diff options
| author | Arne Coucheron <arco68@gmail.com> | 2011-08-24 05:32:14 +0200 |
|---|---|---|
| committer | Arne Coucheron <arco68@gmail.com> | 2011-08-24 05:32:14 +0200 |
| commit | 6a26dd05f335a4ebab267657ae31bb7ee7114625 (patch) | |
| tree | f5a0d98f1d887b8063987f5e9b58a4ed2931833e /src/sfnt | |
| parent | 1db8a080668ca5428a7f000f668ebf8bec20ad08 (diff) | |
| download | android_external_freetype-gb-release-7.2.tar.gz android_external_freetype-gb-release-7.2.tar.bz2 android_external_freetype-gb-release-7.2.zip | |
Upgrade freetype to 2.4.6cm-7.1.0gingerbread-releasegingerbreadgb-release-7.2
CHANGES BETWEEN 2.4.5 and 2.4.6
I. IMPORTANT BUG FIXES
- For TrueType based fonts, the ascender and descender values were
incorrect sometimes (off by a pixel if the ppem value was not a
multiple of 5). Depending on the use you might now experience
a different layout; the change should result in better, more
consistent line spacing.
- Fix CVE-2011-0226 which causes a vulnerability while handling
Type 1 fonts.
- BDF fonts containing glyphs with negative values for ENCODING
were incorrectly rejected. This bug has been introduced in
FreeType version 2.2.0.
- David Bevan contributed a major revision of the FreeType stroker
code:
. The behaviour of FT_STROKER_LINEJOIN_BEVEL has been corrected.
. A new line join style, FT_STROKER_LINEJOIN_MITER_FIXED, has
been introduced to support PostScript and PDF miter joins.
. FT_STROKER_LINEJOIN_MITER_VARIABLE has been introduced as an
alias for FT_STROKER_LINEJOIN_MITER.
. Various stroking glitches has been fixed.
II. MISCELLANEOUS
- SFNT bitmap fonts which contain an outline glyph for `.notdef'
only no longer set the FT_FACE_FLAG_SCALABLE flag.
CHANGES BETWEEN 2.4.4 and 2.4.5
I. IMPORTANT BUG FIXES
- A rendering regression for second-order Bézier curves has been
fixed, introduced in 2.4.3.
II. IMPORTANT CHANGES
- If autohinting is not explicitly disabled, FreeType now uses
the autohinter if a TrueType based font doesn't contain native
hints.
- The load flag FT_LOAD_IGNORE_GLOBAL_ADVANCE_WIDTH has been made
redundant and is simply ignored; this means that FreeType now
ignores the global advance width value in TrueType fonts.
III. MISCELLANEOUS
- `FT_Sfnt_Table_Info' can now return the number of SFNT tables of
a font.
- Support for PCF files compressed with bzip2 has been contributed
by Joel Klinghed. To make this work, the OS must provide a
bzip2 library.
- Bradley Grainger contributed project and solution files in
Visual Studio 2010 format.
- Again some fixes to better handle broken fonts.
- Some improvements to the B/W rasterizer.
- Fixes to the cache module to improve robustness.
- Just Fill Bugs contributed (experimental) code to compute blue
zones for CJK Ideographs, improving the alignment of horizontal
stems at the top or bottom edges.
- The `ftgrid' demo program can now display autohinter segments,
to be toggled on and off with key `s'.
CHANGES BETWEEN 2.4.3 and 2.4.4
I. IMPORTANT BUG FIXES
- UVS support (TrueType/OpenType cmap format 14) support is fixed.
This regression has been introduced in version 2.4.0.
II. MISCELLANEOUS
- Detect tricky fonts (e.g. MingLiU) by the lengths and checksums
of Type42-persistent subtables (`cvt ', `fpgm', and `prep') when
a TrueType font without family name is given. The previous fix,
introduced in 2.4.3, was too rigorous, causing many subsetted
fonts (mainly from PDF files) displayed badly because FreeType
forced rendering with the TrueType bytecode engine instead of
the autohinter.
- Better support for 64bit platforms.
- More fixes to improve handling of broken fonts.
CHANGES BETWEEN 2.4.2 and 2.4.3
I. IMPORTANT BUG FIXES
- Fix rendering of certain cubic, S-shaped arcs. This regression
has been introduced in version 2.4.0.
II. MISCELLANEOUS
- To fix the above mentioned rendering issue, a new spline
flattening algorithm has been introduced which speeds up both
conic and cubic arcs.
- Handling of broken fonts has been further improved.
Change-Id: Ie06b74b29738a34d686ab1132e9fa44d5d258d1c
Diffstat (limited to 'src/sfnt')
| -rw-r--r-- | src/sfnt/sfdriver.c | 19 | ||||
| -rw-r--r-- | src/sfnt/sfobjs.c | 80 | ||||
| -rw-r--r-- | src/sfnt/ttload.c | 15 | ||||
| -rw-r--r-- | src/sfnt/ttmtx.c | 4 | ||||
| -rw-r--r-- | src/sfnt/ttpost.c | 60 | ||||
| -rw-r--r-- | src/sfnt/ttsbit.c | 2 |
6 files changed, 119 insertions, 61 deletions
diff --git a/src/sfnt/sfdriver.c b/src/sfnt/sfdriver.c index b74679b..247aa67 100644 --- a/src/sfnt/sfdriver.c +++ b/src/sfnt/sfdriver.c @@ -4,7 +4,7 @@ /* */ /* High-level SFNT driver interface (body). */ /* */ -/* Copyright 1996-2001, 2002, 2003, 2004, 2005, 2006, 2007, 2009, 2010 by */ +/* Copyright 1996-2007, 2009-2011 by */ /* David Turner, Robert Wilhelm, and Werner Lemberg. */ /* */ /* This file is part of the FreeType project, and may only be used, */ @@ -117,15 +117,20 @@ FT_ULong *offset, FT_ULong *length ) { - if ( !tag || !offset || !length ) + if ( !offset || !length ) return SFNT_Err_Invalid_Argument; - if ( idx >= face->num_tables ) - return SFNT_Err_Table_Missing; + if ( !tag ) + *length = face->num_tables; + else + { + if ( idx >= face->num_tables ) + return SFNT_Err_Table_Missing; - *tag = face->dir_tables[idx].Tag; - *offset = face->dir_tables[idx].Offset; - *length = face->dir_tables[idx].Length; + *tag = face->dir_tables[idx].Tag; + *offset = face->dir_tables[idx].Offset; + *length = face->dir_tables[idx].Length; + } return SFNT_Err_Ok; } diff --git a/src/sfnt/sfobjs.c b/src/sfnt/sfobjs.c index 6e35e2d..44471f6 100644 --- a/src/sfnt/sfobjs.c +++ b/src/sfnt/sfobjs.c @@ -4,7 +4,7 @@ /* */ /* SFNT object management (base). */ /* */ -/* Copyright 1996-2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2010 by */ +/* Copyright 1996-2008, 2010-2011 by */ /* David Turner, Robert Wilhelm, and Werner Lemberg. */ /* */ /* This file is part of the FreeType project, and may only be used, */ @@ -356,7 +356,7 @@ FT_FRAME_START( 8 ), FT_FRAME_LONG( version ), - FT_FRAME_LONG( count ), + FT_FRAME_LONG( count ), /* this is ULong in the specs */ FT_FRAME_END }; @@ -390,6 +390,17 @@ if ( FT_STREAM_READ_FIELDS( ttc_header_fields, &face->ttc_header ) ) return error; + if ( face->ttc_header.count == 0 ) + return SFNT_Err_Invalid_Table; + + /* a rough size estimate: let's conservatively assume that there */ + /* is just a single table info in each subfont header (12 + 16*1 = */ + /* 28 bytes), thus we have (at least) `12 + 4*count' bytes for the */ + /* size of the TTC header plus `28*count' bytes for all subfont */ + /* headers */ + if ( (FT_ULong)face->ttc_header.count > stream->size / ( 28 + 4 ) ) + return SFNT_Err_Array_Too_Large; + /* now read the offsets of each font in the file */ if ( FT_NEW_ARRAY( face->ttc_header.offsets, face->ttc_header.count ) ) return error; @@ -536,7 +547,7 @@ FT_UNUSED( face_index ); /* Check parameters */ - + { FT_Int i; @@ -571,12 +582,12 @@ /* do we have outlines in there? */ #ifdef FT_CONFIG_OPTION_INCREMENTAL - has_outline = FT_BOOL( face->root.internal->incremental_interface != 0 || - tt_face_lookup_table( face, TTAG_glyf ) != 0 || - tt_face_lookup_table( face, TTAG_CFF ) != 0 ); + has_outline = FT_BOOL( face->root.internal->incremental_interface != 0 || + tt_face_lookup_table( face, TTAG_glyf ) != 0 || + tt_face_lookup_table( face, TTAG_CFF ) != 0 ); #else - has_outline = FT_BOOL( tt_face_lookup_table( face, TTAG_glyf ) != 0 || - tt_face_lookup_table( face, TTAG_CFF ) != 0 ); + has_outline = FT_BOOL( tt_face_lookup_table( face, TTAG_glyf ) != 0 || + tt_face_lookup_table( face, TTAG_CFF ) != 0 ); #endif is_apple_sbit = 0; @@ -651,8 +662,9 @@ if ( face->format_tag == TTAG_true ) { FT_TRACE2(( "This is an SFNT Mac font.\n" )); + has_outline = 0; - error = SFNT_Err_Ok; + error = SFNT_Err_Ok; } else { @@ -691,9 +703,7 @@ LOAD_( os2 ); if ( error ) { - if ( error != SFNT_Err_Table_Missing ) - goto Exit; - + /* we treat the table as missing if there are any errors */ face->os2.version = 0xFFFFU; } } @@ -989,40 +999,36 @@ /* table cannot be used to compute the text height reliably! */ /* */ - /* The ascender/descender/height are computed from the OS/2 table */ - /* when found. Otherwise, they're taken from the horizontal */ - /* header. */ - /* */ + /* The ascender and descender are taken from the `hhea' table. */ + /* If zero, they are taken from the `OS/2' table. */ root->ascender = face->horizontal.Ascender; root->descender = face->horizontal.Descender; - root->height = (FT_Short)( root->ascender - root->descender + - face->horizontal.Line_Gap ); - -#if 0 - /* if the line_gap is 0, we add an extra 15% to the text height -- */ - /* this computation is based on various versions of Times New Roman */ - if ( face->horizontal.Line_Gap == 0 ) - root->height = (FT_Short)( ( root->height * 115 + 50 ) / 100 ); -#endif /* 0 */ + root->height = (FT_Short)( root->ascender - root->descender + + face->horizontal.Line_Gap ); -#if 0 - /* some fonts have the OS/2 "sTypoAscender", "sTypoDescender" & */ - /* "sTypoLineGap" fields set to 0, like ARIALNB.TTF */ - if ( face->os2.version != 0xFFFFU && root->ascender ) + if ( !( root->ascender || root->descender ) ) { - FT_Int height; - + if ( face->os2.version != 0xFFFFU ) + { + if ( face->os2.sTypoAscender || face->os2.sTypoDescender ) + { + root->ascender = face->os2.sTypoAscender; + root->descender = face->os2.sTypoDescender; - root->ascender = face->os2.sTypoAscender; - root->descender = -face->os2.sTypoDescender; + root->height = (FT_Short)( root->ascender - root->descender + + face->os2.sTypoLineGap ); + } + else + { + root->ascender = (FT_Short)face->os2.usWinAscent; + root->descender = -(FT_Short)face->os2.usWinDescent; - height = root->ascender + root->descender + face->os2.sTypoLineGap; - if ( height > root->height ) - root->height = height; + root->height = (FT_UShort)( root->ascender - root->descender ); + } + } } -#endif /* 0 */ root->max_advance_width = face->horizontal.advance_Width_Max; root->max_advance_height = (FT_Short)( face->vertical_info diff --git a/src/sfnt/ttload.c b/src/sfnt/ttload.c index 1c174af..5fb9aea 100644 --- a/src/sfnt/ttload.c +++ b/src/sfnt/ttload.c @@ -384,6 +384,10 @@ entry = face->dir_tables; + FT_TRACE2(( "\n" + " tag offset length checksum\n" + " ----------------------------------\n" )); + for ( nn = 0; nn < sfnt.num_tables; nn++ ) { entry->Tag = FT_GET_TAG4(); @@ -396,13 +400,14 @@ continue; else { - FT_TRACE2(( " %c%c%c%c - %08lx - %08lx\n", + FT_TRACE2(( " %c%c%c%c %08lx %08lx %08lx\n", (FT_Char)( entry->Tag >> 24 ), (FT_Char)( entry->Tag >> 16 ), (FT_Char)( entry->Tag >> 8 ), (FT_Char)( entry->Tag ), entry->Offset, - entry->Length )); + entry->Length, + entry->CheckSum )); entry++; } } @@ -680,9 +685,9 @@ /* broken fonts like `Keystrokes MT' :-( */ /* */ /* We allocate 64 function entries by default when */ - /* the maxFunctionDefs field is null. */ + /* the maxFunctionDefs value is smaller. */ - if ( maxProfile->maxFunctionDefs == 0 ) + if ( maxProfile->maxFunctionDefs < 64 ) maxProfile->maxFunctionDefs = 64; /* we add 4 phantom points later */ @@ -1208,7 +1213,7 @@ FT_Memory memory = stream->memory; FT_UInt j,num_ranges; - TT_GaspRange gaspranges; + TT_GaspRange gaspranges = NULL; /* the gasp table is optional */ diff --git a/src/sfnt/ttmtx.c b/src/sfnt/ttmtx.c index 53e6ac7..73ac8b2 100644 --- a/src/sfnt/ttmtx.c +++ b/src/sfnt/ttmtx.c @@ -4,7 +4,7 @@ /* */ /* Load the metrics tables common to TTF and OTF fonts (body). */ /* */ -/* Copyright 2006, 2007, 2008, 2009 by */ +/* Copyright 2006-2009, 2011 by */ /* David Turner, Robert Wilhelm, and Werner Lemberg. */ /* */ /* This file is part of the FreeType project, and may only be used, */ @@ -163,7 +163,7 @@ { FT_TRACE0(( "tt_face_load_hmtx:" " %cmtx has more metrics than glyphs.\n", - vertical ? "v" : "h" )); + vertical ? 'v' : 'h' )); /* Adobe simply ignores this problem. So we shall do the same. */ #if 0 diff --git a/src/sfnt/ttpost.c b/src/sfnt/ttpost.c index aa0bf1e..6f4bb1d 100644 --- a/src/sfnt/ttpost.c +++ b/src/sfnt/ttpost.c @@ -5,7 +5,7 @@ /* Postcript name table processing for TrueType and OpenType fonts */ /* (body). */ /* */ -/* Copyright 1996-2001, 2002, 2003, 2006, 2007, 2008, 2009 by */ +/* Copyright 1996-2001, 2002, 2003, 2006, 2007, 2008, 2009, 2010 by */ /* David Turner, Robert Wilhelm, and Werner Lemberg. */ /* */ /* This file is part of the FreeType project, and may only be used, */ @@ -26,6 +26,7 @@ #include <ft2build.h> +#include FT_INTERNAL_DEBUG_H #include FT_INTERNAL_STREAM_H #include FT_TRUETYPE_TAGS_H #include "ttpost.h" @@ -153,7 +154,8 @@ static FT_Error load_format_20( TT_Face face, - FT_Stream stream ) + FT_Stream stream, + FT_Long post_limit ) { FT_Memory memory = stream->memory; FT_Error error; @@ -230,13 +232,46 @@ FT_UInt len; - if ( FT_READ_BYTE ( len ) || - FT_NEW_ARRAY( name_strings[n], len + 1 ) || - FT_STREAM_READ ( name_strings[n], len ) ) + if ( FT_STREAM_POS() >= post_limit ) + break; + else + { + FT_TRACE6(( "load_format_20: %d byte left in post table\n", + post_limit - FT_STREAM_POS() )); + + if ( FT_READ_BYTE( len ) ) + goto Fail1; + } + + if ( (FT_Int)len > post_limit || + FT_STREAM_POS() > post_limit - (FT_Int)len ) + { + FT_ERROR(( "load_format_20:" + " exceeding string length (%d)," + " truncating at end of post table (%d byte left)\n", + len, post_limit - FT_STREAM_POS() )); + len = FT_MAX( 0, post_limit - FT_STREAM_POS() ); + } + + if ( FT_NEW_ARRAY( name_strings[n], len + 1 ) || + FT_STREAM_READ( name_strings[n], len ) ) goto Fail1; name_strings[n][len] = '\0'; } + + if ( n < num_names ) + { + FT_ERROR(( "load_format_20:" + " all entries in post table are already parsed," + " using NULL names for gid %d - %d\n", + n, num_names - 1 )); + for ( ; n < num_names; n++ ) + if ( FT_NEW_ARRAY( name_strings[n], 1 ) ) + goto Fail1; + else + name_strings[n][0] = '\0'; + } } /* all right, set table fields and exit successfully */ @@ -271,7 +306,8 @@ static FT_Error load_format_25( TT_Face face, - FT_Stream stream ) + FT_Stream stream, + FT_Long post_limit ) { FT_Memory memory = stream->memory; FT_Error error; @@ -279,6 +315,8 @@ FT_Int num_glyphs; FT_Char* offset_table = 0; + FT_UNUSED( post_limit ); + /* UNDOCUMENTED! This value appears only in the Apple TT specs. */ if ( FT_READ_USHORT( num_glyphs ) ) @@ -338,16 +376,20 @@ FT_Stream stream; FT_Error error; FT_Fixed format; + FT_ULong post_len; + FT_Long post_limit; /* get a stream for the face's resource */ stream = face->root.stream; /* seek to the beginning of the PS names table */ - error = face->goto_table( face, TTAG_post, stream, 0 ); + error = face->goto_table( face, TTAG_post, stream, &post_len ); if ( error ) goto Exit; + post_limit = FT_STREAM_POS() + post_len; + format = face->postscript.FormatType; /* go to beginning of subtable */ @@ -356,9 +398,9 @@ /* now read postscript table */ if ( format == 0x00020000L ) - error = load_format_20( face, stream ); + error = load_format_20( face, stream, post_limit ); else if ( format == 0x00028000L ) - error = load_format_25( face, stream ); + error = load_format_25( face, stream, post_limit ); else error = SFNT_Err_Invalid_File_Format; diff --git a/src/sfnt/ttsbit.c b/src/sfnt/ttsbit.c index faa8f88..283ba7e 100644 --- a/src/sfnt/ttsbit.c +++ b/src/sfnt/ttsbit.c @@ -1343,7 +1343,7 @@ /* All right, we have a compound format. First of all, read */ /* the array of elements. */ { - TT_SBit_Component components; + TT_SBit_Component components = NULL; TT_SBit_Component comp; FT_UShort num_components, count; |