Alexei Podtelezhnikov pushed to branch master at FreeType / FreeType
Commits:
-
1bc801b0
by Alexei Podtelezhnikov at 2021-05-16T23:12:01-04:00
4 changed files:
Changes:
1 |
+2021-05-16 Alexei Podtelezhnikov <apodtele@gmail.com>
|
|
2 |
+ |
|
3 |
+ [sfnt] Additional guards on the POST table.
|
|
4 |
+ |
|
5 |
+ Fixes timeout (#1055) analyzed by Ben Wagner, reported as
|
|
6 |
+ |
|
7 |
+ https://crbug.com/1194092
|
|
8 |
+ |
|
9 |
+ * src/sfnt/ttload.c (tt_face_load_post): Check POST format.
|
|
10 |
+ * src/sfnt/sfobjs.c (sfnt_load_face): Synthesize the missing unicode
|
|
11 |
+ charmap only if the glyph names exist.
|
|
12 |
+ * src/psnames/psmodule.c (ps_unicode_value): Short cut ".notdef" and
|
|
13 |
+ ".null".
|
|
14 |
+ |
|
1 | 15 |
2021-05-13 Daniel McArdle <dmcardle@chromium.org>
|
2 | 16 |
|
3 | 17 |
[psaux] Use doubling allocation strategy for CF2_ArrStack.
|
... | ... | @@ -155,25 +155,24 @@ |
155 | 155 |
/* Look for a non-initial dot in the glyph name in order to */
|
156 | 156 |
/* find variants like `A.swash', `e.final', etc. */
|
157 | 157 |
{
|
158 |
- const char* p = glyph_name;
|
|
159 |
- const char* dot = NULL;
|
|
158 |
+ FT_UInt32 value = 0;
|
|
159 |
+ const char* p = glyph_name;
|
|
160 |
+ |
|
160 | 161 |
|
162 |
+ for ( ; *p && *p != '.'; p++ )
|
|
163 |
+ ;
|
|
161 | 164 |
|
162 |
- for ( ; *p; p++ )
|
|
165 |
+ /* now look up the glyph in the Adobe Glyph List; */
|
|
166 |
+ /* `.notdef', `.null' and the empty name are short cut */
|
|
167 |
+ if ( p > glyph_name )
|
|
163 | 168 |
{
|
164 |
- if ( *p == '.' && p > glyph_name )
|
|
165 |
- {
|
|
166 |
- dot = p;
|
|
167 |
- break;
|
|
168 |
- }
|
|
169 |
+ value = (FT_UInt32)ft_get_adobe_glyph_index( glyph_name, p );
|
|
170 |
+ |
|
171 |
+ if ( *p == '.' )
|
|
172 |
+ value |= (FT_UInt32)VARIANT_BIT;
|
|
169 | 173 |
}
|
170 | 174 |
|
171 |
- /* now look up the glyph in the Adobe Glyph List */
|
|
172 |
- if ( !dot )
|
|
173 |
- return (FT_UInt32)ft_get_adobe_glyph_index( glyph_name, p );
|
|
174 |
- else
|
|
175 |
- return (FT_UInt32)( ft_get_adobe_glyph_index( glyph_name, dot ) |
|
|
176 |
- VARIANT_BIT );
|
|
175 |
+ return value;
|
|
177 | 176 |
}
|
178 | 177 |
}
|
179 | 178 |
|
... | ... | @@ -1150,9 +1150,10 @@ |
1150 | 1150 |
}
|
1151 | 1151 |
|
1152 | 1152 |
/* synthesize Unicode charmap if one is missing */
|
1153 |
- if ( !has_unicode )
|
|
1153 |
+ if ( !has_unicode &&
|
|
1154 |
+ root->face_flags & FT_FACE_FLAG_GLYPH_NAMES )
|
|
1154 | 1155 |
{
|
1155 |
- FT_CharMapRec cmaprec;
|
|
1156 |
+ FT_CharMapRec cmaprec;
|
|
1156 | 1157 |
|
1157 | 1158 |
|
1158 | 1159 |
cmaprec.face = root;
|
... | ... | @@ -1312,6 +1312,12 @@ |
1312 | 1312 |
if ( FT_STREAM_READ_FIELDS( post_fields, post ) )
|
1313 | 1313 |
return error;
|
1314 | 1314 |
|
1315 |
+ if ( post->FormatType != 0x00030000L &&
|
|
1316 |
+ post->FormatType != 0x00025000L &&
|
|
1317 |
+ post->FormatType != 0x00020000L &&
|
|
1318 |
+ post->FormatType != 0x00010000L )
|
|
1319 |
+ return FT_THROW( Invalid_Post_Table_Format );
|
|
1320 |
+ |
|
1315 | 1321 |
/* we don't load the glyph names, we do that in another */
|
1316 | 1322 |
/* module (ttpost). */
|
1317 | 1323 |
|