Commit Graph

74 Commits

Author SHA1 Message Date
Behdad Esfahbod 87205ef935 [aat] Make sure Lookup offset is never nulled
It has unbounded size...

Fixes https://oss-fuzz.com/v2/testcase-detail/5718889451749376
2018-10-16 15:41:00 -07:00
Behdad Esfahbod 7efa38257b [aat] More protection against buffer fail 2018-10-14 19:30:44 -07:00
Behdad Esfahbod 44af1f93ee [aat] Whitespace 2018-10-14 14:52:17 -07:00
Behdad Esfahbod 2c824d3644 [aat] Fix two wrongs that made a right before!
Unfortunately our static asserts (DEFINE_SIZE_STATIC) don't actually
fail when used in templates, thanks to SFINAE.  Le sighs.

Probably fixes https://oss-fuzz.com/v2/testcase-detail/5740171484463104
2018-10-11 16:43:05 -04:00
Behdad Esfahbod e940530c97 [aat] Fix mul overflow
Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10897
2018-10-11 15:56:17 -04:00
Behdad Esfahbod d6a12dba6d [trak] Fix, and hook up
Works beautifully!  Test coming.
2018-10-11 11:10:06 -04:00
Behdad Esfahbod 1622ba5943 [kerx] Implement Format4 'ankr'-based mark attachment
Tested with Kannada MN:

$ HB_OPTIONS=aat ./hb-shape Kannada\ MN.ttc -u 0CCD,0C95,0CD6
[kn_ka.vattu=0+230|kn_ai_length_mark=1@326,0+607]
2018-10-11 01:17:33 -04:00
Behdad Esfahbod 7bb4da7d95 [aat] Wire up 'ankr' table to apply context 2018-10-11 00:52:07 -04:00
Behdad Esfahbod 7727e73756 [kerx] Actually hook up, and fix crash 2018-10-10 13:24:51 -04:00
Behdad Esfahbod d35315cc02 [aat] Fixup recent commit
For 329f240108

max_ops is signed.
2018-10-09 23:17:32 -04:00
Behdad Esfahbod 329f240108 [aat] Set embedded sanitizer max ops really high
Since we consume it legitimately during shaping.
2018-10-09 23:03:20 -04:00
Behdad Esfahbod 53e5594500 [kerx] Implement Format0 apply()
Not hooked up to be called yet.
2018-10-09 22:35:22 -04:00
Behdad Esfahbod 456a68c506 Move code 2018-10-07 22:28:45 -04:00
Behdad Esfahbod 3515c8b187 [aat] Rename 2018-10-07 22:27:00 -04:00
Behdad Esfahbod 7ee50af836 [morx] Fix memory access issues with unsafe_to_break 2018-10-06 21:31:44 +02:00
Behdad Esfahbod 4831e615d1 [morx] Fix memory access issue
If buffer was enlarged, info was being outdated.

Fixes https://github.com/harfbuzz/harfbuzz/issues/1225
2018-10-05 18:14:13 +02:00
Behdad Esfahbod 98ac01d3b3 [morx] Break out if buffer gets into error
Was getting stuck not making progress somehow.
2018-10-01 12:10:00 +02:00
Behdad Esfahbod 0739b28169 [aat] Minor 2018-09-19 17:32:21 -04:00
Behdad Esfahbod 10642b3fbf Disallow null-enabled offsets to unsized structures...
...like UnsizedArrayOf<>.

This fixes a class of crasher bugs, mostly with color and AAT tables.  We
cannot use nullable offsets to varsized data that does not declare min_size,
because it's nost safe to use our fixed-size null pool for types that have
their size external.  So, use non_null'able offsets for these.

A further enhancement would be to make use of min_size in Null<> itself.
Will try that after.
2018-09-15 19:43:33 +02:00
Behdad Esfahbod 957dbed388 Fix builds 2018-09-14 12:14:42 +02:00
Behdad Esfahbod 4653e6cf3c [aat] Add enums for pre-defined state and classes
Not sure how I didn't add before...
2018-09-14 11:31:33 +02:00
Behdad Esfahbod dff2c45f1e Port rest from VAR to UnsizedArrayOf<> 2018-09-11 01:01:08 +02:00
Behdad Esfahbod 9507b05a7a Simplify sanitize->check_array()
Fix a bug in CBDT sanitize, and redundant check in avar.
2018-09-10 23:18:23 +02:00
Behdad Esfahbod c77ae40852 Rename hb-*private.hh to hb-*.hh
Sorry for the noise, downstream custom builders.  Please adjust.
2018-08-25 22:36:36 -07:00