, Round_Super_45): Use ADD_LONG, SUB_LONG, NEG_LONG, FT_PIX_ROUND_LONG, FT_PIX_CEIL_LONG, FT_PAD_ROUND_LONG (Ins_SxVTL, Ins_MIRP): Use SUB_LONG. (_iup_worker_shift): Use SUB_LONG and ADD_LONG.
* Provide more macros for flooring, ceiling, and rounding.Werner Lemberg2017-06-092-2/+32
| | | | | | | | | | | These versions don't produce run-time errors due to integer overflow. * include/freetype/internal/ftobjs.h: Include FT_INTERNAL_CALC_H. (FT_PAD_ROUND_LONG, FT_PAD_CEIL_LONG, FT_PIX_ROUND_LONG, FT_PIX_CEIL_LONG): New macros. (FT_PAD_ROUND_INT32, FT_PAD_CEIL_INT32, FT_PIX_ROUND_INT32, FT_PIX_CEIL_INT32): New macros.
* Remove unused macros.Werner Lemberg2017-06-092-9/+7
| | | | | * include/freetype/internal/ftcalc.h (ADD_INT, SUB_INT, MUL_INT, NEG_INT): Deleted.
* */*: Remove `OVERFLOW_' prefix.Werner Lemberg2017-06-0917-491/+421
| | | | This increases readability.
* [cff, truetype] Integer overflows.Werner Lemberg2017-06-073-7/+25
| | | | | | | | | | | | Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2133 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2137 * src/cff/cf2hints.c (cf2_hint_init): Use OVERFLOW_SUB_INT32. * src/truetype/ttinterp.c (PROJECT, DUALPROJ): Use OVERFLOW_SUB_LONG.
* [cff] Integer overflow.Werner Lemberg2017-06-063-3/+20
| | | | | | | | | | | | | Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2109 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2110 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2122 * src/cff/cf2blues.c (cf2_blues_init): Use OVERFLOW_SUB_INT32. * src/cff/cf2hints.c (cf2_hintmap_map): Synchronize if-else branches.
* [cff] Integer overflow.Werner Lemberg2017-06-052-3/+16
| | | | | | | | Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2089 * src/cff/cffload.c (cff_blend_doBlend): User OVERFLOW_ADD_INT32.
* [cff, truetype] Integer overflows.Werner Lemberg2017-06-043-23/+41
| | | | | | | | | | | | Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2075 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2088 * src/cff/cf2font.c (cf2_font_setup): Use OVERFLOW_MUL_INT32. * src/truetype/ttinterp.c (Ins_ISECT): Use OVERFLOW_MUL_LONG, OVERFLOW_ADD_LONG, and OVERFLOW_SUB_LONG.
* [base, cff, truetype] Integer overflows.Werner Lemberg2017-06-036-36/+93
| | | | | | | | | | | | | | | | | | | | | | | Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2060 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2062 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2063 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2068 * src/base/ftobjs.c (ft_glyphslot_grid_fit_metrics): Use OVERFLOW_ADD_LONG and OVERFLOW_SUB_LONG. * src/cff/cf2blues.c (cf2_blues_capture), src/cff/cf2hints.c (cf2_hintmap_adjustHints): Use OVERFLOW_SUB_INT32. * src/truetype/ttgload.c (compute_glyph_metrics): User OVERFLOW_SUB_LONG. * src/truetype/ttinterp.c (Direct_Move, Direct_Move_Orig, Direct_Move_X, Direct_Move_Y, Direct_Move_Orig_X, Direct_Move_Orig_Y, Move_Zp2_Point, Ins_MSIRP): Use OVERFLOW_ADD_LONG and OVERFLOW_SUB_LONG.
* * builds/unix/freetype-config.in: Fix pkg-config test (#51162).Werner Lemberg2017-06-032-1/+7
| | | | Patch directly taken from bug report.
* [bdf] Synchronize sanity checks with pcf driver.Werner Lemberg2017-06-032-10/+111
| | | | | | | | | | | Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2054 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2058 * src/bdf/bdfdrivr.c (BDF_Face_Init): Check font ascent and descent. Check AVERAGE_WIDTH, POINT_SIZE, PIXEL_SIZE, RESOLUTION_X, and RESOLUTION_Y properties.
* [cff, truetype] Integer overflows.Werner Lemberg2017-06-034-6/+22
| | | | | | | | | | | | | Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2047 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2057 * src/cff/cf2hints.c (cf2_hintmap_map): Use OVERFLOW_SUB_INT32. * src/truetype/ttinterp.c (Ins_ADD): Use OVERFLOW_ADD_LONG. (Ins_SUB): Use OVERFLOW_SUB_LONG. (Ins_NEG): Use NEG_LONG.
* ftcalc.h: Avoid left-shift of negative numbers.Werner Lemberg2017-06-032-4/+15
| | | | | | | | | Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2055 * include/freetype/internal/ftcalc.h (INT_TO_F26DOT6, INT_TO_F2DOT14, INT_TO_FIXED, F2DOT14_TO_FIXED): Use multiplication.
* [cff] Even more integer overflows.Werner Lemberg2017-06-022-6/+19
| | | | | | | | | Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2046 * src/cff/cf2intrp.c (cf2_doStems, cf2_interpT2CharString): Use OVERFLOW_ADD_INT32.
* [cff] More integer overflows.Werner Lemberg2017-06-022-3/+16
| | | | | | | | Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2032 * src/cff/cf2blues.c (cf2_blues_init): Use OVERFLOW_SUB_INT32.
* [bdf] Don't left-shift negative numbers.Werner Lemberg2017-06-022-2/+12
| | | | | | | | Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2031 * src/bdf/bdfdrivr.c (BDF_Face_Init): Use multiplication.
* [bdf] Fix integer scanning routines.Werner Lemberg2017-06-022-4/+47
| | | | | | | | | Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2029 * src/bdf/bdflib.c (_bdf_atoul, _bdf_atol, _bdf_atous, _bdf_atos): Stop scanning if result would overflow.
* [cff] Fix integer overflows.Werner Lemberg2017-06-023-10/+27
| | | | | | | | | | Reported as https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2027 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=2028 * src/cff/cf2hints.c (cf2_hintmap_insertHint), src/cff/cf2intrp.c (cf2_doFlex): Use OVERFLOW_ADD_INT32 and OVERFLOW_SUB_INT32.
* [smooth] Some 32bit integer overflow run-time errors.Werner Lemberg2017-06-012-2/+24
| | | | | | | * src/smooth/ftgrays.c [STANDALONE] (OVERFLOW_ADD_LONG, OVERFLOW_SUB_LONG, OVERFLOW_MUL_LONG, NEG_LONG): New macros. [!STANDALONE]: Include FT_INTERNAL_CALC_H. (gray_render_cubic): Use those macros where appropriate.
* Minor comment.Werner Lemberg2017-06-011-0/+6
|
* * src/base/ftglyph.c (FT_Get_Glyph): Check `slot->advance'.Werner Lemberg2017-06-012-0/+17
|
* [psaux] 32bit integer overflow tun-time errors (#46149).Werner Lemberg2017-06-012-39/+60
| | | | | * src/psaux/t1decode.c (t1_decoder_parse_charstrings): Use OVERFLOW_ADD_LONG and OVERFLOW_SUB_LONG where appropriate.
* * src/truetype/ttinterp.c (TT_RunIns): Adjust loop counter again.Werner Lemberg2017-06-012-2/+11
| | | | | | | | Problem reported by Marek Kašík <mkasik@redhat.com>. The problematic font that exceeds the old limit is Padauk-Bold, version 3.002, containing bytecode generated by a buggy version of ttfautohint.
* [cff] 32bit integer overflow run-time errors 2/2 (#46149).Werner Lemberg2017-05-315-133/+276
| | | | | | | | | | | | | | | | | | | | | This commit handles the new engine. * include/freetype/internal/ftcalc.h (OVERFLOW_ADD_INT32, OVERFLOW_SUB_INT32, OVERFLOW_MUL_INT32, NEG_INT, NEG_LONG, NEG_INT32): New macros. * src/cff/cf2ft.c (cf2_getScaleAndHintFlag): Use OVERFLOW_ADD_INT32. * src/cff/cf2hints.c (cf2_getWindingMomentum, cf2_hint_init, cf2_hintmap_map, cf2_glyphpath_hintPoint, cf2_glyphpath_computeIntersection, cf2_glyphpath_computeOffset, cf2_glyphpath_lineTo, cf2_glyphpath_curveTo): Use OVERFLOW_ADD_INT32, OVERFLOW_SUB_INT32, OVERFLOW_MUL_INT32, and NEG_INT32 where appropriate. * src/cff/cf2intrp.c (cf2_doFlex, cf2_doBlend, cf2_interpT2CharString): Ditto. Also add some other code where needed to avoid overflow.
* [cff] 32bit integer overflow run-time errors 1/2 (#46149).Werner Lemberg2017-05-303-89/+161
| | | | | | | | | | | | | This commit handles the old engine. * src/cff/cffgload.c: Include FT_INTERNAL_CALC_H. (cff_decoder_parse_charstrings): Use OVERFLOW_ADD_LONG and OVERFLOW_SUB_LONG where needed. * src/cff/cffparse.c: Include FT_INTERNAL_CALC_H. (power_ten_limits): New static array. (do_fixed): Use it to prevent multiplication overflow. (cff_parser_run): Use OVERFLOW_ADD_LONG.
* [psaux] Correctly handle sequences of multiple number signs.Werner Lemberg2017-05-302-0/+15
| | | | | * src/psaux/psconv.c (PS_Conv_Strtol, PS_Conv_ToFixed): Return zero if we encounter more than a single sign.
* [pcf] 32bit integer overflow run-time errors (#46149).Werner Lemberg2017-05-292-9/+79
| | | | | | | | * src/pcf/pcfread.c (pcf_get_accel): Add sanity checks for `fontAscent' and `fontDescent'. (pcf_load_font): Add sanity checks for global height. Add sanity checks for AVERAGE_WIDTH, POINT_SIZE, PIXEL_SIZE, RESOLUTION_X, and RESOLUTION_Y properties.
View Lorry Controller Status