Context Navigation

source: trunk/poppler/freetype2/src/gxvalid/gxvcommn.c @ 262

Last change on this file since 262 was 262, checked in by Eugene Romanenko, 12 years ago
PDF plugin: freetype library updated to version 2.3.8
File size: 55.8 KB

Line
1	/***************************************************************************/
2	/* */
3	/* gxvcommn.c */
4	/* */
5	/* TrueTypeGX/AAT common tables validation (body). */
6	/* */
7	/* Copyright 2004, 2005 by suzuki toshiya, Masatake YAMATO, Red Hat K.K., */
8	/* David Turner, Robert Wilhelm, and Werner Lemberg. */
9	/* */
10	/* This file is part of the FreeType project, and may only be used, */
11	/* modified, and distributed under the terms of the FreeType project */
12	/* license, LICENSE.TXT. By continuing to use, modify, or distribute */
13	/* this file you indicate that you have read the license and */
14	/* understand and accept it fully. */
15	/* */
16	/***************************************************************************/
17
18	/***************************************************************************/
19	/* */
20	/* gxvalid is derived from both gxlayout module and otvalid module. */
21	/* Development of gxlayout is supported by the Information-technology */
22	/* Promotion Agency(IPA), Japan. */
23	/* */
24	/***************************************************************************/
25
26
27	#include "gxvcommn.h"
28
29
30	/*************************************************************************/
31	/* */
32	/* The macro FT_COMPONENT is used in trace mode. It is an implicit */
33	/* parameter of the FT_TRACE() and FT_ERROR() macros, used to print/log */
34	/* messages during execution. */
35	/* */
36	#undef FT_COMPONENT
37	#define FT_COMPONENT trace_gxvcommon
38
39
40	/*************************************************************************/
41	/*************************************************************************/
42	/*** ***/
43	/*** 16bit offset sorter ***/
44	/*** ***/
45	/*************************************************************************/
46	/*************************************************************************/
47
48	static int
49	gxv_compare_ushort_offset( FT_UShort* a,
50	FT_UShort* b )
51	{
52	if ( a < b )
53	return -1;
54	else if ( a > b )
55	return 1;
56	else
57	return 0;
58	}
59
60
61	FT_LOCAL_DEF( void )
62	gxv_set_length_by_ushort_offset( FT_UShort* offset,
63	FT_UShort** length,
64	FT_UShort* buff,
65	FT_UInt nmemb,
66	FT_UShort limit,
67	GXV_Validator valid )
68	{
69	FT_UInt i;
70
71
72	for ( i = 0; i < nmemb; i++ )
73	*(length[i]) = 0;
74
75	for ( i = 0; i < nmemb; i++ )
76	buff[i] = offset[i];
77	buff[nmemb] = limit;
78
79	ft_qsort( buff, ( nmemb + 1 ), sizeof ( FT_UShort ),
80	( int()(const void, const void*) )gxv_compare_ushort_offset );
81
82	if ( buff[nmemb] > limit )
83	FT_INVALID_OFFSET;
84
85	for ( i = 0; i < nmemb; i++ )
86	{
87	FT_UInt j;
88
89
90	for ( j = 0; j < nmemb; j++ )
91	if ( buff[j] == offset[i] )
92	break;
93
94	if ( j == nmemb )
95	FT_INVALID_OFFSET;
96
97	*(length[i]) = (FT_UShort)( buff[j + 1] - buff[j] );
98
99	if ( 0 != offset[i] && 0 == *(length[i]) )
100	FT_INVALID_OFFSET;
101	}
102	}
103
104
105	/*************************************************************************/
106	/*************************************************************************/
107	/*** ***/
108	/*** 32bit offset sorter ***/
109	/*** ***/
110	/*************************************************************************/
111	/*************************************************************************/
112
113	static int
114	gxv_compare_ulong_offset( FT_ULong* a,
115	FT_ULong* b )
116	{
117	if ( a < b )
118	return -1;
119	else if ( a > b )
120	return 1;
121	else
122	return 0;
123	}
124
125
126	FT_LOCAL_DEF( void )
127	gxv_set_length_by_ulong_offset( FT_ULong* offset,
128	FT_ULong** length,
129	FT_ULong* buff,
130	FT_UInt nmemb,
131	FT_ULong limit,
132	GXV_Validator valid)
133	{
134	FT_UInt i;
135
136
137	for ( i = 0; i < nmemb; i++ )
138	*(length[i]) = 0;
139
140	for ( i = 0; i < nmemb; i++ )
141	buff[i] = offset[i];
142	buff[nmemb] = limit;
143
144	ft_qsort( buff, ( nmemb + 1 ), sizeof ( FT_ULong ),
145	( int()(const void, const void*) )gxv_compare_ulong_offset );
146
147	if ( buff[nmemb] > limit )
148	FT_INVALID_OFFSET;
149
150	for ( i = 0; i < nmemb; i++ )
151	{
152	FT_UInt j;
153
154
155	for ( j = 0; j < nmemb; j++ )
156	if ( buff[j] == offset[i] )
157	break;
158
159	if ( j == nmemb )
160	FT_INVALID_OFFSET;
161
162	*(length[i]) = buff[j + 1] - buff[j];
163
164	if ( 0 != offset[i] && 0 == *(length[i]) )
165	FT_INVALID_OFFSET;
166	}
167	}
168
169
170	/*************************************************************************/
171	/*************************************************************************/
172	/*** ***/
173	/*** scan value array and get min & max ***/
174	/*** ***/
175	/*************************************************************************/
176	/*************************************************************************/
177
178
179	FT_LOCAL_DEF( void )
180	gxv_array_getlimits_byte( FT_Bytes table,
181	FT_Bytes limit,
182	FT_Byte* min,
183	FT_Byte* max,
184	GXV_Validator valid )
185	{
186	FT_Bytes p = table;
187
188
189	*min = 0xFF;
190	*max = 0x00;
191
192	while ( p < limit )
193	{
194	FT_Byte val;
195
196
197	GXV_LIMIT_CHECK( 1 );
198	val = FT_NEXT_BYTE( p );
199
200	min = (FT_Byte)FT_MIN( min, val );
201	max = (FT_Byte)FT_MAX( max, val );
202	}
203
204	valid->subtable_length = p - table;
205	}
206
207
208	FT_LOCAL_DEF( void )
209	gxv_array_getlimits_ushort( FT_Bytes table,
210	FT_Bytes limit,
211	FT_UShort* min,
212	FT_UShort* max,
213	GXV_Validator valid )
214	{
215	FT_Bytes p = table;
216
217
218	*min = 0xFFFFU;
219	*max = 0x0000;
220
221	while ( p < limit )
222	{
223	FT_UShort val;
224
225
226	GXV_LIMIT_CHECK( 2 );
227	val = FT_NEXT_USHORT( p );
228
229	min = (FT_Byte)FT_MIN( min, val );
230	max = (FT_Byte)FT_MAX( max, val );
231	}
232
233	valid->subtable_length = p - table;
234	}
235
236
237	/*************************************************************************/
238	/*************************************************************************/
239	/*** ***/
240	/*** BINSEARCHHEADER ***/
241	/*** ***/
242	/*************************************************************************/
243	/*************************************************************************/
244
245	typedef struct GXV_BinSrchHeader_
246	{
247	FT_UShort unitSize;
248	FT_UShort nUnits;
249	FT_UShort searchRange;
250	FT_UShort entrySelector;
251	FT_UShort rangeShift;
252
253	} GXV_BinSrchHeader;
254
255
256	static void
257	gxv_BinSrchHeader_check_consistency( GXV_BinSrchHeader* binSrchHeader,
258	GXV_Validator valid )
259	{
260	FT_UShort searchRange;
261	FT_UShort entrySelector;
262	FT_UShort rangeShift;
263
264
265	if ( binSrchHeader->unitSize == 0 )
266	FT_INVALID_DATA;
267
268	if ( binSrchHeader->nUnits == 0 )
269	{
270	if ( binSrchHeader->searchRange == 0 &&
271	binSrchHeader->entrySelector == 0 &&
272	binSrchHeader->rangeShift == 0 )
273	return;
274	else
275	FT_INVALID_DATA;
276	}
277
278	for ( searchRange = 1, entrySelector = 1;
279	( searchRange * 2 ) <= binSrchHeader->nUnits &&
280	searchRange < 0x8000U;
281	searchRange *= 2, entrySelector++ )
282	;
283
284	entrySelector--;
285	searchRange = (FT_UShort)( searchRange * binSrchHeader->unitSize );
286	rangeShift = (FT_UShort)( binSrchHeader->nUnits * binSrchHeader->unitSize
287	- searchRange );
288
289	if ( searchRange != binSrchHeader->searchRange \|\|
290	entrySelector != binSrchHeader->entrySelector \|\|
291	rangeShift != binSrchHeader->rangeShift )
292	{
293	GXV_TRACE(( "Inconsistency found in BinSrchHeader\n" ));
294	GXV_TRACE(( "originally: unitSize=%d, nUnits=%d, "
295	"searchRange=%d, entrySelector=%d, "
296	"rangeShift=%d\n",
297	binSrchHeader->unitSize, binSrchHeader->nUnits,
298	binSrchHeader->searchRange, binSrchHeader->entrySelector,
299	binSrchHeader->rangeShift ));
300	GXV_TRACE(( "calculated: unitSize=%d, nUnits=%d, "
301	"searchRange=%d, entrySelector=%d, "
302	"rangeShift=%d\n",
303	binSrchHeader->unitSize, binSrchHeader->nUnits,
304	searchRange, entrySelector, rangeShift ));
305
306	if ( valid->root->level >= FT_VALIDATE_PARANOID )
307	FT_INVALID_DATA;
308	}
309	}
310
311
312	/*
313	* parser & validator of BinSrchHeader
314	* which is used in LookupTable format 2, 4, 6.
315	*
316	* Essential parameters (unitSize, nUnits) are returned by
317	* given pointer, others (searchRange, entrySelector, rangeShift)
318	* can be calculated by essential parameters, so they are just
319	* validated and discarded.
320	*
321	* However, wrong values in searchRange, entrySelector, rangeShift
322	* won't cause fatal errors, because these parameters might be
323	* only used in old m68k font driver in MacOS.
324	* -- suzuki toshiya <mpsuzuki@hiroshima-u.ac.jp>
325	*/
326
327	FT_LOCAL_DEF( void )
328	gxv_BinSrchHeader_validate( FT_Bytes table,
329	FT_Bytes limit,
330	FT_UShort* unitSize_p,
331	FT_UShort* nUnits_p,
332	GXV_Validator valid )
333	{
334	FT_Bytes p = table;
335	GXV_BinSrchHeader binSrchHeader;
336
337
338	GXV_NAME_ENTER( "BinSrchHeader validate" );
339
340	if ( *unitSize_p == 0 )
341	{
342	GXV_LIMIT_CHECK( 2 );
343	binSrchHeader.unitSize = FT_NEXT_USHORT( p );
344	}
345	else
346	binSrchHeader.unitSize = *unitSize_p;
347
348	if ( *nUnits_p == 0 )
349	{
350	GXV_LIMIT_CHECK( 2 );
351	binSrchHeader.nUnits = FT_NEXT_USHORT( p );
352	}
353	else
354	binSrchHeader.nUnits = *nUnits_p;
355
356	GXV_LIMIT_CHECK( 2 + 2 + 2 );
357	binSrchHeader.searchRange = FT_NEXT_USHORT( p );
358	binSrchHeader.entrySelector = FT_NEXT_USHORT( p );
359	binSrchHeader.rangeShift = FT_NEXT_USHORT( p );
360	GXV_TRACE(( "nUnits %d\n", binSrchHeader.nUnits ));
361
362	gxv_BinSrchHeader_check_consistency( &binSrchHeader, valid );
363
364	if ( *unitSize_p == 0 )
365	*unitSize_p = binSrchHeader.unitSize;
366
367	if ( *nUnits_p == 0 )
368	*nUnits_p = binSrchHeader.nUnits;
369
370	valid->subtable_length = p - table;
371	GXV_EXIT;
372	}
373
374
375	/*************************************************************************/
376	/*************************************************************************/
377	/*** ***/
378	/*** LOOKUP TABLE ***/
379	/*** ***/
380	/*************************************************************************/
381	/*************************************************************************/
382
383	#define GXV_LOOKUP_VALUE_LOAD( P, SIGNSPEC ) \
384	( P += 2, gxv_lookup_value_load( P - 2, SIGNSPEC ) )
385
386	static GXV_LookupValueDesc
387	gxv_lookup_value_load( FT_Bytes p,
388	int signspec )
389	{
390	GXV_LookupValueDesc v;
391
392
393	if ( signspec == GXV_LOOKUPVALUE_UNSIGNED )
394	v.u = FT_NEXT_USHORT( p );
395	else
396	v.s = FT_NEXT_SHORT( p );
397
398	return v;
399	}
400
401
402	#define GXV_UNITSIZE_VALIDATE( FORMAT, UNITSIZE, NUNITS, CORRECTSIZE ) \
403	FT_BEGIN_STMNT \
404	if ( UNITSIZE != CORRECTSIZE ) \
405	{ \
406	FT_ERROR(( "unitSize=%d differs from" \
407	"expected unitSize=%d" \
408	"in LookupTable %s", \
409	UNITSIZE, CORRECTSIZE, FORMAT )); \
410	if ( UNITSIZE != 0 && NUNITS != 0 ) \
411	{ \
412	FT_ERROR(( " cannot validate anymore\n" )); \
413	FT_INVALID_FORMAT; \
414	} \
415	else \
416	FT_ERROR(( " forcibly continues\n" )); \
417	} \
418	FT_END_STMNT
419
420
421	/* ================= Simple Array Format 0 Lookup Table ================ */
422	static void
423	gxv_LookupTable_fmt0_validate( FT_Bytes table,
424	FT_Bytes limit,
425	GXV_Validator valid )
426	{
427	FT_Bytes p = table;
428	FT_UShort i;
429
430	GXV_LookupValueDesc value;
431
432
433	GXV_NAME_ENTER( "LookupTable format 0" );
434
435	GXV_LIMIT_CHECK( 2 * valid->face->num_glyphs );
436
437	for ( i = 0; i < valid->face->num_glyphs; i++ )
438	{
439	GXV_LIMIT_CHECK( 2 );
440	if ( p + 2 >= limit ) /* some fonts have too-short fmt0 array */
441	{
442	GXV_TRACE(( "too short, glyphs %d - %d are missing\n",
443	i, valid->face->num_glyphs ));
444	if ( valid->root->level >= FT_VALIDATE_PARANOID )
445	FT_INVALID_GLYPH_ID;
446	break;
447	}
448
449	value = GXV_LOOKUP_VALUE_LOAD( p, valid->lookupval_sign );
450	valid->lookupval_func( i, value, valid );
451	}
452
453	valid->subtable_length = p - table;
454	GXV_EXIT;
455	}
456
457
458	/* ================= Segment Single Format 2 Loolup Table ============== */
459	/*
460	* Apple spec says:
461	*
462	* To guarantee that a binary search terminates, you must include one or
463	* more special `end of search table' values at the end of the data to
464	* be searched. The number of termination values that need to be
465	* included is table-specific. The value that indicates binary search
466	* termination is 0xFFFF.
467	*
468	* The problem is that nUnits does not include this end-marker. It's
469	* quite difficult to discriminate whether the following 0xFFFF comes from
470	* the end-marker or some next data.
471	*
472	* -- suzuki toshiya <mpsuzuki@hiroshima-u.ac.jp>
473	*/
474	static void
475	gxv_LookupTable_fmt2_skip_endmarkers( FT_Bytes table,
476	FT_UShort unitSize,
477	GXV_Validator valid )
478	{
479	FT_Bytes p = table;
480
481
482	while ( ( p + 4 ) < valid->root->limit )
483	{
484	if ( p[0] != 0xFF \|\| p[1] != 0xFF \|\| /* lastGlyph */
485	p[2] != 0xFF \|\| p[3] != 0xFF ) /* firstGlyph */
486	break;
487	p += unitSize;
488	}
489
490	valid->subtable_length = p - table;
491	}
492
493
494	static void
495	gxv_LookupTable_fmt2_validate( FT_Bytes table,
496	FT_Bytes limit,
497	GXV_Validator valid )
498	{
499	FT_Bytes p = table;
500	FT_UShort gid;
501
502	FT_UShort unitSize;
503	FT_UShort nUnits;
504	FT_UShort unit;
505	FT_UShort lastGlyph;
506	FT_UShort firstGlyph;
507	GXV_LookupValueDesc value;
508
509
510	GXV_NAME_ENTER( "LookupTable format 2" );
511
512	unitSize = nUnits = 0;
513	gxv_BinSrchHeader_validate( p, limit, &unitSize, &nUnits, valid );
514	p += valid->subtable_length;
515
516	GXV_UNITSIZE_VALIDATE( "format2", unitSize, nUnits, 6 );
517
518	for ( unit = 0, gid = 0; unit < nUnits; unit++ )
519	{
520	GXV_LIMIT_CHECK( 2 + 2 + 2 );
521	lastGlyph = FT_NEXT_USHORT( p );
522	firstGlyph = FT_NEXT_USHORT( p );
523	value = GXV_LOOKUP_VALUE_LOAD( p, valid->lookupval_sign );
524
525	gxv_glyphid_validate( firstGlyph, valid );
526	gxv_glyphid_validate( lastGlyph, valid );
527
528	if ( lastGlyph < gid )
529	{
530	GXV_TRACE(( "reverse ordered segment specification:"
531	" lastGlyph[%d]=%d < lastGlyph[%d]=%d\n",
532	unit, lastGlyph, unit - 1 , gid ));
533	if ( valid->root->level >= FT_VALIDATE_PARANOID )
534	FT_INVALID_GLYPH_ID;
535	}
536
537	if ( lastGlyph < firstGlyph )
538	{
539	GXV_TRACE(( "reverse ordered range specification at unit %d:",
540	" lastGlyph %d < firstGlyph %d ",
541	unit, lastGlyph, firstGlyph ));
542	if ( valid->root->level >= FT_VALIDATE_PARANOID )
543	FT_INVALID_GLYPH_ID;
544
545	if ( valid->root->level == FT_VALIDATE_TIGHT )
546	continue; /* ftxvalidator silently skips such an entry */
547
548	FT_TRACE4(( "continuing with exchanged values\n" ));
549	gid = firstGlyph;
550	firstGlyph = lastGlyph;
551	lastGlyph = gid;
552	}
553
554	for ( gid = firstGlyph; gid <= lastGlyph; gid++ )
555	valid->lookupval_func( gid, value, valid );
556	}
557
558	gxv_LookupTable_fmt2_skip_endmarkers( p, unitSize, valid );
559	p += valid->subtable_length;
560
561	valid->subtable_length = p - table;
562	GXV_EXIT;
563	}
564
565
566	/* ================= Segment Array Format 4 Lookup Table =============== */
567	static void
568	gxv_LookupTable_fmt4_validate( FT_Bytes table,
569	FT_Bytes limit,
570	GXV_Validator valid )
571	{
572	FT_Bytes p = table;
573	FT_UShort unit;
574	FT_UShort gid;
575
576	FT_UShort unitSize;
577	FT_UShort nUnits;
578	FT_UShort lastGlyph;
579	FT_UShort firstGlyph;
580	GXV_LookupValueDesc base_value;
581	GXV_LookupValueDesc value;
582
583
584	GXV_NAME_ENTER( "LookupTable format 4" );
585
586	unitSize = nUnits = 0;
587	gxv_BinSrchHeader_validate( p, limit, &unitSize, &nUnits, valid );
588	p += valid->subtable_length;
589
590	GXV_UNITSIZE_VALIDATE( "format4", unitSize, nUnits, 6 );
591
592	for ( unit = 0, gid = 0; unit < nUnits; unit++ )
593	{
594	GXV_LIMIT_CHECK( 2 + 2 );
595	lastGlyph = FT_NEXT_USHORT( p );
596	firstGlyph = FT_NEXT_USHORT( p );
597
598	gxv_glyphid_validate( firstGlyph, valid );
599	gxv_glyphid_validate( lastGlyph, valid );
600
601	if ( lastGlyph < gid )
602	{
603	GXV_TRACE(( "reverse ordered segment specification:"
604	" lastGlyph[%d]=%d < lastGlyph[%d]=%d\n",
605	unit, lastGlyph, unit - 1 , gid ));
606	if ( valid->root->level >= FT_VALIDATE_PARANOID )
607	FT_INVALID_GLYPH_ID;
608	}
609
610	if ( lastGlyph < firstGlyph )
611	{
612	GXV_TRACE(( "reverse ordered range specification at unit %d:",
613	" lastGlyph %d < firstGlyph %d ",
614	unit, lastGlyph, firstGlyph ));
615	if ( valid->root->level >= FT_VALIDATE_PARANOID )
616	FT_INVALID_GLYPH_ID;
617
618	if ( valid->root->level == FT_VALIDATE_TIGHT )
619	continue; /* ftxvalidator silently skips such an entry */
620
621	FT_TRACE4(( "continuing with exchanged values\n" ));
622	gid = firstGlyph;
623	firstGlyph = lastGlyph;
624	lastGlyph = gid;
625	}
626
627	GXV_LIMIT_CHECK( 2 );
628	base_value = GXV_LOOKUP_VALUE_LOAD( p, GXV_LOOKUPVALUE_UNSIGNED );
629
630	for ( gid = firstGlyph; gid <= lastGlyph; gid++ )
631	{
632	value = valid->lookupfmt4_trans( (FT_UShort)( gid - firstGlyph ),
633	base_value,
634	limit,
635	valid );
636
637	valid->lookupval_func( gid, value, valid );
638	}
639	}
640
641	gxv_LookupTable_fmt2_skip_endmarkers( p, unitSize, valid );
642	p += valid->subtable_length;
643
644	valid->subtable_length = p - table;
645	GXV_EXIT;
646	}
647
648
649	/* ================= Segment Table Format 6 Lookup Table =============== */
650	static void
651	gxv_LookupTable_fmt6_skip_endmarkers( FT_Bytes table,
652	FT_UShort unitSize,
653	GXV_Validator valid )
654	{
655	FT_Bytes p = table;
656
657
658	while ( p < valid->root->limit )
659	{
660	if ( p[0] != 0xFF \|\| p[1] != 0xFF )
661	break;
662	p += unitSize;
663	}
664
665	valid->subtable_length = p - table;
666	}
667
668
669	static void
670	gxv_LookupTable_fmt6_validate( FT_Bytes table,
671	FT_Bytes limit,
672	GXV_Validator valid )
673	{
674	FT_Bytes p = table;
675	FT_UShort unit;
676	FT_UShort prev_glyph;
677
678	FT_UShort unitSize;
679	FT_UShort nUnits;
680	FT_UShort glyph;
681	GXV_LookupValueDesc value;
682
683
684	GXV_NAME_ENTER( "LookupTable format 6" );
685
686	unitSize = nUnits = 0;
687	gxv_BinSrchHeader_validate( p, limit, &unitSize, &nUnits, valid );
688	p += valid->subtable_length;
689
690	GXV_UNITSIZE_VALIDATE( "format6", unitSize, nUnits, 4 );
691
692	for ( unit = 0, prev_glyph = 0; unit < nUnits; unit++ )
693	{
694	GXV_LIMIT_CHECK( 2 + 2 );
695	glyph = FT_NEXT_USHORT( p );
696	value = GXV_LOOKUP_VALUE_LOAD( p, valid->lookupval_sign );
697
698	if ( gxv_glyphid_validate( glyph, valid ) )
699	GXV_TRACE(( " endmarker found within defined range"
700	" (entry %d < nUnits=%d)\n",
701	unit, nUnits ));
702
703	if ( prev_glyph > glyph )
704	{
705	GXV_TRACE(( "current gid 0x%04x < previous gid 0x%04x\n",
706	glyph, prev_glyph ));
707	if ( valid->root->level >= FT_VALIDATE_PARANOID )
708	FT_INVALID_GLYPH_ID;
709	}
710	prev_glyph = glyph;
711
712	valid->lookupval_func( glyph, value, valid );
713	}
714
715	gxv_LookupTable_fmt6_skip_endmarkers( p, unitSize, valid );
716	p += valid->subtable_length;
717
718	valid->subtable_length = p - table;
719	GXV_EXIT;
720	}
721
722
723	/* ================= Trimmed Array Format 8 Lookup Table =============== */
724	static void
725	gxv_LookupTable_fmt8_validate( FT_Bytes table,
726	FT_Bytes limit,
727	GXV_Validator valid )
728	{
729	FT_Bytes p = table;
730	FT_UShort i;
731
732	GXV_LookupValueDesc value;
733	FT_UShort firstGlyph;
734	FT_UShort glyphCount;
735
736
737	GXV_NAME_ENTER( "LookupTable format 8" );
738
739	/* firstGlyph + glyphCount */
740	GXV_LIMIT_CHECK( 2 + 2 );
741	firstGlyph = FT_NEXT_USHORT( p );
742	glyphCount = FT_NEXT_USHORT( p );
743
744	gxv_glyphid_validate( firstGlyph, valid );
745	gxv_glyphid_validate( (FT_UShort)( firstGlyph + glyphCount ), valid );
746
747	/* valueArray */
748	for ( i = 0; i < glyphCount; i++ )
749	{
750	GXV_LIMIT_CHECK( 2 );
751	value = GXV_LOOKUP_VALUE_LOAD( p, valid->lookupval_sign );
752	valid->lookupval_func( (FT_UShort)( firstGlyph + i ), value, valid );
753	}
754
755	valid->subtable_length = p - table;
756	GXV_EXIT;
757	}
758
759
760	FT_LOCAL_DEF( void )
761	gxv_LookupTable_validate( FT_Bytes table,
762	FT_Bytes limit,
763	GXV_Validator valid )
764	{
765	FT_Bytes p = table;
766	FT_UShort format;
767
768	GXV_Validate_Func fmt_funcs_table[] =
769	{
770	gxv_LookupTable_fmt0_validate, /* 0 */
771	NULL, /* 1 */
772	gxv_LookupTable_fmt2_validate, /* 2 */
773	NULL, /* 3 */
774	gxv_LookupTable_fmt4_validate, /* 4 */
775	NULL, /* 5 */
776	gxv_LookupTable_fmt6_validate, /* 6 */
777	NULL, /* 7 */
778	gxv_LookupTable_fmt8_validate, /* 8 */
779	};
780
781	GXV_Validate_Func func;
782
783
784	GXV_NAME_ENTER( "LookupTable" );
785
786	/* lookuptbl_head may be used in fmt4 transit function. */
787	valid->lookuptbl_head = table;
788
789	/* format */
790	GXV_LIMIT_CHECK( 2 );
791	format = FT_NEXT_USHORT( p );
792	GXV_TRACE(( " (format %d)\n", format ));
793
794	if ( format > 8 )
795	FT_INVALID_FORMAT;
796
797	func = fmt_funcs_table[format];
798	if ( func == NULL )
799	FT_INVALID_FORMAT;
800
801	func( p, limit, valid );
802	p += valid->subtable_length;
803
804	valid->subtable_length = p - table;
805
806	GXV_EXIT;
807	}
808
809
810	/*************************************************************************/
811	/*************************************************************************/
812	/*** ***/
813	/*** Glyph ID ***/
814	/*** ***/
815	/*************************************************************************/
816	/*************************************************************************/
817
818	FT_LOCAL_DEF( FT_Int )
819	gxv_glyphid_validate( FT_UShort gid,
820	GXV_Validator valid )
821	{
822	FT_Face face;
823
824
825	if ( gid == 0xFFFFU )
826	{
827	GXV_EXIT;
828	return 1;
829	}
830
831	face = valid->face;
832	if ( face->num_glyphs < gid )
833	{
834	GXV_TRACE(( " gxv_glyphid_check() gid overflow: num_glyphs %d < %d\n",
835	face->num_glyphs, gid ));
836	if ( valid->root->level >= FT_VALIDATE_PARANOID )
837	FT_INVALID_GLYPH_ID;
838	}
839
840	return 0;
841	}
842
843
844	/*************************************************************************/
845	/*************************************************************************/
846	/*** ***/
847	/*** CONTROL POINT ***/
848	/*** ***/
849	/*************************************************************************/
850	/*************************************************************************/
851
852	FT_LOCAL_DEF( void )
853	gxv_ctlPoint_validate( FT_UShort gid,
854	FT_Short ctl_point,
855	GXV_Validator valid )
856	{
857	FT_Face face;
858	FT_Error error;
859
860	FT_GlyphSlot glyph;
861	FT_Outline outline;
862	short n_points;
863
864
865	face = valid->face;
866
867	error = FT_Load_Glyph( face,
868	gid,
869	FT_LOAD_NO_BITMAP \| FT_LOAD_IGNORE_TRANSFORM );
870	if ( error )
871	FT_INVALID_GLYPH_ID;
872
873	glyph = face->glyph;
874	outline = glyph->outline;
875	n_points = outline.n_points;
876
877
878	if ( !( ctl_point < n_points ) )
879	FT_INVALID_DATA;
880	}
881
882
883	/*************************************************************************/
884	/*************************************************************************/
885	/*** ***/
886	/*** SFNT NAME ***/
887	/*** ***/
888	/*************************************************************************/
889	/*************************************************************************/
890
891	FT_LOCAL_DEF( void )
892	gxv_sfntName_validate( FT_UShort name_index,
893	FT_UShort min_index,
894	FT_UShort max_index,
895	GXV_Validator valid )
896	{
897	FT_SfntName name;
898	FT_UInt i;
899	FT_UInt nnames;
900
901
902	GXV_NAME_ENTER( "sfntName" );
903
904	if ( name_index < min_index \|\| max_index < name_index )
905	FT_INVALID_FORMAT;
906
907	nnames = FT_Get_Sfnt_Name_Count( valid->face );
908	for ( i = 0; i < nnames; i++ )
909	{
910	if ( FT_Get_Sfnt_Name( valid->face, i, &name ) != FT_Err_Ok )
911	continue ;
912
913	if ( name.name_id == name_index )
914	goto Out;
915	}
916
917	GXV_TRACE(( " nameIndex = %d (UNTITLED)\n", name_index ));
918	FT_INVALID_DATA;
919	goto Exit; /* make compiler happy */
920
921	Out:
922	FT_TRACE1(( " nameIndex = %d (", name_index ));
923	GXV_TRACE_HEXDUMP_SFNTNAME( name );
924	FT_TRACE1(( ")\n" ));
925
926	Exit:
927	GXV_EXIT;
928	}
929
930
931	/*************************************************************************/
932	/*************************************************************************/
933	/*** ***/
934	/*** STATE TABLE ***/
935	/*** ***/
936	/*************************************************************************/
937	/*************************************************************************/
938
939	/* -------------------------- Class Table --------------------------- */
940
941	/*
942	* highestClass specifies how many classes are defined in this
943	* Class Subtable. Apple spec does not mention whether undefined
944	* holes in the class (e.g.: 0-3 are predefined, 4 is unused, 5 is used)
945	* are permitted. At present, holes in a defined class are not checked.
946	* -- suzuki toshiya <mpsuzuki@hiroshima-u.ac.jp>
947	*/
948
949	static void
950	gxv_ClassTable_validate( FT_Bytes table,
951	FT_UShort* length_p,
952	FT_UShort stateSize,
953	FT_Byte* maxClassID_p,
954	GXV_Validator valid )
955	{
956	FT_Bytes p = table;
957	FT_Bytes limit = table + *length_p;
958	FT_UShort firstGlyph;
959	FT_UShort nGlyphs;
960
961
962	GXV_NAME_ENTER( "ClassTable" );
963
964	maxClassID_p = 3; / Classes 0, 2, and 3 are predefined */
965
966	GXV_LIMIT_CHECK( 2 + 2 );
967	firstGlyph = FT_NEXT_USHORT( p );
968	nGlyphs = FT_NEXT_USHORT( p );
969
970	GXV_TRACE(( " (firstGlyph = %d, nGlyphs = %d)\n", firstGlyph, nGlyphs ));
971
972	if ( !nGlyphs )
973	goto Out;
974
975	gxv_glyphid_validate( (FT_UShort)( firstGlyph + nGlyphs ), valid );
976
977	{
978	FT_Byte nGlyphInClass[256];
979	FT_Byte classID;
980	FT_UShort i;
981
982
983	ft_memset( nGlyphInClass, 0, 256 );
984
985
986	for ( i = 0; i < nGlyphs; i++ )
987	{
988	GXV_LIMIT_CHECK( 1 );
989	classID = FT_NEXT_BYTE( p );
990	switch ( classID )
991	{
992	/* following classes should not appear in class array */
993	case 0: /* end of text */
994	case 2: /* out of bounds */
995	case 3: /* end of line */
996	FT_INVALID_DATA;
997	break;
998
999	case 1: /* out of bounds */
1000	default: /* user-defined: 4 - ( stateSize - 1 ) */
1001	if ( classID >= stateSize )
1002	FT_INVALID_DATA; /* assign glyph to undefined state */
1003
1004	nGlyphInClass[classID]++;
1005	break;
1006	}
1007	}
1008	*length_p = (FT_UShort)( p - table );
1009
1010	/* scan max ClassID in use */
1011	for ( i = 0; i < stateSize; i++ )
1012	if ( ( 3 < i ) && ( nGlyphInClass[i] > 0 ) )
1013	maxClassID_p = (FT_Byte)i; / XXX: Check Range? */
1014	}
1015
1016	Out:
1017	GXV_TRACE(( "Declared stateSize=0x%02x, Used maxClassID=0x%02x\n",
1018	stateSize, *maxClassID_p ));
1019	GXV_EXIT;
1020	}
1021
1022
1023	/* --------------------------- State Array ----------------------------- */
1024
1025	static void
1026	gxv_StateArray_validate( FT_Bytes table,
1027	FT_UShort* length_p,
1028	FT_Byte maxClassID,
1029	FT_UShort stateSize,
1030	FT_Byte* maxState_p,
1031	FT_Byte* maxEntry_p,
1032	GXV_Validator valid )
1033	{
1034	FT_Bytes p = table;
1035	FT_Bytes limit = table + *length_p;
1036	FT_Byte clazz;
1037	FT_Byte entry;
1038
1039	FT_UNUSED( stateSize ); /* for the non-debugging case */
1040
1041
1042	GXV_NAME_ENTER( "StateArray" );
1043
1044	GXV_TRACE(( "parse %d bytes by stateSize=%d maxClassID=%d\n",
1045	(int)(*length_p), stateSize, (int)(maxClassID) ));
1046
1047	/*
1048	* 2 states are predefined and must be described in StateArray:
1049	* state 0 (start of text), 1 (start of line)
1050	*/
1051	GXV_LIMIT_CHECK( ( 1 + maxClassID ) * 2 );
1052
1053	*maxState_p = 0;
1054	*maxEntry_p = 0;
1055
1056	/* read if enough to read another state */
1057	while ( p + ( 1 + maxClassID ) <= limit )
1058	{
1059	(*maxState_p)++;
1060	for ( clazz = 0; clazz <= maxClassID; clazz++ )
1061	{
1062	entry = FT_NEXT_BYTE( p );
1063	maxEntry_p = (FT_Byte)FT_MAX( maxEntry_p, entry );
1064	}
1065	}
1066	GXV_TRACE(( "parsed: maxState=%d, maxEntry=%d\n",
1067	maxState_p, maxEntry_p ));
1068
1069	*length_p = (FT_UShort)( p - table );
1070
1071	GXV_EXIT;
1072	}
1073
1074
1075	/* --------------------------- Entry Table ----------------------------- */
1076
1077	static void
1078	gxv_EntryTable_validate( FT_Bytes table,
1079	FT_UShort* length_p,
1080	FT_Byte maxEntry,
1081	FT_UShort stateArray,
1082	FT_UShort stateArray_length,
1083	FT_Byte maxClassID,
1084	FT_Bytes statetable_table,
1085	FT_Bytes statetable_limit,
1086	GXV_Validator valid )
1087	{
1088	FT_Bytes p = table;
1089	FT_Bytes limit = table + *length_p;
1090	FT_Byte entry;
1091	FT_Byte state;
1092	FT_Int entrySize = 2 + 2 + GXV_GLYPHOFFSET_SIZE( statetable );
1093
1094	GXV_XStateTable_GlyphOffsetDesc glyphOffset;
1095
1096
1097	GXV_NAME_ENTER( "EntryTable" );
1098
1099	GXV_TRACE(( "maxEntry=%d entrySize=%d\n", maxEntry, entrySize ));
1100
1101	if ( ( maxEntry + 1 ) * entrySize > *length_p )
1102	{
1103	if ( valid->root->level >= FT_VALIDATE_PARANOID )
1104	FT_INVALID_TOO_SHORT;
1105
1106	/* ftxvalidator and FontValidator both warn and continue */
1107	maxEntry = (FT_Byte)( *length_p / entrySize - 1 );
1108	GXV_TRACE(( "too large maxEntry, shrinking to %d fit EntryTable length\n",
1109	maxEntry ));
1110	}
1111
1112	for ( entry = 0; entry <= maxEntry; entry++ )
1113	{
1114	FT_UShort newState;
1115	FT_UShort flags;
1116
1117
1118	GXV_LIMIT_CHECK( 2 + 2 );
1119	newState = FT_NEXT_USHORT( p );
1120	flags = FT_NEXT_USHORT( p );
1121
1122
1123	if ( newState < stateArray \|\|
1124	stateArray + stateArray_length < newState )
1125	{
1126	GXV_TRACE(( " newState offset 0x%04x is out of stateArray\n",
1127	newState ));
1128	if ( valid->root->level >= FT_VALIDATE_PARANOID )
1129	FT_INVALID_OFFSET;
1130	continue;
1131	}
1132
1133	if ( 0 != ( ( newState - stateArray ) % ( 1 + maxClassID ) ) )
1134	{
1135	GXV_TRACE(( " newState offset 0x%04x is not aligned to %d-classes\n",
1136	newState, 1 + maxClassID ));
1137	if ( valid->root->level >= FT_VALIDATE_PARANOID )
1138	FT_INVALID_OFFSET;
1139	continue;
1140	}
1141
1142	state = (FT_Byte)( ( newState - stateArray ) / ( 1 + maxClassID ) );
1143
1144	switch ( GXV_GLYPHOFFSET_FMT( statetable ) )
1145	{
1146	case GXV_GLYPHOFFSET_NONE:
1147	glyphOffset.uc = 0; /* make compiler happy */
1148	break;
1149
1150	case GXV_GLYPHOFFSET_UCHAR:
1151	glyphOffset.uc = FT_NEXT_BYTE( p );
1152	break;
1153
1154	case GXV_GLYPHOFFSET_CHAR:
1155	glyphOffset.c = FT_NEXT_CHAR( p );
1156	break;
1157
1158	case GXV_GLYPHOFFSET_USHORT:
1159	glyphOffset.u = FT_NEXT_USHORT( p );
1160	break;
1161
1162	case GXV_GLYPHOFFSET_SHORT:
1163	glyphOffset.s = FT_NEXT_SHORT( p );
1164	break;
1165
1166	case GXV_GLYPHOFFSET_ULONG:
1167	glyphOffset.ul = FT_NEXT_ULONG( p );
1168	break;
1169
1170	case GXV_GLYPHOFFSET_LONG:
1171	glyphOffset.l = FT_NEXT_LONG( p );
1172	break;
1173
1174	default:
1175	if ( valid->root->level >= FT_VALIDATE_PARANOID )
1176	FT_INVALID_FORMAT;
1177	goto Exit;
1178	}
1179
1180	if ( NULL != valid->statetable.entry_validate_func )
1181	valid->statetable.entry_validate_func( state,
1182	flags,
1183	glyphOffset,
1184	statetable_table,
1185	statetable_limit,
1186	valid );
1187	}
1188
1189	Exit:
1190	*length_p = (FT_UShort)( p - table );
1191
1192	GXV_EXIT;
1193	}
1194
1195
1196	/* =========================== State Table ============================= */
1197
1198	FT_LOCAL_DEF( void )
1199	gxv_StateTable_subtable_setup( FT_UShort table_size,
1200	FT_UShort classTable,
1201	FT_UShort stateArray,
1202	FT_UShort entryTable,
1203	FT_UShort* classTable_length_p,
1204	FT_UShort* stateArray_length_p,
1205	FT_UShort* entryTable_length_p,
1206	GXV_Validator valid )
1207	{
1208	FT_UShort o[3];
1209	FT_UShort* l[3];
1210	FT_UShort buff[4];
1211
1212
1213	o[0] = classTable;
1214	o[1] = stateArray;
1215	o[2] = entryTable;
1216	l[0] = classTable_length_p;
1217	l[1] = stateArray_length_p;
1218	l[2] = entryTable_length_p;
1219
1220	gxv_set_length_by_ushort_offset( o, l, buff, 3, table_size, valid );
1221	}
1222
1223
1224	FT_LOCAL_DEF( void )
1225	gxv_StateTable_validate( FT_Bytes table,
1226	FT_Bytes limit,
1227	GXV_Validator valid )
1228	{
1229	FT_UShort stateSize;
1230	FT_UShort classTable; /* offset to Class(Sub)Table */
1231	FT_UShort stateArray; /* offset to StateArray */
1232	FT_UShort entryTable; /* offset to EntryTable */
1233
1234	FT_UShort classTable_length;
1235	FT_UShort stateArray_length;
1236	FT_UShort entryTable_length;
1237	FT_Byte maxClassID;
1238	FT_Byte maxState;
1239	FT_Byte maxEntry;
1240
1241	GXV_StateTable_Subtable_Setup_Func setup_func;
1242
1243	FT_Bytes p = table;
1244
1245
1246	GXV_NAME_ENTER( "StateTable" );
1247
1248	GXV_TRACE(( "StateTable header\n" ));
1249
1250	GXV_LIMIT_CHECK( 2 + 2 + 2 + 2 );
1251	stateSize = FT_NEXT_USHORT( p );
1252	classTable = FT_NEXT_USHORT( p );
1253	stateArray = FT_NEXT_USHORT( p );
1254	entryTable = FT_NEXT_USHORT( p );
1255
1256	GXV_TRACE(( "stateSize=0x%04x\n", stateSize ));
1257	GXV_TRACE(( "offset to classTable=0x%04x\n", classTable ));
1258	GXV_TRACE(( "offset to stateArray=0x%04x\n", stateArray ));
1259	GXV_TRACE(( "offset to entryTable=0x%04x\n", entryTable ));
1260
1261	if ( stateSize > 0xFF )
1262	FT_INVALID_DATA;
1263
1264	if ( valid->statetable.optdata_load_func != NULL )
1265	valid->statetable.optdata_load_func( p, limit, valid );
1266
1267	if ( valid->statetable.subtable_setup_func != NULL)
1268	setup_func = valid->statetable.subtable_setup_func;
1269	else
1270	setup_func = gxv_StateTable_subtable_setup;
1271
1272	setup_func( (FT_UShort)( limit - table ),
1273	classTable,
1274	stateArray,
1275	entryTable,
1276	&classTable_length,
1277	&stateArray_length,
1278	&entryTable_length,
1279	valid );
1280
1281	GXV_TRACE(( "StateTable Subtables\n" ));
1282
1283	if ( classTable != 0 )
1284	gxv_ClassTable_validate( table + classTable,
1285	&classTable_length,
1286	stateSize,
1287	&maxClassID,
1288	valid );
1289	else
1290	maxClassID = (FT_Byte)( stateSize - 1 );
1291
1292	if ( stateArray != 0 )
1293	gxv_StateArray_validate( table + stateArray,
1294	&stateArray_length,
1295	maxClassID,
1296	stateSize,
1297	&maxState,
1298	&maxEntry,
1299	valid );
1300	else
1301	{
1302	maxState = 1; /* 0:start of text, 1:start of line are predefined */
1303	maxEntry = 0;
1304	}
1305
1306	if ( maxEntry > 0 && entryTable == 0 )
1307	FT_INVALID_OFFSET;
1308
1309	if ( entryTable != 0 )
1310	gxv_EntryTable_validate( table + entryTable,
1311	&entryTable_length,
1312	maxEntry,
1313	stateArray,
1314	stateArray_length,
1315	maxClassID,
1316	table,
1317	limit,
1318	valid );
1319
1320	GXV_EXIT;
1321	}
1322
1323
1324	/* ================= eXtended State Table (for morx) =================== */
1325
1326	FT_LOCAL_DEF( void )
1327	gxv_XStateTable_subtable_setup( FT_ULong table_size,
1328	FT_ULong classTable,
1329	FT_ULong stateArray,
1330	FT_ULong entryTable,
1331	FT_ULong* classTable_length_p,
1332	FT_ULong* stateArray_length_p,
1333	FT_ULong* entryTable_length_p,
1334	GXV_Validator valid )
1335	{
1336	FT_ULong o[3];
1337	FT_ULong* l[3];
1338	FT_ULong buff[4];
1339
1340
1341	o[0] = classTable;
1342	o[1] = stateArray;
1343	o[2] = entryTable;
1344	l[0] = classTable_length_p;
1345	l[1] = stateArray_length_p;
1346	l[2] = entryTable_length_p;
1347
1348	gxv_set_length_by_ulong_offset( o, l, buff, 4, table_size, valid );
1349	}
1350
1351
1352	static void
1353	gxv_XClassTable_lookupval_validate( FT_UShort glyph,
1354	GXV_LookupValueDesc value,
1355	GXV_Validator valid )
1356	{
1357	FT_UNUSED( glyph );
1358
1359	if ( value.u >= valid->xstatetable.nClasses )
1360	FT_INVALID_DATA;
1361	if ( value.u > valid->xstatetable.maxClassID )
1362	valid->xstatetable.maxClassID = value.u;
1363	}
1364
1365
1366	/*
1367	+===============+ --------+
1368	\| lookup header \| \|
1369	+===============+ \|
1370	\| BinSrchHeader \| \|
1371	+===============+ \|
1372	\| lastGlyph[0] \| \|
1373	+---------------+ \|
1374	\| firstGlyph[0] \| \| head of lookup table
1375	+---------------+ \| +
1376	\| offset[0] \| -> \| offset [byte]
1377	+===============+ \| +
1378	\| lastGlyph[1] \| \| (glyphID - firstGlyph) * 2 [byte]
1379	+---------------+ \|
1380	\| firstGlyph[1] \| \|
1381	+---------------+ \|
1382	\| offset[1] \| \|
1383	+===============+ \|
1384	\|
1385	.... \|
1386	\|
1387	16bit value array \|
1388	+===============+ \|
1389	\| value \| <-------+
1390	....
1391	*/
1392	static GXV_LookupValueDesc
1393	gxv_XClassTable_lookupfmt4_transit( FT_UShort relative_gindex,
1394	GXV_LookupValueDesc base_value,
1395	FT_Bytes lookuptbl_limit,
1396	GXV_Validator valid )
1397	{
1398	FT_Bytes p;
1399	FT_Bytes limit;
1400	FT_UShort offset;
1401	GXV_LookupValueDesc value;
1402
1403	/* XXX: check range? */
1404	offset = (FT_UShort)( base_value.u +
1405	relative_gindex * sizeof ( FT_UShort ) );
1406
1407	p = valid->lookuptbl_head + offset;
1408	limit = lookuptbl_limit;
1409
1410	GXV_LIMIT_CHECK ( 2 );
1411	value.u = FT_NEXT_USHORT( p );
1412
1413	return value;
1414	}
1415
1416
1417	static void
1418	gxv_XStateArray_validate( FT_Bytes table,
1419	FT_ULong* length_p,
1420	FT_UShort maxClassID,
1421	FT_ULong stateSize,
1422	FT_UShort* maxState_p,
1423	FT_UShort* maxEntry_p,
1424	GXV_Validator valid )
1425	{
1426	FT_Bytes p = table;
1427	FT_Bytes limit = table + *length_p;
1428	FT_UShort clazz;
1429	FT_UShort entry;
1430
1431	FT_UNUSED( stateSize ); /* for the non-debugging case */
1432
1433
1434	GXV_NAME_ENTER( "XStateArray" );
1435
1436	GXV_TRACE(( "parse % 3d bytes by stateSize=% 3d maxClassID=% 3d\n",
1437	(int)(*length_p), stateSize, (int)(maxClassID) ));
1438
1439	/*
1440	* 2 states are predefined and must be described:
1441	* state 0 (start of text), 1 (start of line)
1442	*/
1443	GXV_LIMIT_CHECK( ( 1 + maxClassID ) * 2 * 2 );
1444
1445	*maxState_p = 0;
1446	*maxEntry_p = 0;
1447
1448	/* read if enough to read another state */
1449	while ( p + ( ( 1 + maxClassID ) * 2 ) <= limit )
1450	{
1451	(*maxState_p)++;
1452	for ( clazz = 0; clazz <= maxClassID; clazz++ )
1453	{
1454	entry = FT_NEXT_USHORT( p );
1455	maxEntry_p = (FT_UShort)FT_MAX( maxEntry_p, entry );
1456	}
1457	}
1458	GXV_TRACE(( "parsed: maxState=%d, maxEntry=%d\n",
1459	maxState_p, maxEntry_p ));
1460
1461	*length_p = p - table;
1462
1463	GXV_EXIT;
1464	}
1465
1466
1467	static void
1468	gxv_XEntryTable_validate( FT_Bytes table,
1469	FT_ULong* length_p,
1470	FT_UShort maxEntry,
1471	FT_ULong stateArray_length,
1472	FT_UShort maxClassID,
1473	FT_Bytes xstatetable_table,
1474	FT_Bytes xstatetable_limit,
1475	GXV_Validator valid )
1476	{
1477	FT_Bytes p = table;
1478	FT_Bytes limit = table + *length_p;
1479	FT_UShort entry;
1480	FT_UShort state;
1481	FT_Int entrySize = 2 + 2 + GXV_GLYPHOFFSET_SIZE( xstatetable );
1482
1483
1484	GXV_NAME_ENTER( "XEntryTable" );
1485	GXV_TRACE(( "maxEntry=%d entrySize=%d\n", maxEntry, entrySize ));
1486
1487	if ( ( p + ( maxEntry + 1 ) * entrySize ) > limit )
1488	FT_INVALID_TOO_SHORT;
1489
1490	for (entry = 0; entry <= maxEntry ; entry++ )
1491	{
1492	FT_UShort newState_idx;
1493	FT_UShort flags;
1494	GXV_XStateTable_GlyphOffsetDesc glyphOffset;
1495
1496
1497	GXV_LIMIT_CHECK( 2 + 2 );
1498	newState_idx = FT_NEXT_USHORT( p );
1499	flags = FT_NEXT_USHORT( p );
1500
1501	if ( stateArray_length < (FT_ULong)( newState_idx * 2 ) )
1502	{
1503	GXV_TRACE(( " newState index 0x%04x points out of stateArray\n",
1504	newState_idx ));
1505	if ( valid->root->level >= FT_VALIDATE_PARANOID )
1506	FT_INVALID_OFFSET;
1507	}
1508
1509	state = (FT_UShort)( newState_idx / ( 1 + maxClassID ) );
1510	if ( 0 != ( newState_idx % ( 1 + maxClassID ) ) )
1511	{
1512	FT_TRACE4(( "-> new state = %d (supposed)\n"
1513	"but newState index 0x%04x is not aligned to %d-classes\n",
1514	state, newState_idx, 1 + maxClassID ));
1515	if ( valid->root->level >= FT_VALIDATE_PARANOID )
1516	FT_INVALID_OFFSET;
1517	}
1518
1519	switch ( GXV_GLYPHOFFSET_FMT( xstatetable ) )
1520	{
1521	case GXV_GLYPHOFFSET_NONE:
1522	glyphOffset.uc = 0; /* make compiler happy */
1523	break;
1524
1525	case GXV_GLYPHOFFSET_UCHAR:
1526	glyphOffset.uc = FT_NEXT_BYTE( p );
1527	break;
1528
1529	case GXV_GLYPHOFFSET_CHAR:
1530	glyphOffset.c = FT_NEXT_CHAR( p );
1531	break;
1532
1533	case GXV_GLYPHOFFSET_USHORT:
1534	glyphOffset.u = FT_NEXT_USHORT( p );
1535	break;
1536
1537	case GXV_GLYPHOFFSET_SHORT:
1538	glyphOffset.s = FT_NEXT_SHORT( p );
1539	break;
1540
1541	case GXV_GLYPHOFFSET_ULONG:
1542	glyphOffset.ul = FT_NEXT_ULONG( p );
1543	break;
1544
1545	case GXV_GLYPHOFFSET_LONG:
1546	glyphOffset.l = FT_NEXT_LONG( p );
1547	break;
1548
1549	default:
1550	if ( valid->root->level >= FT_VALIDATE_PARANOID )
1551	FT_INVALID_FORMAT;
1552	goto Exit;
1553	}
1554
1555	if ( NULL != valid->xstatetable.entry_validate_func )
1556	valid->xstatetable.entry_validate_func( state,
1557	flags,
1558	glyphOffset,
1559	xstatetable_table,
1560	xstatetable_limit,
1561	valid );
1562	}
1563
1564	Exit:
1565	*length_p = p - table;
1566
1567	GXV_EXIT;
1568	}
1569
1570
1571	FT_LOCAL_DEF( void )
1572	gxv_XStateTable_validate( FT_Bytes table,
1573	FT_Bytes limit,
1574	GXV_Validator valid )
1575	{
1576	/* StateHeader members */
1577	FT_ULong classTable; /* offset to Class(Sub)Table */
1578	FT_ULong stateArray; /* offset to StateArray */
1579	FT_ULong entryTable; /* offset to EntryTable */
1580
1581	FT_ULong classTable_length;
1582	FT_ULong stateArray_length;
1583	FT_ULong entryTable_length;
1584	FT_UShort maxState;
1585	FT_UShort maxEntry;
1586
1587	GXV_XStateTable_Subtable_Setup_Func setup_func;
1588
1589	FT_Bytes p = table;
1590
1591
1592	GXV_NAME_ENTER( "XStateTable" );
1593
1594	GXV_TRACE(( "XStateTable header\n" ));
1595
1596	GXV_LIMIT_CHECK( 4 + 4 + 4 + 4 );
1597	valid->xstatetable.nClasses = FT_NEXT_ULONG( p );
1598	classTable = FT_NEXT_ULONG( p );
1599	stateArray = FT_NEXT_ULONG( p );
1600	entryTable = FT_NEXT_ULONG( p );
1601
1602	GXV_TRACE(( "nClasses =0x%08x\n", valid->xstatetable.nClasses ));
1603	GXV_TRACE(( "offset to classTable=0x%08x\n", classTable ));
1604	GXV_TRACE(( "offset to stateArray=0x%08x\n", stateArray ));
1605	GXV_TRACE(( "offset to entryTable=0x%08x\n", entryTable ));
1606
1607	if ( valid->xstatetable.nClasses > 0xFFFFU )
1608	FT_INVALID_DATA;
1609
1610	GXV_TRACE(( "StateTable Subtables\n" ));
1611
1612	if ( valid->xstatetable.optdata_load_func != NULL )
1613	valid->xstatetable.optdata_load_func( p, limit, valid );
1614
1615	if ( valid->xstatetable.subtable_setup_func != NULL )
1616	setup_func = valid->xstatetable.subtable_setup_func;
1617	else
1618	setup_func = gxv_XStateTable_subtable_setup;
1619
1620	setup_func( limit - table,
1621	classTable,
1622	stateArray,
1623	entryTable,
1624	&classTable_length,
1625	&stateArray_length,
1626	&entryTable_length,
1627	valid );
1628
1629	if ( classTable != 0 )
1630	{
1631	valid->xstatetable.maxClassID = 0;
1632	valid->lookupval_sign = GXV_LOOKUPVALUE_UNSIGNED;
1633	valid->lookupval_func = gxv_XClassTable_lookupval_validate;
1634	valid->lookupfmt4_trans = gxv_XClassTable_lookupfmt4_transit;
1635	gxv_LookupTable_validate( table + classTable,
1636	table + classTable + classTable_length,
1637	valid );
1638	if ( valid->subtable_length < classTable_length )
1639	classTable_length = valid->subtable_length;
1640	}
1641	else
1642	{
1643	/* XXX: check range? */
1644	valid->xstatetable.maxClassID =
1645	(FT_UShort)( valid->xstatetable.nClasses - 1 );
1646	}
1647
1648	if ( stateArray != 0 )
1649	gxv_XStateArray_validate( table + stateArray,
1650	&stateArray_length,
1651	valid->xstatetable.maxClassID,
1652	valid->xstatetable.nClasses,
1653	&maxState,
1654	&maxEntry,
1655	valid );
1656	else
1657	{
1658	maxState = 1; /* 0:start of text, 1:start of line are predefined */
1659	maxEntry = 0;
1660	}
1661
1662	if ( maxEntry > 0 && entryTable == 0 )
1663	FT_INVALID_OFFSET;
1664
1665	if ( entryTable != 0 )
1666	gxv_XEntryTable_validate( table + entryTable,
1667	&entryTable_length,
1668	maxEntry,
1669	stateArray_length,
1670	valid->xstatetable.maxClassID,
1671	table,
1672	limit,
1673	valid );
1674
1675	GXV_EXIT;
1676	}
1677
1678
1679	/*************************************************************************/
1680	/*************************************************************************/
1681	/*** ***/
1682	/*** Table overlapping ***/
1683	/*** ***/
1684	/*************************************************************************/
1685	/*************************************************************************/
1686
1687	static int
1688	gxv_compare_ranges( FT_Bytes table1_start,
1689	FT_ULong table1_length,
1690	FT_Bytes table2_start,
1691	FT_ULong table2_length )
1692	{
1693	if ( table1_start == table2_start )
1694	{
1695	if ( ( table1_length == 0 \|\| table2_length == 0 ) )
1696	goto Out;
1697	}
1698	else if ( table1_start < table2_start )
1699	{
1700	if ( ( table1_start + table1_length ) <= table2_start )
1701	goto Out;
1702	}
1703	else if ( table1_start > table2_start )
1704	{
1705	if ( ( table1_start >= table2_start + table2_length ) )
1706	goto Out;
1707	}
1708	return 1;
1709
1710	Out:
1711	return 0;
1712	}
1713
1714
1715	FT_LOCAL_DEF( void )
1716	gxv_odtect_add_range( FT_Bytes start,
1717	FT_ULong length,
1718	const FT_String* name,
1719	GXV_odtect_Range odtect )
1720	{
1721	odtect->range[ odtect->nRanges ].start = start;
1722	odtect->range[ odtect->nRanges ].length = length;
1723	odtect->range[ odtect->nRanges ].name = (FT_String*)name;
1724	odtect->nRanges++;
1725	}
1726
1727
1728	FT_LOCAL_DEF( void )
1729	gxv_odtect_validate( GXV_odtect_Range odtect,
1730	GXV_Validator valid )
1731	{
1732	FT_UInt i, j;
1733
1734
1735	GXV_NAME_ENTER( "check overlap among multi ranges" );
1736
1737	for ( i = 0; i < odtect->nRanges; i++ )
1738	for ( j = 0; j < i; j++ )
1739	if ( 0 != gxv_compare_ranges( odtect->range[i].start,
1740	odtect->range[i].length,
1741	odtect->range[j].start,
1742	odtect->range[j].length ) )
1743	{
1744	if ( odtect->range[i].name \|\| odtect->range[j].name )
1745	GXV_TRACE(( "found overlap between range %d and range %d\n",
1746	i, j ));
1747	else
1748	GXV_TRACE(( "found overlap between `%s' and `%s\'\n",
1749	odtect->range[i].name,
1750	odtect->range[j].name ));
1751	FT_INVALID_OFFSET;
1752	}
1753
1754	GXV_EXIT;
1755	}
1756
1757
1758	/* END */

Note: See TracBrowser for help on using the repository browser.

Download in other formats: