提交 0c349a03 编写于 作者: O Owen Taylor 提交者: Owen Taylor

For all binary searches, handle the case where the number of items is 0.

2005-03-03  Owen Taylor  <otaylor@redhat.com>

        * pango/opentype/ftxopen.c (Coverage_Index1, Coverage_Index2,
        Get_Class2): For all binary searches, handle the case where
        the number of items is 0. (#162977, Nick Lamb)

        * pango/opentype/ftxgdef.c (TT_GDEF_Build_ClassDefinition):
        Handle the case where glyph_count == 0 properly. Fix a problem
        with cleanups on memory allocation failure.
        (Get_New_Count, Add_Glyph_Property): Avoid reading off the
        end of the ClassRangeRecord array.
上级 03838daa
...@@ -746,7 +746,7 @@ ...@@ -746,7 +746,7 @@
FT_UShort glyphID, FT_UShort glyphID,
FT_UShort index ) FT_UShort index )
{ {
FT_UShort glyph_index, array_index; FT_UShort glyph_index, array_index, count;
FT_UShort byte, bits; FT_UShort byte, bits;
TTO_ClassRangeRecord* gcrr; TTO_ClassRangeRecord* gcrr;
...@@ -756,10 +756,11 @@ ...@@ -756,10 +756,11 @@
if ( glyphID >= gdef->LastGlyph ) if ( glyphID >= gdef->LastGlyph )
return 0; return 0;
count = gdef->GlyphClassDef.cd.cd2.ClassRangeCount;
gcrr = gdef->GlyphClassDef.cd.cd2.ClassRangeRecord; gcrr = gdef->GlyphClassDef.cd.cd2.ClassRangeRecord;
ngc = gdef->NewGlyphClasses; ngc = gdef->NewGlyphClasses;
if ( glyphID < gcrr[index].Start ) if ( index < count && glyphID < gcrr[index].Start )
{ {
array_index = index; array_index = index;
if ( index == 0 ) if ( index == 0 )
...@@ -999,7 +1000,7 @@ ...@@ -999,7 +1000,7 @@
if ( ALLOC_ARRAY( gdef->NewGlyphClasses, if ( ALLOC_ARRAY( gdef->NewGlyphClasses,
gcd->cd.cd2.ClassRangeCount + 1, FT_UShort* ) ) gcd->cd.cd2.ClassRangeCount + 1, FT_UShort* ) )
goto Fail2; goto Fail3;
count = gcd->cd.cd2.ClassRangeCount; count = gcd->cd.cd2.ClassRangeCount;
gcrr = gcd->cd.cd2.ClassRangeRecord; gcrr = gcd->cd.cd2.ClassRangeRecord;
...@@ -1008,10 +1009,12 @@ ...@@ -1008,10 +1009,12 @@
/* We allocate arrays for all glyphs not covered by the class range /* We allocate arrays for all glyphs not covered by the class range
records. Each element holds four class values. */ records. Each element holds four class values. */
if ( count > 0 )
{
if ( gcrr[0].Start ) if ( gcrr[0].Start )
{ {
if ( ALLOC_ARRAY( ngc[0], ( gcrr[0].Start + 3 ) / 4, FT_UShort ) ) if ( ALLOC_ARRAY( ngc[0], ( gcrr[0].Start + 3 ) / 4, FT_UShort ) )
goto Fail1; goto Fail2;
} }
for ( n = 1; n < count; n++ ) for ( n = 1; n < count; n++ )
...@@ -1030,6 +1033,14 @@ ...@@ -1030,6 +1033,14 @@
FT_UShort ) ) FT_UShort ) )
goto Fail1; goto Fail1;
} }
}
else if ( num_glyphs > 0 )
{
if ( ALLOC_ARRAY( ngc[count],
( num_glyphs + 3 ) / 4,
FT_UShort ) )
goto Fail2;
}
gdef->LastGlyph = num_glyphs - 1; gdef->LastGlyph = num_glyphs - 1;
...@@ -1083,7 +1094,7 @@ ...@@ -1083,7 +1094,7 @@
FT_Error error; FT_Error error;
FT_UShort class, new_class, index; FT_UShort class, new_class, index;
FT_UShort byte, bits, mask; FT_UShort byte, bits, mask;
FT_UShort array_index, glyph_index; FT_UShort array_index, glyph_index, count;
TTO_ClassRangeRecord* gcrr; TTO_ClassRangeRecord* gcrr;
FT_UShort** ngc; FT_UShort** ngc;
...@@ -1124,10 +1135,11 @@ ...@@ -1124,10 +1135,11 @@
return TT_Err_Invalid_Argument; return TT_Err_Invalid_Argument;
} }
count = gdef->GlyphClassDef.cd.cd2.ClassRangeCount;
gcrr = gdef->GlyphClassDef.cd.cd2.ClassRangeRecord; gcrr = gdef->GlyphClassDef.cd.cd2.ClassRangeRecord;
ngc = gdef->NewGlyphClasses; ngc = gdef->NewGlyphClasses;
if ( glyphID < gcrr[index].Start ) if ( index < count && glyphID < gcrr[index].Start )
{ {
array_index = index; array_index = index;
if ( index == 0 ) if ( index == 0 )
......
...@@ -940,6 +940,9 @@ ...@@ -940,6 +940,9 @@
/* binary search */ /* binary search */
if ( cf1->GlyphCount == 0 )
return TTO_Err_Not_Covered;
new_min = 0; new_min = 0;
new_max = cf1->GlyphCount - 1; new_max = cf1->GlyphCount - 1;
...@@ -987,6 +990,9 @@ ...@@ -987,6 +990,9 @@
/* binary search */ /* binary search */
if ( cf2->RangeCount == 0 )
return TTO_Err_Not_Covered;
new_min = 0; new_min = 0;
new_max = cf2->RangeCount - 1; new_max = cf2->RangeCount - 1;
...@@ -1326,6 +1332,15 @@ ...@@ -1326,6 +1332,15 @@
/* binary search */ /* binary search */
if ( cdf2->ClassRangeCount == 0 )
{
*class = 0;
if ( index )
*index = 0;
return TTO_Err_Not_Covered;
}
new_min = 0; new_min = 0;
new_max = cdf2->ClassRangeCount - 1; new_max = cdf2->ClassRangeCount - 1;
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册