summaryrefslogtreecommitdiffstats
path: root/src/3rdparty/freetype/src/pfr/pfrload.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/3rdparty/freetype/src/pfr/pfrload.c')
-rw-r--r--src/3rdparty/freetype/src/pfr/pfrload.c190
1 files changed, 149 insertions, 41 deletions
diff --git a/src/3rdparty/freetype/src/pfr/pfrload.c b/src/3rdparty/freetype/src/pfr/pfrload.c
index ec7311df56..2776da462a 100644
--- a/src/3rdparty/freetype/src/pfr/pfrload.c
+++ b/src/3rdparty/freetype/src/pfr/pfrload.c
@@ -4,7 +4,7 @@
/* */
/* FreeType PFR loader (body). */
/* */
-/* Copyright 2002-2015 by */
+/* Copyright 2002-2018 by */
/* David Turner, Robert Wilhelm, and Werner Lemberg. */
/* */
/* This file is part of the FreeType project, and may only be used, */
@@ -26,6 +26,93 @@
#define FT_COMPONENT trace_pfr
+ /*
+ * The overall structure of a PFR file is as follows.
+ *
+ * PFR header
+ * 58 bytes (contains nPhysFonts)
+ *
+ * Logical font directory (size at most 2^16 bytes)
+ * 2 bytes (nLogFonts)
+ * + nLogFonts * 5 bytes
+ *
+ * ==> nLogFonts <= 13106
+ *
+ * Logical font section (size at most 2^24 bytes)
+ * nLogFonts * logFontRecord
+ *
+ * logFontRecord (size at most 2^16 bytes)
+ * 12 bytes (fontMatrix)
+ * + 1 byte (flags)
+ * + 0-5 bytes (depending on `flags')
+ * + 0-(1+255*(2+255)) = 0-65536 (depending on `flags')
+ * + 5 bytes (physical font info)
+ * + 0-1 bytes (depending on PFR header)
+ *
+ * ==> minimum size 18 bytes
+ *
+ * Physical font section (size at most 2^24 bytes)
+ * nPhysFonts * (physFontRecord
+ * + nBitmapSizes * nBmapChars * bmapCharRecord)
+ *
+ * physFontRecord (size at most 2^24 bytes)
+ * 14 bytes (font info)
+ * + 1 byte (flags)
+ * + 0-2 (depending on `flags')
+ * + 0-? (structure too complicated to be shown here; depending on
+ * `flags'; contains `nBitmapSizes' and `nBmapChars')
+ * + 3 bytes (nAuxBytes)
+ * + nAuxBytes
+ * + 1 byte (nBlueValues)
+ * + 2 * nBlueValues
+ * + 6 bytes (hinting data)
+ * + 2 bytes (nCharacters)
+ * + nCharacters * (4-10 bytes) (depending on `flags')
+ *
+ * ==> minimum size 27 bytes
+ *
+ * bmapCharRecord
+ * 4-7 bytes
+ *
+ * Glyph program strings (three possible types: simpleGps, compoundGps,
+ * and bitmapGps; size at most 2^24 bytes)
+ * simpleGps (size at most 2^16 bytes)
+ * 1 byte (flags)
+ * 1-2 bytes (n[XY]orus, depending on `flags')
+ * 0-(64+512*2) = 0-1088 bytes (depending on `n[XY]orus')
+ * 0-? (structure too complicated to be shown here; depending on
+ * `flags')
+ * 1-? glyph data (faintly resembling PS Type 1 charstrings)
+ *
+ * ==> minimum size 3 bytes
+ *
+ * compoundGps (size at most 2^16 bytes)
+ * 1 byte (nElements <= 63, flags)
+ * + 0-(1+255*(2+255)) = 0-65536 (depending on `flags')
+ * + nElements * (6-14 bytes)
+ *
+ * bitmapGps (size at most 2^16 bytes)
+ * 1 byte (flags)
+ * 3-13 bytes (position info, depending on `flags')
+ * 0-? bitmap data
+ *
+ * ==> minimum size 4 bytes
+ *
+ * PFR trailer
+ * 8 bytes
+ *
+ *
+ * ==> minimum size of a valid PFR:
+ * 58 (header)
+ * + 2 (nLogFonts)
+ * + 27 (1 physFontRecord)
+ * + 8 (trailer)
+ * -----
+ * 95 bytes
+ *
+ */
+
+
/*************************************************************************/
/*************************************************************************/
/***** *****/
@@ -75,7 +162,8 @@
if ( extra->type == item_type )
{
error = extra->parser( p, p + item_size, item_data );
- if ( error ) goto Exit;
+ if ( error )
+ goto Exit;
break;
}
@@ -183,7 +271,8 @@
{
result = 0;
}
- return result;
+
+ return result;
}
@@ -206,8 +295,25 @@
FT_UInt result = 0;
- if ( FT_STREAM_SEEK( section_offset ) || FT_READ_USHORT( count ) )
+ if ( FT_STREAM_SEEK( section_offset ) ||
+ FT_READ_USHORT( count ) )
+ goto Exit;
+
+ /* check maximum value and a rough minimum size: */
+ /* - no more than 13106 log fonts */
+ /* - we need 5 bytes for a log header record */
+ /* - we need at least 18 bytes for a log font record */
+ /* - the overall size is at least 95 bytes plus the */
+ /* log header and log font records */
+ if ( count > ( ( 1 << 16 ) - 2 ) / 5 ||
+ 2 + count * 5 >= stream->size - section_offset ||
+ 95 + count * ( 5 + 18 ) >= stream->size )
+ {
+ FT_ERROR(( "pfr_log_font_count:"
+ " invalid number of logical fonts\n" ));
+ error = FT_THROW( Invalid_Table );
goto Exit;
+ }
result = count;
@@ -254,13 +360,14 @@
FT_UInt local;
- if ( FT_STREAM_SEEK( offset ) || FT_FRAME_ENTER( size ) )
+ if ( FT_STREAM_SEEK( offset ) ||
+ FT_FRAME_ENTER( size ) )
goto Exit;
p = stream->cursor;
limit = p + size;
- PFR_CHECK(13);
+ PFR_CHECK( 13 );
log_font->matrix[0] = PFR_NEXT_LONG( p );
log_font->matrix[1] = PFR_NEXT_LONG( p );
@@ -276,7 +383,7 @@
if ( flags & PFR_LOG_2BYTE_STROKE )
local++;
- if ( (flags & PFR_LINE_JOIN_MASK) == PFR_LINE_JOIN_MITER )
+ if ( ( flags & PFR_LINE_JOIN_MASK ) == PFR_LINE_JOIN_MITER )
local += 3;
}
if ( flags & PFR_LOG_BOLD )
@@ -308,10 +415,11 @@
if ( flags & PFR_LOG_EXTRA_ITEMS )
{
error = pfr_extra_items_skip( &p, limit );
- if (error) goto Fail;
+ if ( error )
+ goto Fail;
}
- PFR_CHECK(5);
+ PFR_CHECK( 5 );
log_font->phys_size = PFR_NEXT_USHORT( p );
log_font->phys_offset = PFR_NEXT_ULONG( p );
if ( size_increment )
@@ -358,7 +466,7 @@
PFR_CHECK( 5 );
- p += 3; /* skip bctSize */
+ p += 3; /* skip bctSize */
flags0 = PFR_NEXT_BYTE( p );
count = PFR_NEXT_BYTE( p );
@@ -434,12 +542,12 @@
}
- /* Load font ID. This is a so-called "unique" name that is rather
- * long and descriptive (like "Tiresias ScreenFont v7.51").
+ /* Load font ID. This is a so-called `unique' name that is rather
+ * long and descriptive (like `Tiresias ScreenFont v7.51').
*
* Note that a PFR font's family name is contained in an *undocumented*
- * string of the "auxiliary data" portion of a physical font record. This
- * may also contain the "real" style name!
+ * string of the `auxiliary data' portion of a physical font record. This
+ * may also contain the `real' style name!
*
* If no family name is present, the font ID is used instead for the
* family.
@@ -454,7 +562,7 @@
FT_UInt len = (FT_UInt)( limit - p );
- if ( phy_font->font_id != NULL )
+ if ( phy_font->font_id )
goto Exit;
if ( FT_ALLOC( phy_font->font_id, len + 1 ) )
@@ -481,7 +589,7 @@
FT_Memory memory = phy_font->memory;
- if ( phy_font->vertical.stem_snaps != NULL )
+ if ( phy_font->vertical.stem_snaps )
goto Exit;
PFR_CHECK( 1 );
@@ -507,7 +615,7 @@
Too_Short:
error = FT_THROW( Invalid_Table );
- FT_ERROR(( "pfr_exta_item_load_stem_snaps:"
+ FT_ERROR(( "pfr_extra_item_load_stem_snaps:"
" invalid stem snaps table\n" ));
goto Exit;
}
@@ -525,8 +633,6 @@
FT_Memory memory = phy_font->memory;
- FT_TRACE2(( "pfr_extra_item_load_kerning_pairs()\n" ));
-
if ( FT_NEW( item ) )
goto Exit;
@@ -612,7 +718,6 @@
}
-
static const PFR_ExtraItemRec pfr_phy_font_extra_items[] =
{
{ 1, (PFR_ExtraItem_ParseFunc)pfr_extra_item_load_bitmap_info },
@@ -623,7 +728,8 @@
};
- /* Loads a name from the auxiliary data. Since this extracts undocumented
+ /*
+ * Load a name from the auxiliary data. Since this extracts undocumented
* strings from the font file, we need to be careful here.
*/
static FT_Error
@@ -637,12 +743,14 @@
FT_UInt n, ok;
+ if ( *astring )
+ FT_FREE( *astring );
+
if ( len > 0 && p[len - 1] == 0 )
len--;
- /* check that each character is ASCII for making sure not to
- load garbage
- */
+ /* check that each character is ASCII */
+ /* for making sure not to load garbage */
ok = ( len > 0 );
for ( n = 0; n < len; n++ )
if ( p[n] < 32 || p[n] > 127 )
@@ -659,6 +767,7 @@
FT_MEM_COPY( result, p, len );
result[len] = 0;
}
+
Exit:
*astring = result;
return error;
@@ -729,7 +838,8 @@
phy_font->kern_items = NULL;
phy_font->kern_items_tail = &phy_font->kern_items;
- if ( FT_STREAM_SEEK( offset ) || FT_FRAME_ENTER( size ) )
+ if ( FT_STREAM_SEEK( offset ) ||
+ FT_FRAME_ENTER( size ) )
goto Exit;
phy_font->cursor = stream->cursor;
@@ -757,16 +867,16 @@
/* load the extra items when present */
if ( flags & PFR_PHY_EXTRA_ITEMS )
{
- error = pfr_extra_items_parse( &p, limit,
- pfr_phy_font_extra_items, phy_font );
+ error = pfr_extra_items_parse( &p, limit,
+ pfr_phy_font_extra_items, phy_font );
if ( error )
goto Fail;
}
- /* In certain fonts, the auxiliary bytes contain interesting */
- /* information. These are not in the specification but can be */
- /* guessed by looking at the content of a few PFR0 fonts. */
+ /* In certain fonts, the auxiliary bytes contain interesting */
+ /* information. These are not in the specification but can be */
+ /* guessed by looking at the content of a few PFR0 fonts. */
PFR_CHECK( 3 );
num_aux = PFR_NEXT_ULONG( p );
@@ -776,7 +886,7 @@
FT_Byte* q2;
- PFR_CHECK( num_aux );
+ PFR_CHECK_SIZE( num_aux );
p += num_aux;
while ( num_aux > 0 )
@@ -797,9 +907,8 @@
switch ( type )
{
case 1:
- /* this seems to correspond to the font's family name,
- * padded to 16-bits with one zero when necessary
- */
+ /* this seems to correspond to the font's family name, padded to */
+ /* an even number of bytes with a zero byte appended if needed */
error = pfr_aux_name_load( q, length - 4U, memory,
&phy_font->family_name );
if ( error )
@@ -817,9 +926,8 @@
break;
case 3:
- /* this seems to correspond to the font's style name,
- * padded to 16-bits with one zero when necessary
- */
+ /* this seems to correspond to the font's style name, padded to */
+ /* an even number of bytes with a zero byte appended if needed */
error = pfr_aux_name_load( q, length - 4U, memory,
&phy_font->style_name );
if ( error )
@@ -867,9 +975,6 @@
phy_font->num_chars = count = PFR_NEXT_USHORT( p );
phy_font->chars_offset = offset + (FT_Offset)( p - stream->cursor );
- if ( FT_NEW_ARRAY( phy_font->chars, count ) )
- goto Fail;
-
Size = 1 + 1 + 2;
if ( flags & PFR_PHY_2BYTE_CHARCODE )
Size += 1;
@@ -886,7 +991,10 @@
if ( flags & PFR_PHY_3BYTE_GPS_OFFSET )
Size += 1;
- PFR_CHECK( count * Size );
+ PFR_CHECK_SIZE( count * Size );
+
+ if ( FT_NEW_ARRAY( phy_font->chars, count ) )
+ goto Fail;
for ( n = 0; n < count; n++ )
{
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-26 16:00:49 +0000