shithub: freetype+ttf2subf

git/fs: mount .git/fs: mount/attach disallowed

--- a/ChangeLog

+++ b/ChangeLog

@@ -1,3 +1,16 @@

+2017-09-30  Alexei Podtelezhnikov  <[email protected]>

+	Signedness fixes in bitmap presetting.

+	Reported as

+	  https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3514.

+	* src/raster/ftrend1.c (ft_raster1_render): Exlicitly signed height.

+	* src/smooth/ftsmooth.c (ft_smooth_render_generic): Ditto.

+	* src/base/ftobjs.c (ft_glyphslot_preset_bitmap): Explicitly unsigned

+	subtraction.

 2017-09-29  Alexei Podtelezhnikov  <[email protected]>

 	Bitmap metrics presetting [2/2].

--- a/src/base/ftobjs.c

+++ b/src/base/ftobjs.c

@@ -425,8 +425,8 @@

     x_left  = cbox.xMin >> 6;

     y_top   = cbox.yMax >> 6;

-    width  = (FT_ULong)( cbox.xMax - cbox.xMin ) >> 6;

-    height = (FT_ULong)( cbox.yMax - cbox.yMin ) >> 6;

+    width  = ( (FT_ULong)cbox.xMax - (FT_ULong)cbox.xMin ) >> 6;

+    height = ( (FT_ULong)cbox.yMax - (FT_ULong)cbox.yMin ) >> 6;

     switch ( pixel_mode )

--- a/src/raster/ftrend1.c

+++ b/src/raster/ftrend1.c

@@ -137,7 +137,7 @@

     slot->internal->flags |= FT_GLYPH_OWN_BITMAP;

     x_shift = -slot->bitmap_left * 64;

-    y_shift = ( bitmap->rows - slot->bitmap_top ) * 64;

+    y_shift = ( (FT_Int)bitmap->rows - slot->bitmap_top ) * 64;

     if ( origin )

--- a/src/smooth/ftsmooth.c

+++ b/src/smooth/ftsmooth.c

@@ -141,9 +141,9 @@

     x_shift = 64 * -slot->bitmap_left;

     y_shift = 64 * -slot->bitmap_top;

     if ( bitmap->pixel_mode == FT_PIXEL_MODE_LCD_V )

-      y_shift += 64 * bitmap->rows / 3;

+      y_shift += 64 * (FT_Int)bitmap->rows / 3;

     else

-      y_shift += 64 * bitmap->rows;

+      y_shift += 64 * (FT_Int)bitmap->rows;

     if ( origin )