ref: 7d1d3b9a0e9310376a559ad2eac8a9dc4c60ce59
parent: 734d60f63cfa27f9b337ddbb80adb9edd60475bf
author: Werner Lemberg <[email protected]>
date: Mon Aug 26 05:08:56 EDT 2019
[type1] Fix `FT_Get_Var_Axis_Flags' (#56804). * src/type1/t1load.c (T1_Get_MM_Var): Allocate space for axis flags. Also remove redundant assignment.
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,4 +1,11 @@
-2019-06-26 Alexei Podtelezhnikov <[email protected]>
+2019-08-26 Werner Lemberg <[email protected]>
+
+ [type1] Fix `FT_Get_Var_Axis_Flags' (#56804).
+
+ * src/type1/t1load.c (T1_Get_MM_Var): Allocate space for axis flags.
+ Also remove redundant assignment.
+
+2019-07-24 Alexei Podtelezhnikov <[email protected]>
* src/base/ftbbox.c (cubic_peak): Sanitize left shift (#56586).
--- a/docs/CHANGES
+++ b/docs/CHANGES
@@ -1,6 +1,19 @@
CHANGES BETWEEN 2.10.0 and 2.10.1
+ I. IMPORTANT CHANGES
+
+
+ II. MISCELLANEOUS
+
+ - Function `FT_Get_Var_Axis_Flags' returned random data for Type 1
+ MM fonts.
+
+
+======================================================================
+
+CHANGES BETWEEN 2.10.0 and 2.10.1
+
I. IMPORTANT BUG FIXES
- The bytecode hinting of OpenType variation fonts was flawed, since
--- a/src/truetype/ttgxvar.c
+++ b/src/truetype/ttgxvar.c
@@ -2127,7 +2127,7 @@
/* `fvar' table validity check in `sfnt_init_face' */
/* the various `*_size' variables, which we also use as */
- /* offsets into the `mmlen' array, must be multiples of the */
+ /* offsets into the `mmvar' array, must be multiples of the */
/* pointer size (except the last one); without such an */
/* alignment there might be runtime errors due to */
/* misaligned addresses */
--- a/src/type1/t1load.c
+++ b/src/type1/t1load.c
@@ -309,31 +309,55 @@
FT_UInt i;
FT_Fixed axiscoords[T1_MAX_MM_AXIS];
PS_Blend blend = face->blend;
+ FT_UShort* axis_flags;
+ FT_Offset mmvar_size;
+ FT_Offset axis_flags_size;
+ FT_Offset axis_size;
+
error = T1_Get_Multi_Master( face, &mmaster );
if ( error )
goto Exit;
- if ( FT_ALLOC( mmvar,
- sizeof ( FT_MM_Var ) +
- mmaster.num_axis * sizeof ( FT_Var_Axis ) ) )
+
+ /* the various `*_size' variables, which we also use as */
+ /* offsets into the `mmvar' array, must be multiples of the */
+ /* pointer size (except the last one); without such an */
+ /* alignment there might be runtime errors due to */
+ /* misaligned addresses */
+#undef ALIGN_SIZE
+#define ALIGN_SIZE( n ) \
+ ( ( (n) + sizeof (void*) - 1 ) & ~( sizeof (void*) - 1 ) )
+
+ mmvar_size = ALIGN_SIZE( sizeof ( FT_MM_Var ) );
+ axis_flags_size = ALIGN_SIZE( mmaster.num_axis *
+ sizeof ( FT_UShort ) );
+ axis_size = mmaster.num_axis * sizeof ( FT_Var_Axis );
+
+ if ( FT_ALLOC( mmvar, mmvar_size +
+ axis_flags_size +
+ axis_size ) )
goto Exit;
mmvar->num_axis = mmaster.num_axis;
mmvar->num_designs = mmaster.num_designs;
mmvar->num_namedstyles = 0; /* Not supported */
- mmvar->axis = (FT_Var_Axis*)&mmvar[1];
- /* Point to axes after MM_Var struct */
- mmvar->namedstyle = NULL;
+ /* while axis flags are meaningless here, we have to provide the array */
+ /* to make `FT_Get_Var_Axis_Flags' work: the function expects that the */
+ /* values directly follow the data of `FT_MM_Var' */
+ axis_flags = (FT_UShort*)( (char*)mmvar + mmvar_size );
for ( i = 0; i < mmaster.num_axis; i++ )
+ axis_flags[i] = 0;
+
+ mmvar->axis = (FT_Var_Axis*)( (char*)axis_flags + axis_flags_size );
+ mmvar->namedstyle = NULL;
+
+ for ( i = 0; i < mmaster.num_axis; i++ )
{mmvar->axis[i].name = mmaster.axis[i].name;
mmvar->axis[i].minimum = INT_TO_FIXED( mmaster.axis[i].minimum );
mmvar->axis[i].maximum = INT_TO_FIXED( mmaster.axis[i].maximum );
- mmvar->axis[i].def = ( mmvar->axis[i].minimum +
- mmvar->axis[i].maximum ) / 2;
- /* Does not apply. But this value is in range */
mmvar->axis[i].strid = ~0U; /* Does not apply */
mmvar->axis[i].tag = ~0U; /* Does not apply */