Counting bytes as the operations is likely to be a better proxy for how
much work processing the table will cost vs. the current approach of
counting the number of sub-objects.
This should allow checks for max features, max scripts, etc. to be removed.
I tested this change against the full collection of fonts at https://github.com/google/fonts
and a max ops factor of 3 was sufficient to successfully sanitize all of them.
Currently config-override.h is included at the end of this file. This caused a problem for me while undefing HB_DISABLE_DEPRECATED, namely HB_IF_NOT_DEPRECATED was defined before actual undef took place and broke the whole build. I believe it would break builds for some other defines, too. Moving config-override.h include right after predefined configs is more sane and fixes all potential problems with includes.
GCC doesn't let one turn off the warning using "(void) foo()".
People have introduced macros that do "unused << foo()" instead.
Until we do something similar, silence gcc.
Clang on the other hand understands "(void) foo()".
We don’t currently use it anywhere. It was used briefly for the
hb-fc-list tool, but this tool have not been built since 2015:
commit cd042fc8c4
Author: Behdad Esfahbod <behdad@behdad.org>
Date: Thu Jun 18 10:55:13 2015 -0700
[util] Disable hb-fc-list for now
Until I figure out what to do about the API, and finalize
the tool.
Previously, some bad font data was accidentally being interpretted as
legit if it happened to not fall out of memory bounds. The intention
of the code was what this commit does. I'm surprised we weren't getting
a "arithmetic between signed and unsigned values" warning / error
before.
- Rename enum type and enum members.
- in_errors() now returns true for any error having been set. hb-subset now looks for offset overflow only errors to divert to repacker.
- Added INT_OVERFLOW and ARRAY_OVERFLOW enum values.
Garret Rieger
Behdad Esfahbod
Andrzej Perczak
Khaled Hosny
Qunxin Liu
David Corbett