File graphite2-CVE-2018-7999.patch of Package graphite2.6849

Index: graphite2-1.3.1/include/graphite2/Font.h
===================================================================
--- graphite2-1.3.1.orig/include/graphite2/Font.h	2015-08-31 06:42:03.000000000 +0200
+++ graphite2-1.3.1/include/graphite2/Font.h	2018-03-12 17:31:36.448403368 +0100
@@ -56,7 +56,7 @@ GR2_API void gr_engine_version(int *nMaj
 enum gr_face_options {
     /** No preload, no cmap caching, fail if the graphite tables are invalid */
     gr_face_default = 0,
-    /** Dumb rendering will be enabled if the graphite tables are invalid */
+    /** Dumb rendering will be enabled if the graphite tables are invalid. DEPRECATED. */
     gr_face_dumbRendering = 1,
     /** preload glyphs at construction time */
     gr_face_preloadGlyphs = 2,
Index: graphite2-1.3.1/src/GlyphCache.cpp
===================================================================
--- graphite2-1.3.1.orig/src/GlyphCache.cpp	2015-08-31 06:42:03.000000000 +0200
+++ graphite2-1.3.1/src/GlyphCache.cpp	2018-03-12 17:38:30.703673051 +0100
@@ -84,7 +84,7 @@ const SlantBox SlantBox::empty = {0,0,0,
 class GlyphCache::Loader
 {
 public:
-    Loader(const Face & face, const bool dumb_font);    //return result indicates success. Do not use if failed.
+    Loader(const Face & face);    //return result indicates success. Do not use if failed.
 
     operator bool () const throw();
     unsigned short int units_per_em() const throw();
@@ -115,7 +115,7 @@ private:
 
 
 GlyphCache::GlyphCache(const Face & face, const uint32 face_options)
-: _glyph_loader(new Loader(face, bool(face_options & gr_face_dumbRendering))),
+: _glyph_loader(new Loader(face)),
   _glyphs(_glyph_loader && *_glyph_loader ? grzeroalloc<const GlyphFace *>(_glyph_loader->num_glyphs()) : 0),
   _boxes(_glyph_loader && _glyph_loader->has_boxes() ? grzeroalloc<GlyphBox *>(_glyph_loader->num_glyphs()) : 0),
   _num_glyphs(_glyphs ? _glyph_loader->num_glyphs() : 0),
@@ -235,7 +235,7 @@ const GlyphFace *GlyphCache::glyph(unsig
 
 
 
-GlyphCache::Loader::Loader(const Face & face, const bool dumb_font)
+GlyphCache::Loader::Loader(const Face & face)
 : _head(face, Tag::head),
   _hhea(face, Tag::hhea),
   _hmtx(face, Tag::hmtx),
@@ -261,45 +261,48 @@ GlyphCache::Loader::Loader(const Face &
         return;
     }
 
-    if (!dumb_font)
+    if ((m_pGlat = Face::Table(face, Tag::Glat, 0x00030000)) == NULL
+        || (m_pGloc = Face::Table(face, Tag::Gloc)) == NULL
+        || m_pGloc.size() < 8)
     {
-        if ((m_pGlat = Face::Table(face, Tag::Glat, 0x00030000)) == NULL
-            || (m_pGloc = Face::Table(face, Tag::Gloc)) == NULL
-            || m_pGloc.size() < 6)
-        {
-            _head = Face::Table();
-            return;
-        }
-        const byte    * p = m_pGloc;
-        int       version = be::read<uint32>(p);
-        const uint16    flags = be::read<uint16>(p);
-        _num_attrs = be::read<uint16>(p);
-        // We can accurately calculate the number of attributed glyphs by
-        //  subtracting the length of the attribids array (numAttribs long if present)
-        //  and dividing by either 2 or 4 depending on shor or lonf format
-        _long_fmt              = flags & 1;
-        int tmpnumgattrs       = (m_pGloc.size()
-                                   - (p - m_pGloc)
-                                   - sizeof(uint16)*(flags & 0x2 ? _num_attrs : 0))
-                                       / (_long_fmt ? sizeof(uint32) : sizeof(uint16)) - 1;
-
-        if (version >= 0x00020000 || tmpnumgattrs < 0 || tmpnumgattrs > 65535
-            || _num_attrs == 0 || _num_attrs > 0x3000  // is this hard limit appropriate?
-            || _num_glyphs_graphics > tmpnumgattrs)
-        {
-            _head = Face::Table();
-            return;
-        }
-
-        _num_glyphs_attributes = static_cast<unsigned short>(tmpnumgattrs);
-        p = m_pGlat;
-        version = be::read<uint32>(p);
-        if (version >= 0x00040000)       // reject Glat tables that are too new
-        {
-            _head = Face::Table();
-            return;
-        }
-        _has_boxes = (version == 0x00030000);
+        _head = Face::Table();
+        return;
+    }
+    const byte    * p = m_pGloc;
+    int       version = be::read<uint32>(p);
+    const uint16    flags = be::read<uint16>(p);
+    _num_attrs = be::read<uint16>(p);
+    // We can accurately calculate the number of attributed glyphs by
+    //  subtracting the length of the attribids array (numAttribs long if present)
+    //  and dividing by either 2 or 4 depending on shor or lonf format
+    _long_fmt              = flags & 1;
+    int tmpnumgattrs       = (m_pGloc.size()
+                               - (p - m_pGloc)
+                               - sizeof(uint16)*(flags & 0x2 ? _num_attrs : 0))
+                                   / (_long_fmt ? sizeof(uint32) : sizeof(uint16)) - 1;
+
+    if (version >= 0x00020000 || tmpnumgattrs < 0 || tmpnumgattrs > 65535
+        || _num_attrs == 0 || _num_attrs > 0x3000  // is this hard limit appropriate?
+        || _num_glyphs_graphics > tmpnumgattrs
+        || m_pGlat.size() < 4)
+    {
+        _head = Face::Table();
+        return;
+    }
+    _num_glyphs_attributes = static_cast<unsigned short>(tmpnumgattrs);
+    p = m_pGlat;
+    version = be::read<uint32>(p);
+    if (version >= 0x00040000 || (version >= 0x00030000 && m_pGlat.size() < 8))       // reject Glat tables that are too new
+    {
+        _head = Face::Table();
+        return;
+    }
+    else if (version >= 0x00030000)
+    {
+        unsigned int glatflags = be::read<uint32>(p);
+        _has_boxes = glatflags & 1;
+        // delete this once the compiler is fixed
+        _has_boxes = true;
     }
 }
 
Index: graphite2-1.3.1/src/gr_face.cpp
===================================================================
--- graphite2-1.3.1.orig/src/gr_face.cpp	2015-08-31 06:42:03.000000000 +0200
+++ graphite2-1.3.1/src/gr_face.cpp	2018-03-12 17:31:36.460403579 +0100
@@ -47,8 +47,7 @@ namespace
         telemetry::category _misc_cat(face.tele.misc);
 #endif
         Face::Table silf(face, Tag::Silf, 0x00050000);
-        if (silf)   options &= ~gr_face_dumbRendering;
-        else if (!(options &  gr_face_dumbRendering))
+        if (!silf)
             return false;
 
         if (!face.readGlyphs(options))
@@ -74,7 +73,7 @@ namespace
                 return true;
         }
         else
-            return options & gr_face_dumbRendering;
+            return false;
     }
 }
 
Index: graphite2-1.3.1/tests/featuremap/CMakeLists.txt
===================================================================
--- graphite2-1.3.1.orig/tests/featuremap/CMakeLists.txt	2015-08-31 06:42:03.000000000 +0200
+++ graphite2-1.3.1/tests/featuremap/CMakeLists.txt	2018-03-12 17:31:36.460403579 +0100
@@ -20,7 +20,7 @@ if (GRAPHITE2_ASAN)
 endif (GRAPHITE2_ASAN)
 target_link_libraries(featuremaptest graphite2 graphite2-base graphite2-segcache graphite2-base)
 
-add_test(NAME featuremaptest COMMAND $<TARGET_FILE:featuremaptest> ${testing_SOURCE_DIR}/fonts/tiny.ttf)
+add_test(NAME featuremaptest COMMAND $<TARGET_FILE:featuremaptest> ${testing_SOURCE_DIR}/fonts/small.ttf)
 set_tests_properties(featuremaptest PROPERTIES TIMEOUT 3)
 if (GRAPHITE2_ASAN)
     set_property(TEST featuremaptest APPEND PROPERTY ENVIRONMENT "ASAN_SYMBOLIZER_PATH=${ASAN_SYMBOLIZER}")
Index: graphite2-1.3.1/tests/featuremap/featuremaptest.cpp
===================================================================
--- graphite2-1.3.1.orig/tests/featuremap/featuremaptest.cpp	2015-08-31 06:42:03.000000000 +0200
+++ graphite2-1.3.1/tests/featuremap/featuremaptest.cpp	2018-03-12 17:31:36.460403579 +0100
@@ -243,7 +243,7 @@ template <class T> void testFeatTable(co
 {
     FeatureMap testFeatureMap;
     dummyFace.replace_table(TtfUtil::Tag::Feat, &table, sizeof(T));
-    gr_face * face = gr_make_face_with_ops(&dummyFace, &face_handle::ops, gr_face_dumbRendering);
+    gr_face * face = gr_make_face_with_ops(&dummyFace, &face_handle::ops, 0);
     if (!face) throw std::runtime_error("failed to load font");
     bool readStatus = testFeatureMap.readFeats(*face);
     testAssert("readFeats", readStatus);
@@ -285,9 +285,8 @@ int main(int argc, char * argv[])
 		// test a bad settings offset stradling the end of the table
 		FeatureMap testFeatureMap;
 		dummyFace.replace_table(TtfUtil::Tag::Feat, &testBadOffset, sizeof testBadOffset);
-		face = gr_make_face_with_ops(&dummyFace, &face_handle::ops, gr_face_dumbRendering);
-		bool readStatus = testFeatureMap.readFeats(*face);
-		testAssert("fail gracefully on bad table", !readStatus);
+		face = gr_make_face_with_ops(&dummyFace, &face_handle::ops, 0);
+		testAssert("fail gracefully on bad table", !face);
 	}
 	catch (std::exception & e)
 	{
Index: graphite2-1.3.1/tests/vm/CMakeLists.txt
===================================================================
--- graphite2-1.3.1.orig/tests/vm/CMakeLists.txt	2015-08-31 06:42:03.000000000 +0200
+++ graphite2-1.3.1/tests/vm/CMakeLists.txt	2018-03-12 17:31:36.460403579 +0100
@@ -41,7 +41,7 @@ if  (${CMAKE_SYSTEM_NAME} STREQUAL "Linu
 	endif ("${CMAKE_BUILD_TYPE}" STREQUAL "Release")
 endif  (${CMAKE_SYSTEM_NAME} STREQUAL "Linux")
 
-add_test(vm-test-call-threading vm-test-call ${testing_SOURCE_DIR}/fonts/tiny.ttf 1)
+add_test(vm-test-call-threading vm-test-call ${testing_SOURCE_DIR}/fonts/small.ttf 1)
 set_tests_properties(vm-test-call-threading PROPERTIES
         PASS_REGULAR_EXPRESSION "simple program size:    14 bytes.*result of program: 42"
         FAIL_REGULAR_EXPRESSION "program terminated early;stack not empty")
@@ -51,7 +51,7 @@ if (GRAPHITE2_ASAN)
 endif (GRAPHITE2_ASAN)
 
 if  (${CMAKE_COMPILER_IS_GNUCXX})
-	add_test(vm-test-direct-threading vm-test-direct ${testing_SOURCE_DIR}/fonts/tiny.ttf 1)
+	add_test(vm-test-direct-threading vm-test-direct ${testing_SOURCE_DIR}/fonts/small.ttf 1)
 	set_tests_properties(vm-test-direct-threading PROPERTIES
 			PASS_REGULAR_EXPRESSION "simple program size:    14 bytes.*result of program: 42"
 			FAIL_REGULAR_EXPRESSION "program terminated early;stack not empty")
openSUSE Build Service is sponsored by