1 /***************************************************************************/ 2 /* */ 3 /* cffparse.c */ 4 /* */ 5 /* CFF token stream parser (body) */ 6 /* */ 7 /* Copyright 1996-2016 by */ 8 /* David Turner, Robert Wilhelm, and Werner Lemberg. */ 9 /* */ 10 /* This file is part of the FreeType project, and may only be used, */ 11 /* modified, and distributed under the terms of the FreeType project */ 12 /* license, LICENSE.TXT. By continuing to use, modify, or distribute */ 13 /* this file you indicate that you have read the license and */ 14 /* understand and accept it fully. */ 15 /* */ 16 /***************************************************************************/ 17 18 19 #include <ft2build.h> 20 #include "cffparse.h" 21 #include FT_INTERNAL_STREAM_H 22 #include FT_INTERNAL_DEBUG_H 23 24 #include "cfferrs.h" 25 #include "cffpic.h" 26 #include "cffgload.h" 27 28 29 /*************************************************************************/ 30 /* */ 31 /* The macro FT_COMPONENT is used in trace mode. It is an implicit */ 32 /* parameter of the FT_TRACE() and FT_ERROR() macros, used to print/log */ 33 /* messages during execution. */ 34 /* */ 35 #undef FT_COMPONENT 36 #define FT_COMPONENT trace_cffparse 37 38 39 FT_LOCAL_DEF( void ) 40 cff_parser_init( CFF_Parser parser, 41 FT_UInt code, 42 void* object, 43 FT_Library library, 44 FT_UShort num_designs, 45 FT_UShort num_axes ) 46 { 47 FT_MEM_ZERO( parser, sizeof ( *parser ) ); 48 49 parser->top = parser->stack; 50 parser->object_code = code; 51 parser->object = object; 52 parser->library = library; 53 parser->num_designs = num_designs; 54 parser->num_axes = num_axes; 55 } 56 57 58 /* read an integer */ 59 static FT_Long 60 cff_parse_integer( FT_Byte* start, 61 FT_Byte* limit ) 62 { 63 FT_Byte* p = start; 64 FT_Int v = *p++; 65 FT_Long val = 0; 66 67 68 if ( v == 28 ) 69 { 70 if ( p + 2 > limit ) 71 goto Bad; 72 73 val = (FT_Short)( ( (FT_UShort)p[0] << 8 ) | p[1] ); 74 } 75 else if ( v == 29 ) 76 { 77 if ( p + 4 > limit ) 78 goto Bad; 79 80 val = (FT_Long)( ( (FT_ULong)p[0] << 24 ) | 81 ( (FT_ULong)p[1] << 16 ) | 82 ( (FT_ULong)p[2] << 8 ) | 83 (FT_ULong)p[3] ); 84 } 85 else if ( v < 247 ) 86 { 87 val = v - 139; 88 } 89 else if ( v < 251 ) 90 { 91 if ( p + 1 > limit ) 92 goto Bad; 93 94 val = ( v - 247 ) * 256 + p[0] + 108; 95 } 96 else 97 { 98 if ( p + 1 > limit ) 99 goto Bad; 100 101 val = -( v - 251 ) * 256 - p[0] - 108; 102 } 103 104 Exit: 105 return val; 106 107 Bad: 108 val = 0; 109 FT_TRACE4(( "!!!END OF DATA:!!!" )); 110 goto Exit; 111 } 112 113 114 static const FT_Long power_tens[] = 115 { 116 1L, 117 10L, 118 100L, 119 1000L, 120 10000L, 121 100000L, 122 1000000L, 123 10000000L, 124 100000000L, 125 1000000000L 126 }; 127 128 129 /* read a real */ 130 static FT_Fixed 131 cff_parse_real( FT_Byte* start, 132 FT_Byte* limit, 133 FT_Long power_ten, 134 FT_Long* scaling ) 135 { 136 FT_Byte* p = start; 137 FT_Int nib; 138 FT_UInt phase; 139 140 FT_Long result, number, exponent; 141 FT_Int sign = 0, exponent_sign = 0, have_overflow = 0; 142 FT_Long exponent_add, integer_length, fraction_length; 143 144 145 if ( scaling ) 146 *scaling = 0; 147 148 result = 0; 149 150 number = 0; 151 exponent = 0; 152 153 exponent_add = 0; 154 integer_length = 0; 155 fraction_length = 0; 156 157 /* First of all, read the integer part. */ 158 phase = 4; 159 160 for (;;) 161 { 162 /* If we entered this iteration with phase == 4, we need to */ 163 /* read a new byte. This also skips past the initial 0x1E. */ 164 if ( phase ) 165 { 166 p++; 167 168 /* Make sure we don't read past the end. */ 169 if ( p >= limit ) 170 goto Bad; 171 } 172 173 /* Get the nibble. */ 174 nib = (FT_Int)( p[0] >> phase ) & 0xF; 175 phase = 4 - phase; 176 177 if ( nib == 0xE ) 178 sign = 1; 179 else if ( nib > 9 ) 180 break; 181 else 182 { 183 /* Increase exponent if we can't add the digit. */ 184 if ( number >= 0xCCCCCCCL ) 185 exponent_add++; 186 /* Skip leading zeros. */ 187 else if ( nib || number ) 188 { 189 integer_length++; 190 number = number * 10 + nib; 191 } 192 } 193 } 194 195 /* Read fraction part, if any. */ 196 if ( nib == 0xA ) 197 for (;;) 198 { 199 /* If we entered this iteration with phase == 4, we need */ 200 /* to read a new byte. */ 201 if ( phase ) 202 { 203 p++; 204 205 /* Make sure we don't read past the end. */ 206 if ( p >= limit ) 207 goto Bad; 208 } 209 210 /* Get the nibble. */ 211 nib = ( p[0] >> phase ) & 0xF; 212 phase = 4 - phase; 213 if ( nib >= 10 ) 214 break; 215 216 /* Skip leading zeros if possible. */ 217 if ( !nib && !number ) 218 exponent_add--; 219 /* Only add digit if we don't overflow. */ 220 else if ( number < 0xCCCCCCCL && fraction_length < 9 ) 221 { 222 fraction_length++; 223 number = number * 10 + nib; 224 } 225 } 226 227 /* Read exponent, if any. */ 228 if ( nib == 12 ) 229 { 230 exponent_sign = 1; 231 nib = 11; 232 } 233 234 if ( nib == 11 ) 235 { 236 for (;;) 237 { 238 /* If we entered this iteration with phase == 4, */ 239 /* we need to read a new byte. */ 240 if ( phase ) 241 { 242 p++; 243 244 /* Make sure we don't read past the end. */ 245 if ( p >= limit ) 246 goto Bad; 247 } 248 249 /* Get the nibble. */ 250 nib = ( p[0] >> phase ) & 0xF; 251 phase = 4 - phase; 252 if ( nib >= 10 ) 253 break; 254 255 /* Arbitrarily limit exponent. */ 256 if ( exponent > 1000 ) 257 have_overflow = 1; 258 else 259 exponent = exponent * 10 + nib; 260 } 261 262 if ( exponent_sign ) 263 exponent = -exponent; 264 } 265 266 if ( !number ) 267 goto Exit; 268 269 if ( have_overflow ) 270 { 271 if ( exponent_sign ) 272 goto Underflow; 273 else 274 goto Overflow; 275 } 276 277 /* We don't check `power_ten' and `exponent_add'. */ 278 exponent += power_ten + exponent_add; 279 280 if ( scaling ) 281 { 282 /* Only use `fraction_length'. */ 283 fraction_length += integer_length; 284 exponent += integer_length; 285 286 if ( fraction_length <= 5 ) 287 { 288 if ( number > 0x7FFFL ) 289 { 290 result = FT_DivFix( number, 10 ); 291 *scaling = exponent - fraction_length + 1; 292 } 293 else 294 { 295 if ( exponent > 0 ) 296 { 297 FT_Long new_fraction_length, shift; 298 299 300 /* Make `scaling' as small as possible. */ 301 new_fraction_length = FT_MIN( exponent, 5 ); 302 shift = new_fraction_length - fraction_length; 303 304 if ( shift > 0 ) 305 { 306 exponent -= new_fraction_length; 307 number *= power_tens[shift]; 308 if ( number > 0x7FFFL ) 309 { 310 number /= 10; 311 exponent += 1; 312 } 313 } 314 else 315 exponent -= fraction_length; 316 } 317 else 318 exponent -= fraction_length; 319 320 result = (FT_Long)( (FT_ULong)number << 16 ); 321 *scaling = exponent; 322 } 323 } 324 else 325 { 326 if ( ( number / power_tens[fraction_length - 5] ) > 0x7FFFL ) 327 { 328 result = FT_DivFix( number, power_tens[fraction_length - 4] ); 329 *scaling = exponent - 4; 330 } 331 else 332 { 333 result = FT_DivFix( number, power_tens[fraction_length - 5] ); 334 *scaling = exponent - 5; 335 } 336 } 337 } 338 else 339 { 340 integer_length += exponent; 341 fraction_length -= exponent; 342 343 if ( integer_length > 5 ) 344 goto Overflow; 345 if ( integer_length < -5 ) 346 goto Underflow; 347 348 /* Remove non-significant digits. */ 349 if ( integer_length < 0 ) 350 { 351 number /= power_tens[-integer_length]; 352 fraction_length += integer_length; 353 } 354 355 /* this can only happen if exponent was non-zero */ 356 if ( fraction_length == 10 ) 357 { 358 number /= 10; 359 fraction_length -= 1; 360 } 361 362 /* Convert into 16.16 format. */ 363 if ( fraction_length > 0 ) 364 { 365 if ( ( number / power_tens[fraction_length] ) > 0x7FFFL ) 366 goto Exit; 367 368 result = FT_DivFix( number, power_tens[fraction_length] ); 369 } 370 else 371 { 372 number *= power_tens[-fraction_length]; 373 374 if ( number > 0x7FFFL ) 375 goto Overflow; 376 377 result = (FT_Long)( (FT_ULong)number << 16 ); 378 } 379 } 380 381 Exit: 382 if ( sign ) 383 result = -result; 384 385 return result; 386 387 Overflow: 388 result = 0x7FFFFFFFL; 389 FT_TRACE4(( "!!!OVERFLOW:!!!" )); 390 goto Exit; 391 392 Underflow: 393 result = 0; 394 FT_TRACE4(( "!!!UNDERFLOW:!!!" )); 395 goto Exit; 396 397 Bad: 398 result = 0; 399 FT_TRACE4(( "!!!END OF DATA:!!!" )); 400 goto Exit; 401 } 402 403 404 /* read a number, either integer or real */ 405 static FT_Long 406 cff_parse_num( FT_Byte** d ) 407 { 408 return **d == 30 ? ( cff_parse_real( d[0], d[1], 0, NULL ) >> 16 ) 409 : cff_parse_integer( d[0], d[1] ); 410 } 411 412 413 /* read a floating point number, either integer or real */ 414 static FT_Fixed 415 do_fixed( FT_Byte** d, 416 FT_Long scaling ) 417 { 418 if ( **d == 30 ) 419 return cff_parse_real( d[0], d[1], scaling, NULL ); 420 else 421 { 422 FT_Long val = cff_parse_integer( d[0], d[1] ); 423 424 425 if ( scaling ) 426 val *= power_tens[scaling]; 427 428 if ( val > 0x7FFF ) 429 { 430 val = 0x7FFFFFFFL; 431 goto Overflow; 432 } 433 else if ( val < -0x7FFF ) 434 { 435 val = -0x7FFFFFFFL; 436 goto Overflow; 437 } 438 439 return (FT_Long)( (FT_ULong)val << 16 ); 440 441 Overflow: 442 FT_TRACE4(( "!!!OVERFLOW:!!!" )); 443 return val; 444 } 445 } 446 447 448 /* read a floating point number, either integer or real */ 449 static FT_Fixed 450 cff_parse_fixed( FT_Byte** d ) 451 { 452 return do_fixed( d, 0 ); 453 } 454 455 456 /* read a floating point number, either integer or real, */ 457 /* but return `10^scaling' times the number read in */ 458 static FT_Fixed 459 cff_parse_fixed_scaled( FT_Byte** d, 460 FT_Long scaling ) 461 { 462 return do_fixed( d, scaling ); 463 } 464 465 466 /* read a floating point number, either integer or real, */ 467 /* and return it as precise as possible -- `scaling' returns */ 468 /* the scaling factor (as a power of 10) */ 469 static FT_Fixed 470 cff_parse_fixed_dynamic( FT_Byte** d, 471 FT_Long* scaling ) 472 { 473 FT_ASSERT( scaling ); 474 475 if ( **d == 30 ) 476 return cff_parse_real( d[0], d[1], 0, scaling ); 477 else 478 { 479 FT_Long number; 480 FT_Int integer_length; 481 482 483 number = cff_parse_integer( d[0], d[1] ); 484 485 if ( number > 0x7FFFL ) 486 { 487 for ( integer_length = 5; integer_length < 10; integer_length++ ) 488 if ( number < power_tens[integer_length] ) 489 break; 490 491 if ( ( number / power_tens[integer_length - 5] ) > 0x7FFFL ) 492 { 493 *scaling = integer_length - 4; 494 return FT_DivFix( number, power_tens[integer_length - 4] ); 495 } 496 else 497 { 498 *scaling = integer_length - 5; 499 return FT_DivFix( number, power_tens[integer_length - 5] ); 500 } 501 } 502 else 503 { 504 *scaling = 0; 505 return (FT_Long)( (FT_ULong)number << 16 ); 506 } 507 } 508 } 509 510 511 static FT_Error 512 cff_parse_font_matrix( CFF_Parser parser ) 513 { 514 CFF_FontRecDict dict = (CFF_FontRecDict)parser->object; 515 FT_Matrix* matrix = &dict->font_matrix; 516 FT_Vector* offset = &dict->font_offset; 517 FT_ULong* upm = &dict->units_per_em; 518 FT_Byte** data = parser->stack; 519 FT_Error error = FT_ERR( Stack_Underflow ); 520 521 522 if ( parser->top >= parser->stack + 6 ) 523 { 524 FT_Fixed values[6]; 525 FT_Long scalings[6]; 526 527 FT_Long min_scaling, max_scaling; 528 int i; 529 530 531 error = FT_Err_Ok; 532 533 dict->has_font_matrix = TRUE; 534 535 /* We expect a well-formed font matrix, this is, the matrix elements */ 536 /* `xx' and `yy' are of approximately the same magnitude. To avoid */ 537 /* loss of precision, we use the magnitude of the largest matrix */ 538 /* element to scale all other elements. The scaling factor is then */ 539 /* contained in the `units_per_em' value. */ 540 541 max_scaling = FT_LONG_MIN; 542 min_scaling = FT_LONG_MAX; 543 544 for ( i = 0; i < 6; i++ ) 545 { 546 values[i] = cff_parse_fixed_dynamic( data++, &scalings[i] ); 547 if ( values[i] ) 548 { 549 if ( scalings[i] > max_scaling ) 550 max_scaling = scalings[i]; 551 if ( scalings[i] < min_scaling ) 552 min_scaling = scalings[i]; 553 } 554 } 555 556 if ( max_scaling < -9 || 557 max_scaling > 0 || 558 ( max_scaling - min_scaling ) < 0 || 559 ( max_scaling - min_scaling ) > 9 ) 560 { 561 /* Return default matrix in case of unlikely values. */ 562 563 FT_TRACE1(( "cff_parse_font_matrix:" 564 " strange scaling values (minimum %d, maximum %d),\n" 565 " " 566 " using default matrix\n", min_scaling, max_scaling )); 567 568 matrix->xx = 0x10000L; 569 matrix->yx = 0; 570 matrix->xy = 0; 571 matrix->yy = 0x10000L; 572 offset->x = 0; 573 offset->y = 0; 574 *upm = 1; 575 576 goto Exit; 577 } 578 579 for ( i = 0; i < 6; i++ ) 580 { 581 FT_Fixed value = values[i]; 582 FT_Long divisor, half_divisor; 583 584 585 if ( !value ) 586 continue; 587 588 divisor = power_tens[max_scaling - scalings[i]]; 589 half_divisor = divisor >> 1; 590 591 if ( value < 0 ) 592 { 593 if ( FT_LONG_MIN + half_divisor < value ) 594 values[i] = ( value - half_divisor ) / divisor; 595 else 596 values[i] = FT_LONG_MIN / divisor; 597 } 598 else 599 { 600 if ( FT_LONG_MAX - half_divisor > value ) 601 values[i] = ( value + half_divisor ) / divisor; 602 else 603 values[i] = FT_LONG_MAX / divisor; 604 } 605 } 606 607 matrix->xx = values[0]; 608 matrix->yx = values[1]; 609 matrix->xy = values[2]; 610 matrix->yy = values[3]; 611 offset->x = values[4]; 612 offset->y = values[5]; 613 614 *upm = (FT_ULong)power_tens[-max_scaling]; 615 616 FT_TRACE4(( " [%f %f %f %f %f %f]\n", 617 (double)matrix->xx / *upm / 65536, 618 (double)matrix->xy / *upm / 65536, 619 (double)matrix->yx / *upm / 65536, 620 (double)matrix->yy / *upm / 65536, 621 (double)offset->x / *upm / 65536, 622 (double)offset->y / *upm / 65536 )); 623 } 624 625 Exit: 626 return error; 627 } 628 629 630 static FT_Error 631 cff_parse_font_bbox( CFF_Parser parser ) 632 { 633 CFF_FontRecDict dict = (CFF_FontRecDict)parser->object; 634 FT_BBox* bbox = &dict->font_bbox; 635 FT_Byte** data = parser->stack; 636 FT_Error error; 637 638 639 error = FT_ERR( Stack_Underflow ); 640 641 if ( parser->top >= parser->stack + 4 ) 642 { 643 bbox->xMin = FT_RoundFix( cff_parse_fixed( data++ ) ); 644 bbox->yMin = FT_RoundFix( cff_parse_fixed( data++ ) ); 645 bbox->xMax = FT_RoundFix( cff_parse_fixed( data++ ) ); 646 bbox->yMax = FT_RoundFix( cff_parse_fixed( data ) ); 647 error = FT_Err_Ok; 648 649 FT_TRACE4(( " [%d %d %d %d]\n", 650 bbox->xMin / 65536, 651 bbox->yMin / 65536, 652 bbox->xMax / 65536, 653 bbox->yMax / 65536 )); 654 } 655 656 return error; 657 } 658 659 660 static FT_Error 661 cff_parse_private_dict( CFF_Parser parser ) 662 { 663 CFF_FontRecDict dict = (CFF_FontRecDict)parser->object; 664 FT_Byte** data = parser->stack; 665 FT_Error error; 666 667 668 error = FT_ERR( Stack_Underflow ); 669 670 if ( parser->top >= parser->stack + 2 ) 671 { 672 FT_Long tmp; 673 674 675 tmp = cff_parse_num( data++ ); 676 if ( tmp < 0 ) 677 { 678 FT_ERROR(( "cff_parse_private_dict: Invalid dictionary size\n" )); 679 error = FT_THROW( Invalid_File_Format ); 680 goto Fail; 681 } 682 dict->private_size = (FT_ULong)tmp; 683 684 tmp = cff_parse_num( data ); 685 if ( tmp < 0 ) 686 { 687 FT_ERROR(( "cff_parse_private_dict: Invalid dictionary offset\n" )); 688 error = FT_THROW( Invalid_File_Format ); 689 goto Fail; 690 } 691 dict->private_offset = (FT_ULong)tmp; 692 693 FT_TRACE4(( " %lu %lu\n", 694 dict->private_size, dict->private_offset )); 695 696 error = FT_Err_Ok; 697 } 698 699 Fail: 700 return error; 701 } 702 703 704 /* The `MultipleMaster' operator comes before any */ 705 /* top DICT operators that contain T2 charstrings. */ 706 707 static FT_Error 708 cff_parse_multiple_master( CFF_Parser parser ) 709 { 710 CFF_FontRecDict dict = (CFF_FontRecDict)parser->object; 711 FT_Error error; 712 713 714 #ifdef FT_DEBUG_LEVEL_TRACE 715 /* beautify tracing message */ 716 if ( ft_trace_levels[FT_COMPONENT] < 4 ) 717 FT_TRACE1(( "Multiple Master CFFs not supported yet," 718 " handling first master design only\n" )); 719 else 720 FT_TRACE1(( " (not supported yet," 721 " handling first master design only)\n" )); 722 #endif 723 724 error = FT_ERR( Stack_Underflow ); 725 726 /* currently, we handle only the first argument */ 727 if ( parser->top >= parser->stack + 5 ) 728 { 729 FT_Long num_designs = cff_parse_num( parser->stack ); 730 731 732 if ( num_designs > 16 || num_designs < 2 ) 733 { 734 FT_ERROR(( "cff_parse_multiple_master:" 735 " Invalid number of designs\n" )); 736 error = FT_THROW( Invalid_File_Format ); 737 } 738 else 739 { 740 dict->num_designs = (FT_UShort)num_designs; 741 dict->num_axes = (FT_UShort)( parser->top - parser->stack - 4 ); 742 743 parser->num_designs = dict->num_designs; 744 parser->num_axes = dict->num_axes; 745 746 error = FT_Err_Ok; 747 } 748 } 749 750 return error; 751 } 752 753 754 static FT_Error 755 cff_parse_cid_ros( CFF_Parser parser ) 756 { 757 CFF_FontRecDict dict = (CFF_FontRecDict)parser->object; 758 FT_Byte** data = parser->stack; 759 FT_Error error; 760 761 762 error = FT_ERR( Stack_Underflow ); 763 764 if ( parser->top >= parser->stack + 3 ) 765 { 766 dict->cid_registry = (FT_UInt)cff_parse_num( data++ ); 767 dict->cid_ordering = (FT_UInt)cff_parse_num( data++ ); 768 if ( **data == 30 ) 769 FT_TRACE1(( "cff_parse_cid_ros: real supplement is rounded\n" )); 770 dict->cid_supplement = cff_parse_num( data ); 771 if ( dict->cid_supplement < 0 ) 772 FT_TRACE1(( "cff_parse_cid_ros: negative supplement %d is found\n", 773 dict->cid_supplement )); 774 error = FT_Err_Ok; 775 776 FT_TRACE4(( " %d %d %d\n", 777 dict->cid_registry, 778 dict->cid_ordering, 779 dict->cid_supplement )); 780 } 781 782 return error; 783 } 784 785 786 #define CFF_FIELD_NUM( code, name, id ) \ 787 CFF_FIELD( code, name, id, cff_kind_num ) 788 #define CFF_FIELD_FIXED( code, name, id ) \ 789 CFF_FIELD( code, name, id, cff_kind_fixed ) 790 #define CFF_FIELD_FIXED_1000( code, name, id ) \ 791 CFF_FIELD( code, name, id, cff_kind_fixed_thousand ) 792 #define CFF_FIELD_STRING( code, name, id ) \ 793 CFF_FIELD( code, name, id, cff_kind_string ) 794 #define CFF_FIELD_BOOL( code, name, id ) \ 795 CFF_FIELD( code, name, id, cff_kind_bool ) 796 797 #define CFFCODE_TOPDICT 0x1000 798 #define CFFCODE_PRIVATE 0x2000 799 800 801 #ifndef FT_CONFIG_OPTION_PIC 802 803 804 #undef CFF_FIELD 805 #undef CFF_FIELD_DELTA 806 807 808 #ifndef FT_DEBUG_LEVEL_TRACE 809 810 811 #define CFF_FIELD_CALLBACK( code, name, id ) \ 812 { \ 813 cff_kind_callback, \ 814 code | CFFCODE, \ 815 0, 0, \ 816 cff_parse_ ## name, \ 817 0, 0 \ 818 }, 819 820 #define CFF_FIELD( code, name, id, kind ) \ 821 { \ 822 kind, \ 823 code | CFFCODE, \ 824 FT_FIELD_OFFSET( name ), \ 825 FT_FIELD_SIZE( name ), \ 826 0, 0, 0 \ 827 }, 828 829 #define CFF_FIELD_DELTA( code, name, max, id ) \ 830 { \ 831 cff_kind_delta, \ 832 code | CFFCODE, \ 833 FT_FIELD_OFFSET( name ), \ 834 FT_FIELD_SIZE_DELTA( name ), \ 835 0, \ 836 max, \ 837 FT_FIELD_OFFSET( num_ ## name ) \ 838 }, 839 840 static const CFF_Field_Handler cff_field_handlers[] = 841 { 842 843 #include "cfftoken.h" 844 845 { 0, 0, 0, 0, 0, 0, 0 } 846 }; 847 848 849 #else /* FT_DEBUG_LEVEL_TRACE */ 850 851 852 853 #define CFF_FIELD_CALLBACK( code, name, id ) \ 854 { \ 855 cff_kind_callback, \ 856 code | CFFCODE, \ 857 0, 0, \ 858 cff_parse_ ## name, \ 859 0, 0, \ 860 id \ 861 }, 862 863 #define CFF_FIELD( code, name, id, kind ) \ 864 { \ 865 kind, \ 866 code | CFFCODE, \ 867 FT_FIELD_OFFSET( name ), \ 868 FT_FIELD_SIZE( name ), \ 869 0, 0, 0, \ 870 id \ 871 }, 872 873 #define CFF_FIELD_DELTA( code, name, max, id ) \ 874 { \ 875 cff_kind_delta, \ 876 code | CFFCODE, \ 877 FT_FIELD_OFFSET( name ), \ 878 FT_FIELD_SIZE_DELTA( name ), \ 879 0, \ 880 max, \ 881 FT_FIELD_OFFSET( num_ ## name ), \ 882 id \ 883 }, 884 885 static const CFF_Field_Handler cff_field_handlers[] = 886 { 887 888 #include "cfftoken.h" 889 890 { 0, 0, 0, 0, 0, 0, 0, 0 } 891 }; 892 893 894 #endif /* FT_DEBUG_LEVEL_TRACE */ 895 896 897 #else /* FT_CONFIG_OPTION_PIC */ 898 899 900 void 901 FT_Destroy_Class_cff_field_handlers( FT_Library library, 902 CFF_Field_Handler* clazz ) 903 { 904 FT_Memory memory = library->memory; 905 906 907 if ( clazz ) 908 FT_FREE( clazz ); 909 } 910 911 912 FT_Error 913 FT_Create_Class_cff_field_handlers( FT_Library library, 914 CFF_Field_Handler** output_class ) 915 { 916 CFF_Field_Handler* clazz = NULL; 917 FT_Error error; 918 FT_Memory memory = library->memory; 919 920 int i = 0; 921 922 923 #undef CFF_FIELD 924 #define CFF_FIELD( code, name, id, kind ) i++; 925 #undef CFF_FIELD_DELTA 926 #define CFF_FIELD_DELTA( code, name, max, id ) i++; 927 #undef CFF_FIELD_CALLBACK 928 #define CFF_FIELD_CALLBACK( code, name, id ) i++; 929 930 #include "cfftoken.h" 931 932 i++; /* { 0, 0, 0, 0, 0, 0, 0 } */ 933 934 if ( FT_ALLOC( clazz, sizeof ( CFF_Field_Handler ) * i ) ) 935 return error; 936 937 i = 0; 938 939 940 #ifndef FT_DEBUG_LEVEL_TRACE 941 942 943 #undef CFF_FIELD_CALLBACK 944 #define CFF_FIELD_CALLBACK( code_, name_, id_ ) \ 945 clazz[i].kind = cff_kind_callback; \ 946 clazz[i].code = code_ | CFFCODE; \ 947 clazz[i].offset = 0; \ 948 clazz[i].size = 0; \ 949 clazz[i].reader = cff_parse_ ## name_; \ 950 clazz[i].array_max = 0; \ 951 clazz[i].count_offset = 0; \ 952 i++; 953 954 #undef CFF_FIELD 955 #define CFF_FIELD( code_, name_, id_, kind_ ) \ 956 clazz[i].kind = kind_; \ 957 clazz[i].code = code_ | CFFCODE; \ 958 clazz[i].offset = FT_FIELD_OFFSET( name_ ); \ 959 clazz[i].size = FT_FIELD_SIZE( name_ ); \ 960 clazz[i].reader = 0; \ 961 clazz[i].array_max = 0; \ 962 clazz[i].count_offset = 0; \ 963 i++; \ 964 965 #undef CFF_FIELD_DELTA 966 #define CFF_FIELD_DELTA( code_, name_, max_, id_ ) \ 967 clazz[i].kind = cff_kind_delta; \ 968 clazz[i].code = code_ | CFFCODE; \ 969 clazz[i].offset = FT_FIELD_OFFSET( name_ ); \ 970 clazz[i].size = FT_FIELD_SIZE_DELTA( name_ ); \ 971 clazz[i].reader = 0; \ 972 clazz[i].array_max = max_; \ 973 clazz[i].count_offset = FT_FIELD_OFFSET( num_ ## name_ ); \ 974 i++; 975 976 #include "cfftoken.h" 977 978 clazz[i].kind = 0; 979 clazz[i].code = 0; 980 clazz[i].offset = 0; 981 clazz[i].size = 0; 982 clazz[i].reader = 0; 983 clazz[i].array_max = 0; 984 clazz[i].count_offset = 0; 985 986 987 #else /* FT_DEBUG_LEVEL_TRACE */ 988 989 990 #undef CFF_FIELD_CALLBACK 991 #define CFF_FIELD_CALLBACK( code_, name_, id_ ) \ 992 clazz[i].kind = cff_kind_callback; \ 993 clazz[i].code = code_ | CFFCODE; \ 994 clazz[i].offset = 0; \ 995 clazz[i].size = 0; \ 996 clazz[i].reader = cff_parse_ ## name_; \ 997 clazz[i].array_max = 0; \ 998 clazz[i].count_offset = 0; \ 999 clazz[i].id = id_; \ 1000 i++; 1001 1002 #undef CFF_FIELD 1003 #define CFF_FIELD( code_, name_, id_, kind_ ) \ 1004 clazz[i].kind = kind_; \ 1005 clazz[i].code = code_ | CFFCODE; \ 1006 clazz[i].offset = FT_FIELD_OFFSET( name_ ); \ 1007 clazz[i].size = FT_FIELD_SIZE( name_ ); \ 1008 clazz[i].reader = 0; \ 1009 clazz[i].array_max = 0; \ 1010 clazz[i].count_offset = 0; \ 1011 clazz[i].id = id_; \ 1012 i++; \ 1013 1014 #undef CFF_FIELD_DELTA 1015 #define CFF_FIELD_DELTA( code_, name_, max_, id_ ) \ 1016 clazz[i].kind = cff_kind_delta; \ 1017 clazz[i].code = code_ | CFFCODE; \ 1018 clazz[i].offset = FT_FIELD_OFFSET( name_ ); \ 1019 clazz[i].size = FT_FIELD_SIZE_DELTA( name_ ); \ 1020 clazz[i].reader = 0; \ 1021 clazz[i].array_max = max_; \ 1022 clazz[i].count_offset = FT_FIELD_OFFSET( num_ ## name_ ); \ 1023 clazz[i].id = id_; \ 1024 i++; 1025 1026 #include "cfftoken.h" 1027 1028 clazz[i].kind = 0; 1029 clazz[i].code = 0; 1030 clazz[i].offset = 0; 1031 clazz[i].size = 0; 1032 clazz[i].reader = 0; 1033 clazz[i].array_max = 0; 1034 clazz[i].count_offset = 0; 1035 clazz[i].id = 0; 1036 1037 1038 #endif /* FT_DEBUG_LEVEL_TRACE */ 1039 1040 1041 *output_class = clazz; 1042 1043 return FT_Err_Ok; 1044 } 1045 1046 1047 #endif /* FT_CONFIG_OPTION_PIC */ 1048 1049 1050 FT_LOCAL_DEF( FT_Error ) 1051 cff_parser_run( CFF_Parser parser, 1052 FT_Byte* start, 1053 FT_Byte* limit ) 1054 { 1055 FT_Byte* p = start; 1056 FT_Error error = FT_Err_Ok; 1057 FT_Library library = parser->library; 1058 FT_UNUSED( library ); 1059 1060 1061 parser->top = parser->stack; 1062 parser->start = start; 1063 parser->limit = limit; 1064 parser->cursor = start; 1065 1066 while ( p < limit ) 1067 { 1068 FT_UInt v = *p; 1069 1070 1071 if ( v >= 27 && v != 31 ) 1072 { 1073 /* it's a number; we will push its position on the stack */ 1074 if ( parser->top - parser->stack >= CFF_MAX_STACK_DEPTH ) 1075 goto Stack_Overflow; 1076 1077 *parser->top++ = p; 1078 1079 /* now, skip it */ 1080 if ( v == 30 ) 1081 { 1082 /* skip real number */ 1083 p++; 1084 for (;;) 1085 { 1086 /* An unterminated floating point number at the */ 1087 /* end of a dictionary is invalid but harmless. */ 1088 if ( p >= limit ) 1089 goto Exit; 1090 v = p[0] >> 4; 1091 if ( v == 15 ) 1092 break; 1093 v = p[0] & 0xF; 1094 if ( v == 15 ) 1095 break; 1096 p++; 1097 } 1098 } 1099 else if ( v == 28 ) 1100 p += 2; 1101 else if ( v == 29 ) 1102 p += 4; 1103 else if ( v > 246 ) 1104 p += 1; 1105 } 1106 #ifdef CFF_CONFIG_OPTION_OLD_ENGINE 1107 else if ( v == 31 ) 1108 { 1109 /* a Type 2 charstring */ 1110 1111 CFF_Decoder decoder; 1112 CFF_FontRec cff_rec; 1113 FT_Byte* charstring_base; 1114 FT_ULong charstring_len; 1115 1116 FT_Fixed* stack; 1117 FT_Byte* q; 1118 1119 1120 charstring_base = ++p; 1121 1122 /* search `endchar' operator */ 1123 for (;;) 1124 { 1125 if ( p >= limit ) 1126 goto Exit; 1127 if ( *p == 14 ) 1128 break; 1129 p++; 1130 } 1131 1132 charstring_len = (FT_ULong)( p - charstring_base ) + 1; 1133 1134 /* construct CFF_Decoder object */ 1135 FT_MEM_ZERO( &decoder, sizeof ( decoder ) ); 1136 FT_MEM_ZERO( &cff_rec, sizeof ( cff_rec ) ); 1137 1138 cff_rec.top_font.font_dict.num_designs = parser->num_designs; 1139 cff_rec.top_font.font_dict.num_axes = parser->num_axes; 1140 decoder.cff = &cff_rec; 1141 1142 error = cff_decoder_parse_charstrings( &decoder, 1143 charstring_base, 1144 charstring_len, 1145 1 ); 1146 1147 /* Now copy the stack data in the temporary decoder object, */ 1148 /* converting it back to charstring number representations */ 1149 /* (this is ugly, I know). */ 1150 /* */ 1151 /* We overwrite the original top DICT charstring under the */ 1152 /* assumption that the charstring representation of the result */ 1153 /* of `cff_decoder_parse_charstrings' is shorter, which should */ 1154 /* be always true. */ 1155 1156 q = charstring_base - 1; 1157 stack = decoder.stack; 1158 1159 while ( stack < decoder.top ) 1160 { 1161 FT_ULong num; 1162 FT_Bool neg; 1163 1164 1165 if ( parser->top - parser->stack >= CFF_MAX_STACK_DEPTH ) 1166 goto Stack_Overflow; 1167 1168 *parser->top++ = q; 1169 1170 if ( *stack < 0 ) 1171 { 1172 num = (FT_ULong)-*stack; 1173 neg = 1; 1174 } 1175 else 1176 { 1177 num = (FT_ULong)*stack; 1178 neg = 0; 1179 } 1180 1181 if ( num & 0xFFFFU ) 1182 { 1183 if ( neg ) 1184 num = (FT_ULong)-num; 1185 1186 *q++ = 255; 1187 *q++ = ( num & 0xFF000000U ) >> 24; 1188 *q++ = ( num & 0x00FF0000U ) >> 16; 1189 *q++ = ( num & 0x0000FF00U ) >> 8; 1190 *q++ = num & 0x000000FFU; 1191 } 1192 else 1193 { 1194 num >>= 16; 1195 1196 if ( neg ) 1197 { 1198 if ( num <= 107 ) 1199 *q++ = (FT_Byte)( 139 - num ); 1200 else if ( num <= 1131 ) 1201 { 1202 *q++ = (FT_Byte)( ( ( num - 108 ) >> 8 ) + 251 ); 1203 *q++ = (FT_Byte)( ( num - 108 ) & 0xFF ); 1204 } 1205 else 1206 { 1207 num = (FT_ULong)-num; 1208 1209 *q++ = 28; 1210 *q++ = (FT_Byte)( num >> 8 ); 1211 *q++ = (FT_Byte)( num & 0xFF ); 1212 } 1213 } 1214 else 1215 { 1216 if ( num <= 107 ) 1217 *q++ = (FT_Byte)( num + 139 ); 1218 else if ( num <= 1131 ) 1219 { 1220 *q++ = (FT_Byte)( ( ( num - 108 ) >> 8 ) + 247 ); 1221 *q++ = (FT_Byte)( ( num - 108 ) & 0xFF ); 1222 } 1223 else 1224 { 1225 *q++ = 28; 1226 *q++ = (FT_Byte)( num >> 8 ); 1227 *q++ = (FT_Byte)( num & 0xFF ); 1228 } 1229 } 1230 } 1231 1232 stack++; 1233 } 1234 } 1235 #endif /* CFF_CONFIG_OPTION_OLD_ENGINE */ 1236 else 1237 { 1238 /* This is not a number, hence it's an operator. Compute its code */ 1239 /* and look for it in our current list. */ 1240 1241 FT_UInt code; 1242 FT_UInt num_args = (FT_UInt) 1243 ( parser->top - parser->stack ); 1244 const CFF_Field_Handler* field; 1245 1246 1247 *parser->top = p; 1248 code = v; 1249 if ( v == 12 ) 1250 { 1251 /* two byte operator */ 1252 p++; 1253 if ( p >= limit ) 1254 goto Syntax_Error; 1255 1256 code = 0x100 | p[0]; 1257 } 1258 code = code | parser->object_code; 1259 1260 for ( field = CFF_FIELD_HANDLERS_GET; field->kind; field++ ) 1261 { 1262 if ( field->code == (FT_Int)code ) 1263 { 1264 /* we found our field's handler; read it */ 1265 FT_Long val; 1266 FT_Byte* q = (FT_Byte*)parser->object + field->offset; 1267 1268 1269 #ifdef FT_DEBUG_LEVEL_TRACE 1270 FT_TRACE4(( " %s", field->id )); 1271 #endif 1272 1273 /* check that we have enough arguments -- except for */ 1274 /* delta encoded arrays, which can be empty */ 1275 if ( field->kind != cff_kind_delta && num_args < 1 ) 1276 goto Stack_Underflow; 1277 1278 switch ( field->kind ) 1279 { 1280 case cff_kind_bool: 1281 case cff_kind_string: 1282 case cff_kind_num: 1283 val = cff_parse_num( parser->stack ); 1284 goto Store_Number; 1285 1286 case cff_kind_fixed: 1287 val = cff_parse_fixed( parser->stack ); 1288 goto Store_Number; 1289 1290 case cff_kind_fixed_thousand: 1291 val = cff_parse_fixed_scaled( parser->stack, 3 ); 1292 1293 Store_Number: 1294 switch ( field->size ) 1295 { 1296 case (8 / FT_CHAR_BIT): 1297 *(FT_Byte*)q = (FT_Byte)val; 1298 break; 1299 1300 case (16 / FT_CHAR_BIT): 1301 *(FT_Short*)q = (FT_Short)val; 1302 break; 1303 1304 case (32 / FT_CHAR_BIT): 1305 *(FT_Int32*)q = (FT_Int)val; 1306 break; 1307 1308 default: /* for 64-bit systems */ 1309 *(FT_Long*)q = val; 1310 } 1311 1312 #ifdef FT_DEBUG_LEVEL_TRACE 1313 switch ( field->kind ) 1314 { 1315 case cff_kind_bool: 1316 FT_TRACE4(( " %s\n", val ? "true" : "false" )); 1317 break; 1318 1319 case cff_kind_string: 1320 FT_TRACE4(( " %ld (SID)\n", val )); 1321 break; 1322 1323 case cff_kind_num: 1324 FT_TRACE4(( " %ld\n", val )); 1325 break; 1326 1327 case cff_kind_fixed: 1328 FT_TRACE4(( " %f\n", (double)val / 65536 )); 1329 break; 1330 1331 case cff_kind_fixed_thousand: 1332 FT_TRACE4(( " %f\n", (double)val / 65536 / 1000 )); 1333 1334 default: 1335 ; /* never reached */ 1336 } 1337 #endif 1338 1339 break; 1340 1341 case cff_kind_delta: 1342 { 1343 FT_Byte* qcount = (FT_Byte*)parser->object + 1344 field->count_offset; 1345 1346 FT_Byte** data = parser->stack; 1347 1348 1349 if ( num_args > field->array_max ) 1350 num_args = field->array_max; 1351 1352 FT_TRACE4(( " [" )); 1353 1354 /* store count */ 1355 *qcount = (FT_Byte)num_args; 1356 1357 val = 0; 1358 while ( num_args > 0 ) 1359 { 1360 val += cff_parse_num( data++ ); 1361 switch ( field->size ) 1362 { 1363 case (8 / FT_CHAR_BIT): 1364 *(FT_Byte*)q = (FT_Byte)val; 1365 break; 1366 1367 case (16 / FT_CHAR_BIT): 1368 *(FT_Short*)q = (FT_Short)val; 1369 break; 1370 1371 case (32 / FT_CHAR_BIT): 1372 *(FT_Int32*)q = (FT_Int)val; 1373 break; 1374 1375 default: /* for 64-bit systems */ 1376 *(FT_Long*)q = val; 1377 } 1378 1379 FT_TRACE4(( " %ld", val )); 1380 1381 q += field->size; 1382 num_args--; 1383 } 1384 1385 FT_TRACE4(( "]\n" )); 1386 } 1387 break; 1388 1389 default: /* callback */ 1390 error = field->reader( parser ); 1391 if ( error ) 1392 goto Exit; 1393 } 1394 goto Found; 1395 } 1396 } 1397 1398 /* this is an unknown operator, or it is unsupported; */ 1399 /* we will ignore it for now. */ 1400 1401 Found: 1402 /* clear stack */ 1403 parser->top = parser->stack; 1404 } 1405 p++; 1406 } 1407 1408 Exit: 1409 return error; 1410 1411 Stack_Overflow: 1412 error = FT_THROW( Invalid_Argument ); 1413 goto Exit; 1414 1415 Stack_Underflow: 1416 error = FT_THROW( Invalid_Argument ); 1417 goto Exit; 1418 1419 Syntax_Error: 1420 error = FT_THROW( Invalid_Argument ); 1421 goto Exit; 1422 } 1423 1424 1425 /* END */ 1426
