Commit Graph

1508 Commits

Author SHA1 Message Date
Garret Rieger 834a224a50
[subset] Put a limit on the number of lookup indices that can be visited during closures
Fixes https://crbug.com/oss-fuzz/21025
2020-03-12 13:32:36 +03:30
Ebrahim Byagowi 12df69e59c
Minor, delete not needed cmake testing file 2020-03-11 21:52:43 +03:30
Ebrahim Byagowi 943bfeda53 [meson] Enable more of the subset tests 2020-03-11 21:49:26 +03:30
Ebrahim Byagowi c494d7abcd Remove cmake testing and add meson build bot
CMake tests are broken anyway as py3 changes so let's get rid of them
2020-03-11 20:15:10 +03:30
Ebrahim Byagowi 1c3f80ba13 [meson] Minor updates 2020-03-11 20:15:10 +03:30
Tim-Philipp Müller f1e5f4a784 meson: tests: shaping: add aots tests 2020-03-11 19:18:57 +03:30
Tim-Philipp Müller 84725fb005 meson: tests: shaping: add missing in-house tests 2020-03-11 19:18:57 +03:30
Tim-Philipp Müller 8fc66dbf9f meson: tests: subset: no need to check for 'which' command any more
Test runner script now handles that.
2020-03-11 19:18:57 +03:30
Khaled Hosny 04438554c8 meson: Update build files after rebase 2020-03-11 19:18:57 +03:30
Tim-Philipp Müller 618584e923 meson: rename incbase to incconfig
Makes it clearer what it's for: config.h. See #4.
2020-03-11 19:18:57 +03:30
Mathieu Duponchelle d4a7237327 meson: all tests passing on Windows / MSVC 2020-03-11 19:18:57 +03:30
Mathieu Duponchelle 7ee650b173 meson: refactor fuzzing test 2020-03-11 19:18:57 +03:30
Mathieu Duponchelle 920efc0ef7 Add Meson build definitions
Fixes #490

http://mesonbuild.com
2020-03-11 19:18:57 +03:30
Ebrahim Byagowi 78eabf247e [test] Enable OT funcs on tests that are working 2020-03-10 14:07:37 +03:30
Ebrahim Byagowi 0d729b4b72 [avar] Fix out-of-bound read when input is bigger than all the coords
'i' shouldn't become equal to array's length which as the increament
is happened at end of the loop, if the input is bigger than all the
table coords, it will be equal to array's length.

Fixes https://crbug.com/oss-fuzz/21092
2020-03-07 13:20:41 +03:30
Ebrahim Byagowi 6924e29f62 [var] Fix hb_ot_var_get_axis_infos's offset semantic
The API was adding offset to input's infos buffer index also which is
unusual between our APIs and wrong.
2020-03-06 02:01:04 +03:30
ariza c05458ec7f update cff & cff2 subsetters 2020-03-05 01:22:51 +03:30
Ebrahim Byagowi 446d1e3bbc [fuzz] Add more of fixed cases 2020-03-05 00:49:03 +03:30
Ebrahim Byagowi 99b5b3f1b1 [gvar] Make sure TupleVarHeader has the needed size
Fixes https://crbug.com/oss-fuzz/21026
2020-03-04 12:43:26 +03:30
Ebrahim Byagowi 558f922788 [fuzz] Avoid empty memcpy and ubsan complain by length checking before memcpy 2020-03-03 21:39:22 +03:30
Ebrahim Byagowi 6543d166fd [fuzz] Remove the not yet fixed timeout, going to investigate 2020-03-03 21:39:22 +03:30
Ebrahim Byagowi 2bbf1c8673 [fuzz] Add more of supposed to already be fixed cases from Chromium bug tracker 2020-03-03 21:39:22 +03:30
Ebrahim Byagowi f253f06cf3 [fuzz] Add another fixed case
https://crbug.com/oss-fuzz/14626

another numerous subtables count which is fixed by d38360397
2020-03-03 19:12:04 +03:30
Ebrahim Byagowi d383603976
Limit OT::Lookup subtables (#2219)
Fixes https://crbug.com/oss-fuzz/13943
2020-03-02 22:41:08 +03:30
Ebrahim Byagowi 29efd964f2
[fuzz] Add cases that marked as wontfix
Let's see if they were really false alarms, if so, let's just have them.
2020-03-02 14:22:29 +03:30
Ebrahim Byagowi cb65150fec
[draw] minor 2020-02-29 16:12:54 +03:30
Ebrahim Byagowi 44169f3396
[draw] Fix invalid rendering of some glyph on Estedad-VF
Basically reverts 11f3fca so I can do the same tested and better later

Fixes #2215
2020-02-29 16:04:03 +03:30
Ebrahim Byagowi 86c40b3a1d [fuzz/draw] Call _get_glyph_extents
Other render related APIs also may be added also later such
as ot-color and future rendering things.
2020-02-29 14:53:34 +03:30
Michiharu Ariza 5ab50eebd7
collect_unicodes() with clamp, calling add_range()
Use add_range instead an inner loop, clamp its input number by
number of glyphs a face has.

Even the face cmap12 and 13 have 32-bit hb_codepoint_t, which is here
used to make timeout, face's maxp has 16-bit gid limitation at least for now,
using that makes sure we both fix and the timeout and don't need to change
much things here also in order to support 32-bit gids also someday.

Fixes #2204
2020-02-29 13:02:29 +03:30
Garret Rieger 410b4881d0 [subset] Add fuzzer timeout testcase. 2020-02-28 16:10:14 -08:00
Ebrahim Byagowi e57ced5fc0
[gvar] Add other possibly fixed fuzzer case
Speculatively should've been fixed by 61208401

https://crbug.com/oss-fuzz/20924 related
2020-02-28 23:29:05 +03:30
Ebrahim Byagowi 758fda728b
[glyf] Don't accept gids higher than maxp's glyphs number
This specially becomes concerning on sub-components where a gvar table
that is sanitized using maxp's glyphs number overflows when a high gid
accepted here goes to it, maybe an additional check can be put there
also, this however feels to be enough.

Fixes https://crbug.com/oss-fuzz/20944
2020-02-28 23:19:06 +03:30
Ebrahim Byagowi e90213868b Revert "collect_unicodes() to check gid < num_glyphs with cmap 12"
Didn't fix the case actually, making bots to fail.

This reverts commit 15b43a4104.
2020-02-28 21:24:51 +03:30
Ebrahim Byagowi 61208401f4
[gvar] Use hb_bytes_t.check_range instead having in house one
And use TupleVarHeader calculated size for validity check.

Fixes https://crbug.com/oss-fuzz/20919 and possibly other gvar related issues
2020-02-28 21:09:07 +03:30
Michiharu Ariza 15b43a4104
collect_unicodes() to check gid < num_glyphs with cmap 12
fixes #2204
2020-02-28 20:15:39 +03:30
Ebrahim Byagowi 868ecf7b26 [draw] Add fuzzer runner 2020-02-28 19:57:56 +03:30
Ebrahim Byagowi 8eba66c1c6 [gvar] Fix invalid memory access by refactoring GlyphVarData fetch logic
Fixes https://crbug.com/oss-fuzz/20906
2020-02-27 20:26:54 +03:30
Qunxin Liu 5ad761b943 [subset] GDEF MarkGlyphSets subsetting support 2020-02-26 15:15:21 -08:00
Qunxin Liu fcd7f33bbb [subset] GDEF glyphClassDef subsetting support
glyphClassDef uses the same ClassDef format. However, glyphClassDef table
uses predefined class values so we do not remap class values.
2020-02-26 11:10:31 -08:00
ariza a99134c5be add oss-fuzz 20886 test file 2020-02-26 09:58:03 -08:00
Ebrahim Byagowi 1b8b863898 minor 2020-02-26 16:36:48 +03:30
Ebrahim Byagowi 132fcfbc47 [fuzz] minor don't abort main.cc when the file was empty or not found 2020-02-26 16:15:17 +03:30
Ebrahim Byagowi 84163c83d3 [draw] Skip commands and paths not contributing anything
They aren't contributing to rendering and making issue for stroking, let's skip them
ourselves as Skia does also https://skia-review.googlesource.com/c/skia/+/268166

They are useful for extracting extents and so which that functionality won't be effected by this change.
2020-02-26 16:09:28 +03:30
Michiharu Ariza c400cb8863
Re-implement hb_set_t::del_range (#2194)
* optimize hb_set_del_range()

fix issue #2193

* fixed bug & added tests

* coding & comment tweaks
2020-02-25 16:06:03 -08:00
ariza 4081439d2a tweak reflecting review & add test cases 2020-02-25 15:03:12 -08:00
Ebrahim Byagowi 152000d9c7 [fuzz] Practice variations on font object 2020-02-25 21:16:57 +03:30
Ebrahim Byagowi 036d868913 [draw] Add a fuzzer
Specially checks correctness of the API semantics:
* no move happens when a path is already opened with move-to.
* no path will be left open and close-path will happen at the end of opened paths.
* no path opens with a move-to and will be closed with no length.
* paths start and ending points matches.
* no line/quadratic/cubic command will be issued when no path is started.
2020-02-25 19:09:44 +03:30
ariza 173b745da8 fixed bug & added tests 2020-02-24 22:56:57 -08:00
ariza a5012e97c4 optimize hb_set_del_range()
fix issue #2193
2020-02-24 17:09:48 -08:00
Ebrahim Byagowi 96b71e802f [fuzz] make the custom loader to handle multiple files
Actually this was the way it used to work :)
2020-02-24 23:01:02 +03:30