src/hb-aat-layout-kerx-table.hh | 3 +++ src/hb-aat-layout-morx-table.hh | 3 +++ src/hb-machinery.hh | 30 +++++++++++++++++++----------- src/hb-ot-cmap-table.hh | 18 ++++++++++-------- 4 files changed, 35 insertions(+), 19 deletions(-)
New commits: commit e4a4555d1e40dacdf72452805e9e6b6109627d63 Author: Behdad Esfahbod <[email protected]> Date: Thu Nov 22 22:17:49 2018 -0500 [cmap] Move code around diff --git a/src/hb-ot-cmap-table.hh b/src/hb-ot-cmap-table.hh index b7d17018..4297550f 100644 --- a/src/hb-ot-cmap-table.hh +++ b/src/hb-ot-cmap-table.hh @@ -863,14 +863,6 @@ struct cmap hb_vector_t<CmapSubtableLongGroup> format12_groups; }; - inline bool sanitize (hb_sanitize_context_t *c) const - { - TRACE_SANITIZE (this); - return_trace (c->check_struct (this) && - likely (version == 0) && - encodingRecord.sanitize (c, this)); - } - inline bool _create_plan (const hb_subset_plan_t *plan, subset_plan *cmap_plan) const { @@ -1171,6 +1163,16 @@ struct cmap return &(this+encodingRecord[result].subtable); } + public: + + inline bool sanitize (hb_sanitize_context_t *c) const + { + TRACE_SANITIZE (this); + return_trace (c->check_struct (this) && + likely (version == 0) && + encodingRecord.sanitize (c, this)); + } + protected: HBUINT16 version; /* Table version number (0). */ SortedArrayOf<EncodingRecord> commit 758c9d68e2143493978d8ac8391f4af2a2abc26a Author: Behdad Esfahbod <[email protected]> Date: Thu Nov 22 22:16:12 2018 -0500 [morx/kerx] Limit range to subtable when sanitizing diff --git a/src/hb-aat-layout-kerx-table.hh b/src/hb-aat-layout-kerx-table.hh index 8292dca6..bb88d9d1 100644 --- a/src/hb-aat-layout-kerx-table.hh +++ b/src/hb-aat-layout-kerx-table.hh @@ -953,10 +953,12 @@ struct KerxTable unsigned int count = thiz()->tableCount; for (unsigned int i = 0; i < count; i++) { + c->set_object (*st); if (unlikely (!st->sanitize (c))) return_trace (false); st = &StructAfter<SubTable> (*st); } + c->reset_object (); return_trace (true); } diff --git a/src/hb-aat-layout-morx-table.hh b/src/hb-aat-layout-morx-table.hh index cb871d2a..7a39eea8 100644 --- a/src/hb-aat-layout-morx-table.hh +++ b/src/hb-aat-layout-morx-table.hh @@ -1061,10 +1061,12 @@ struct Chain unsigned int count = subtableCount; for (unsigned int i = 0; i < count; i++) { + c->set_object (*subtable); if (!subtable->sanitize (c)) return_trace (false); subtable = &StructAfter<ChainSubtable<Types> > (*subtable); } + c->reset_object (); return_trace (true); } commit a9fe787a11fc391d9a43a4ea19e6eb1c474199bd Author: Behdad Esfahbod <[email protected]> Date: Thu Nov 22 22:12:36 2018 -0500 [sanitizer] Add reset_object(), make set_object() do bounds-check Affects morx/kerx run-time only currently. Will adjust their sanitize next. diff --git a/src/hb-aat-layout-kerx-table.hh b/src/hb-aat-layout-kerx-table.hh index 21097276..8292dca6 100644 --- a/src/hb-aat-layout-kerx-table.hh +++ b/src/hb-aat-layout-kerx-table.hh @@ -934,6 +934,7 @@ struct KerxTable st = &StructAfter<SubTable> (*st); c->set_lookup_index (c->lookup_index + 1); } + c->sanitizer.reset_object (); return ret; } diff --git a/src/hb-aat-layout-morx-table.hh b/src/hb-aat-layout-morx-table.hh index bbe952fa..cb871d2a 100644 --- a/src/hb-aat-layout-morx-table.hh +++ b/src/hb-aat-layout-morx-table.hh @@ -1041,6 +1041,7 @@ struct Chain subtable = &StructAfter<ChainSubtable<Types> > (*subtable); c->set_lookup_index (c->lookup_index + 1); } + c->sanitizer.reset_object (); } inline unsigned int get_size (void) const { return length; } diff --git a/src/hb-machinery.hh b/src/hb-machinery.hh index cb30e990..edef5405 100644 --- a/src/hb-machinery.hh +++ b/src/hb-machinery.hh @@ -259,26 +259,34 @@ struct hb_sanitize_context_t : inline void set_max_ops (int max_ops_) { max_ops = max_ops_; } - /* TODO - * This set_object() thing is to use sanitize at runtime lookup - * application time. This is very distinct from the regular - * sanitizer operation, so, eventually, separate into another - * type and make hb_aat_apply_context_t use that one instead - * of abusing this one. - */ template <typename T> inline void set_object (const T& obj) { - this->start = (const char *) &obj; - this->end = (const char *) &obj + obj.get_size (); - assert (this->start <= this->end); /* Must not overflow. */ + reset_object (); + + const char *obj_start = (const char *) &obj; + const char *obj_end = (const char *) &obj + obj.get_size (); + assert (obj_start <= obj_end); /* Must not overflow. */ + + if (unlikely (obj_end < this->start || this->end < obj_start)) + this->start = this->end = nullptr; + else + { + this->start = MAX (this->start, obj_start); + this->end = MIN (this->end , obj_end ); + } } - inline void start_processing (void) + inline void reset_object (void) { this->start = this->blob->data; this->end = this->start + this->blob->length; assert (this->start <= this->end); /* Must not overflow. */ + } + + inline void start_processing (void) + { + reset_object (); this->max_ops = MAX ((unsigned int) (this->end - this->start) * HB_SANITIZE_MAX_OPS_FACTOR, (unsigned) HB_SANITIZE_MAX_OPS_MIN); this->edit_count = 0; _______________________________________________ HarfBuzz mailing list [email protected] https://lists.freedesktop.org/mailman/listinfo/harfbuzz
