diff options
| author | Konstantin Ritt <ritt.ks@gmail.com> | 2014-01-14 18:27:33 +0200 |
|---|---|---|
| committer | The Qt Project <gerrit-noreply@qt-project.org> | 2014-01-16 20:38:42 +0100 |
| commit | 84be1bd4d3ed8d2d9e65301649bc841ea4197fe2 (patch) | |
| tree | 5af8202cc36f092f2a7f40e075e2ac53d0288c06 /src/gui/text/qfontengine_ft.cpp | |
| parent | 2565ef220b9f261fc2d62869b8d38625e41bc6fd (diff) | |
Fix crash due to a stale pointer dereferencing
The HB face caching mechanism introduced in 227e9a40cfeb7e00658cd3
wasn't complete due that fact that HB-NG doesn't parse the entire
font table at once but rather references a table on-demand.
This incompleteness caused a crash in case the engine doesn't
get cached or when it removed from the cache and then re-used.
Task-number: QTBUG-36099
Change-Id: I7816836107655ce7cf6eb9683bb5dc7f892f9cd1
Reviewed-by: Lisandro Damián Nicanor Pérez Meyer <perezmeyer@gmail.com>
Reviewed-by: Michael Krasnyk <michael.krasnyk@gmail.com>
Reviewed-by: Lars Knoll <lars.knoll@digia.com>
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@digia.com>
Diffstat (limited to 'src/gui/text/qfontengine_ft.cpp')
| -rw-r--r-- | src/gui/text/qfontengine_ft.cpp | 29 |
1 files changed, 19 insertions, 10 deletions
diff --git a/src/gui/text/qfontengine_ft.cpp b/src/gui/text/qfontengine_ft.cpp index 42cf15ee3b..05bd014bd7 100644 --- a/src/gui/text/qfontengine_ft.cpp +++ b/src/gui/text/qfontengine_ft.cpp @@ -116,6 +116,21 @@ QT_BEGIN_NAMESPACE #define TRUNC(x) ((x) >> 6) #define ROUND(x) (((x)+32) & -64) +static bool ft_getSfntTable(void *user_data, uint tag, uchar *buffer, uint *length) +{ + FT_Face face = (FT_Face)user_data; + + bool result = false; + if (FT_IS_SFNT(face)) { + FT_ULong len = *length; + result = FT_Load_Sfnt_Table(face, tag, 0, buffer, &len) == FT_Err_Ok; + *length = len; + } + + return result; +} + + // -------------------------- Freetype support ------------------------------ class QtFreetypeData @@ -408,15 +423,7 @@ QFontEngine::Properties QFreetypeFace::properties() const bool QFreetypeFace::getSfntTable(uint tag, uchar *buffer, uint *length) const { - bool result = false; -#if (FREETYPE_MAJOR*10000 + FREETYPE_MINOR*100 + FREETYPE_PATCH) > 20103 - if (FT_IS_SFNT(face)) { - FT_ULong len = *length; - result = FT_Load_Sfnt_Table(face, tag, 0, buffer, &len) == FT_Err_Ok; - *length = len; - } -#endif - return result; + return ft_getSfntTable(face, tag, buffer, length); } /* Some fonts (such as MingLiu rely on hinting to scale different @@ -761,6 +768,8 @@ bool QFontEngineFT::init(FaceId faceId, bool antialias, GlyphFormat format, fontDef.styleName = QString::fromUtf8(face->style_name); if (!freetype->hbFace) { + faceData.user_data = face; + faceData.get_font_table = ft_getSfntTable; freetype->hbFace = harfbuzzFace(); freetype->hbFace_destroy_func = face_destroy_func; } else { @@ -1179,7 +1188,7 @@ QFixed QFontEngineFT::emSquareSize() const bool QFontEngineFT::getSfntTableData(uint tag, uchar *buffer, uint *length) const { - return freetype->getSfntTable(tag, buffer, length); + return ft_getSfntTable(freetype->face, tag, buffer, length); } int QFontEngineFT::synthesized() const |