Line data Source code
1 : // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 : // Use of this source code is governed by a BSD-style license that can be
3 : // found in the LICENSE file.
4 :
5 : #include "gpos.h"
6 :
7 : #include <limits>
8 : #include <vector>
9 :
10 : #include "layout.h"
11 : #include "maxp.h"
12 :
13 : // GPOS - The Glyph Positioning Table
14 : // http://www.microsoft.com/typography/otspec/gpos.htm
15 :
16 : #define TABLE_NAME "GPOS"
17 :
18 : namespace {
19 :
20 : enum GPOS_TYPE {
21 : GPOS_TYPE_SINGLE_ADJUSTMENT = 1,
22 : GPOS_TYPE_PAIR_ADJUSTMENT = 2,
23 : GPOS_TYPE_CURSIVE_ATTACHMENT = 3,
24 : GPOS_TYPE_MARK_TO_BASE_ATTACHMENT = 4,
25 : GPOS_TYPE_MARK_TO_LIGATURE_ATTACHMENT = 5,
26 : GPOS_TYPE_MARK_TO_MARK_ATTACHMENT = 6,
27 : GPOS_TYPE_CONTEXT_POSITIONING = 7,
28 : GPOS_TYPE_CHAINED_CONTEXT_POSITIONING = 8,
29 : GPOS_TYPE_EXTENSION_POSITIONING = 9,
30 : GPOS_TYPE_RESERVED = 10
31 : };
32 :
33 : // The size of gpos header.
34 : const unsigned kGposHeaderSize = 10;
35 : // The maximum format number for anchor tables.
36 : const uint16_t kMaxAnchorFormat = 3;
37 : // The maximum number of class value.
38 : const uint16_t kMaxClassDefValue = 0xFFFF;
39 :
40 : // Lookup type parsers.
41 : bool ParseSingleAdjustment(const ots::Font *font,
42 : const uint8_t *data, const size_t length);
43 : bool ParsePairAdjustment(const ots::Font *font,
44 : const uint8_t *data, const size_t length);
45 : bool ParseCursiveAttachment(const ots::Font *font,
46 : const uint8_t *data, const size_t length);
47 : bool ParseMarkToBaseAttachment(const ots::Font *font,
48 : const uint8_t *data, const size_t length);
49 : bool ParseMarkToLigatureAttachment(const ots::Font *font,
50 : const uint8_t *data, const size_t length);
51 : bool ParseMarkToMarkAttachment(const ots::Font *font,
52 : const uint8_t *data, const size_t length);
53 : bool ParseContextPositioning(const ots::Font *font,
54 : const uint8_t *data, const size_t length);
55 : bool ParseChainedContextPositioning(const ots::Font *font,
56 : const uint8_t *data, const size_t length);
57 : bool ParseExtensionPositioning(const ots::Font *font,
58 : const uint8_t *data, const size_t length);
59 :
60 : const ots::LookupSubtableParser::TypeParser kGposTypeParsers[] = {
61 : {GPOS_TYPE_SINGLE_ADJUSTMENT, ParseSingleAdjustment},
62 : {GPOS_TYPE_PAIR_ADJUSTMENT, ParsePairAdjustment},
63 : {GPOS_TYPE_CURSIVE_ATTACHMENT, ParseCursiveAttachment},
64 : {GPOS_TYPE_MARK_TO_BASE_ATTACHMENT, ParseMarkToBaseAttachment},
65 : {GPOS_TYPE_MARK_TO_LIGATURE_ATTACHMENT, ParseMarkToLigatureAttachment},
66 : {GPOS_TYPE_MARK_TO_MARK_ATTACHMENT, ParseMarkToMarkAttachment},
67 : {GPOS_TYPE_CONTEXT_POSITIONING, ParseContextPositioning},
68 : {GPOS_TYPE_CHAINED_CONTEXT_POSITIONING, ParseChainedContextPositioning},
69 : {GPOS_TYPE_EXTENSION_POSITIONING, ParseExtensionPositioning}
70 : };
71 :
72 : const ots::LookupSubtableParser kGposLookupSubtableParser = {
73 : arraysize(kGposTypeParsers),
74 : GPOS_TYPE_EXTENSION_POSITIONING, kGposTypeParsers
75 : };
76 :
77 : // Shared Tables: ValueRecord, Anchor Table, and MarkArray
78 :
79 0 : bool ParseValueRecord(const ots::Font *font,
80 : ots::Buffer* subtable, const uint8_t *data,
81 : const size_t length, const uint16_t value_format) {
82 : // Check existence of adjustment fields.
83 0 : for (unsigned i = 0; i < 4; ++i) {
84 0 : if ((value_format >> i) & 0x1) {
85 : // Just read the field since these fileds could take an arbitrary values.
86 0 : if (!subtable->Skip(2)) {
87 0 : return OTS_FAILURE_MSG("Failed to read value reacord component");
88 : }
89 : }
90 : }
91 :
92 : // Check existence of offsets to device table.
93 0 : for (unsigned i = 0; i < 4; ++i) {
94 0 : if ((value_format >> (i + 4)) & 0x1) {
95 0 : uint16_t offset = 0;
96 0 : if (!subtable->ReadU16(&offset)) {
97 0 : return OTS_FAILURE_MSG("Failed to read value record offset");
98 : }
99 0 : if (offset) {
100 : // TODO(bashi): Is it possible that device tables locate before
101 : // this record? No fonts contain such offset AKAIF.
102 0 : if (offset >= length) {
103 0 : return OTS_FAILURE_MSG("Value record offset too high %d >= %ld", offset, length);
104 : }
105 0 : if (!ots::ParseDeviceTable(font, data + offset, length - offset)) {
106 0 : return OTS_FAILURE_MSG("Failed to parse device table in value record");
107 : }
108 : }
109 : }
110 : }
111 0 : return true;
112 : }
113 :
114 0 : bool ParseAnchorTable(const ots::Font *font,
115 : const uint8_t *data, const size_t length) {
116 0 : ots::Buffer subtable(data, length);
117 :
118 0 : uint16_t format = 0;
119 : // Read format and skip 2 2-byte fields that could be arbitrary values.
120 0 : if (!subtable.ReadU16(&format) ||
121 0 : !subtable.Skip(4)) {
122 0 : return OTS_FAILURE_MSG("Faled to read anchor table");
123 : }
124 :
125 0 : if (format == 0 || format > kMaxAnchorFormat) {
126 0 : return OTS_FAILURE_MSG("Bad Anchor table format %d", format);
127 : }
128 :
129 : // Format 2 and 3 has additional fields.
130 0 : if (format == 2) {
131 : // Format 2 provides an index to a glyph contour point, which will take
132 : // arbitrary value.
133 0 : uint16_t anchor_point = 0;
134 0 : if (!subtable.ReadU16(&anchor_point)) {
135 0 : return OTS_FAILURE_MSG("Failed to read anchor point in format 2 Anchor Table");
136 : }
137 0 : } else if (format == 3) {
138 0 : uint16_t offset_x_device = 0;
139 0 : uint16_t offset_y_device = 0;
140 0 : if (!subtable.ReadU16(&offset_x_device) ||
141 0 : !subtable.ReadU16(&offset_y_device)) {
142 0 : return OTS_FAILURE_MSG("Failed to read device table offsets in format 3 anchor table");
143 : }
144 0 : const unsigned format_end = static_cast<unsigned>(10);
145 0 : if (offset_x_device) {
146 0 : if (offset_x_device < format_end || offset_x_device >= length) {
147 0 : return OTS_FAILURE_MSG("Bad x device table offset %d", offset_x_device);
148 : }
149 0 : if (!ots::ParseDeviceTable(font, data + offset_x_device,
150 : length - offset_x_device)) {
151 0 : return OTS_FAILURE_MSG("Failed to parse device table in anchor table");
152 : }
153 : }
154 0 : if (offset_y_device) {
155 0 : if (offset_y_device < format_end || offset_y_device >= length) {
156 0 : return OTS_FAILURE_MSG("Bad y device table offset %d", offset_y_device);
157 : }
158 0 : if (!ots::ParseDeviceTable(font, data + offset_y_device,
159 : length - offset_y_device)) {
160 0 : return OTS_FAILURE_MSG("Failed to parse device table in anchor table");
161 : }
162 : }
163 : }
164 0 : return true;
165 : }
166 :
167 0 : bool ParseMarkArrayTable(const ots::Font *font,
168 : const uint8_t *data, const size_t length,
169 : const uint16_t class_count) {
170 0 : ots::Buffer subtable(data, length);
171 :
172 0 : uint16_t mark_count = 0;
173 0 : if (!subtable.ReadU16(&mark_count)) {
174 0 : return OTS_FAILURE_MSG("Can't read mark table length");
175 : }
176 :
177 : // MarkRecord consists of 4-bytes.
178 0 : const unsigned mark_records_end = 4 * static_cast<unsigned>(mark_count) + 2;
179 0 : if (mark_records_end > std::numeric_limits<uint16_t>::max()) {
180 0 : return OTS_FAILURE_MSG("Bad mark table length");
181 : }
182 0 : for (unsigned i = 0; i < mark_count; ++i) {
183 0 : uint16_t class_value = 0;
184 0 : uint16_t offset_mark_anchor = 0;
185 0 : if (!subtable.ReadU16(&class_value) ||
186 0 : !subtable.ReadU16(&offset_mark_anchor)) {
187 0 : return OTS_FAILURE_MSG("Can't read mark table %d", i);
188 : }
189 : // |class_value| may take arbitrary values including 0 here so we don't
190 : // check the value.
191 0 : if (offset_mark_anchor < mark_records_end ||
192 0 : offset_mark_anchor >= length) {
193 0 : return OTS_FAILURE_MSG("Bad mark anchor offset %d for mark table %d", offset_mark_anchor, i);
194 : }
195 0 : if (!ParseAnchorTable(font, data + offset_mark_anchor,
196 : length - offset_mark_anchor)) {
197 0 : return OTS_FAILURE_MSG("Faled to parse anchor table for mark table %d", i);
198 : }
199 : }
200 :
201 0 : return true;
202 : }
203 :
204 : // Lookup Type 1:
205 : // Single Adjustment Positioning Subtable
206 0 : bool ParseSingleAdjustment(const ots::Font *font, const uint8_t *data,
207 : const size_t length) {
208 0 : ots::Buffer subtable(data, length);
209 :
210 0 : uint16_t format = 0;
211 0 : uint16_t offset_coverage = 0;
212 0 : uint16_t value_format = 0;
213 0 : if (!subtable.ReadU16(&format) ||
214 0 : !subtable.ReadU16(&offset_coverage) ||
215 0 : !subtable.ReadU16(&value_format)) {
216 0 : return OTS_FAILURE_MSG("Can't read single adjustment information");
217 : }
218 :
219 0 : if (format == 1) {
220 : // Format 1 exactly one value record.
221 0 : if (!ParseValueRecord(font, &subtable, data, length, value_format)) {
222 0 : return OTS_FAILURE_MSG("Failed to parse format 1 single adjustment table");
223 : }
224 0 : } else if (format == 2) {
225 0 : uint16_t value_count = 0;
226 0 : if (!subtable.ReadU16(&value_count)) {
227 0 : return OTS_FAILURE_MSG("Failed to parse format 2 single adjustment table");
228 : }
229 0 : for (unsigned i = 0; i < value_count; ++i) {
230 0 : if (!ParseValueRecord(font, &subtable, data, length, value_format)) {
231 0 : return OTS_FAILURE_MSG("Failed to parse value record %d in format 2 single adjustment table", i);
232 : }
233 : }
234 : } else {
235 0 : return OTS_FAILURE_MSG("Bad format %d in single adjustment table", format);
236 : }
237 :
238 0 : if (offset_coverage < subtable.offset() || offset_coverage >= length) {
239 0 : return OTS_FAILURE_MSG("Bad coverage offset %d in single adjustment table", offset_coverage);
240 : }
241 :
242 0 : if (!ots::ParseCoverageTable(font, data + offset_coverage,
243 : length - offset_coverage,
244 0 : font->maxp->num_glyphs)) {
245 0 : return OTS_FAILURE_MSG("Failed to parse coverage table in single adjustment table");
246 : }
247 :
248 0 : return true;
249 : }
250 :
251 0 : bool ParsePairSetTable(const ots::Font *font,
252 : const uint8_t *data, const size_t length,
253 : const uint16_t value_format1,
254 : const uint16_t value_format2,
255 : const uint16_t num_glyphs) {
256 0 : ots::Buffer subtable(data, length);
257 :
258 0 : uint16_t value_count = 0;
259 0 : if (!subtable.ReadU16(&value_count)) {
260 0 : return OTS_FAILURE_MSG("Failed to read pair set table structure");
261 : }
262 0 : for (unsigned i = 0; i < value_count; ++i) {
263 : // Check pair value record.
264 0 : uint16_t glyph_id = 0;
265 0 : if (!subtable.ReadU16(&glyph_id)) {
266 0 : return OTS_FAILURE_MSG("Failed to read glyph in pair value record %d", i);
267 : }
268 0 : if (glyph_id >= num_glyphs) {
269 0 : return OTS_FAILURE_MSG("glyph id %d too high >= %d", glyph_id, num_glyphs);
270 : }
271 0 : if (!ParseValueRecord(font, &subtable, data, length, value_format1)) {
272 0 : return OTS_FAILURE_MSG("Failed to parse value record in format 1 pair set table");
273 : }
274 0 : if (!ParseValueRecord(font, &subtable, data, length, value_format2)) {
275 0 : return OTS_FAILURE_MSG("Failed to parse value record in format 2 pair set table");
276 : }
277 : }
278 0 : return true;
279 : }
280 :
281 0 : bool ParsePairPosFormat1(const ots::Font *font,
282 : const uint8_t *data, const size_t length,
283 : const uint16_t value_format1,
284 : const uint16_t value_format2,
285 : const uint16_t num_glyphs) {
286 0 : ots::Buffer subtable(data, length);
287 :
288 : // Skip 8 bytes that are already read before.
289 0 : if (!subtable.Skip(8)) {
290 0 : return OTS_FAILURE_MSG("Failed to read pair pos table structure");
291 : }
292 :
293 0 : uint16_t pair_set_count = 0;
294 0 : if (!subtable.ReadU16(&pair_set_count)) {
295 0 : return OTS_FAILURE_MSG("Failed to read pair pos set count");
296 : }
297 :
298 0 : const unsigned pair_pos_end = 2 * static_cast<unsigned>(pair_set_count) + 10;
299 0 : if (pair_pos_end > std::numeric_limits<uint16_t>::max()) {
300 0 : return OTS_FAILURE_MSG("Bad pair set length %d", pair_pos_end);
301 : }
302 0 : for (unsigned i = 0; i < pair_set_count; ++i) {
303 0 : uint16_t pair_set_offset = 0;
304 0 : if (!subtable.ReadU16(&pair_set_offset)) {
305 0 : return OTS_FAILURE_MSG("Failed to read pair set offset for pair set %d", i);
306 : }
307 0 : if (pair_set_offset < pair_pos_end || pair_set_offset >= length) {
308 0 : return OTS_FAILURE_MSG("Bad pair set offset %d for pair set %d", pair_set_offset, i);
309 : }
310 : // Check pair set tables
311 0 : if (!ParsePairSetTable(font, data + pair_set_offset, length - pair_set_offset,
312 : value_format1, value_format2,
313 : num_glyphs)) {
314 0 : return OTS_FAILURE_MSG("Failed to parse pair set table %d", i);
315 : }
316 : }
317 :
318 0 : return true;
319 : }
320 :
321 0 : bool ParsePairPosFormat2(const ots::Font *font,
322 : const uint8_t *data, const size_t length,
323 : const uint16_t value_format1,
324 : const uint16_t value_format2,
325 : const uint16_t num_glyphs) {
326 0 : ots::Buffer subtable(data, length);
327 :
328 : // Skip 8 bytes that are already read before.
329 0 : if (!subtable.Skip(8)) {
330 0 : return OTS_FAILURE_MSG("Failed to read pair pos format 2 structure");
331 : }
332 :
333 0 : uint16_t offset_class_def1 = 0;
334 0 : uint16_t offset_class_def2 = 0;
335 0 : uint16_t class1_count = 0;
336 0 : uint16_t class2_count = 0;
337 0 : if (!subtable.ReadU16(&offset_class_def1) ||
338 0 : !subtable.ReadU16(&offset_class_def2) ||
339 0 : !subtable.ReadU16(&class1_count) ||
340 0 : !subtable.ReadU16(&class2_count)) {
341 0 : return OTS_FAILURE_MSG("Failed to read pair pos format 2 data");
342 : }
343 :
344 : // Check class 1 records.
345 0 : for (unsigned i = 0; i < class1_count; ++i) {
346 : // Check class 2 records.
347 0 : for (unsigned j = 0; j < class2_count; ++j) {
348 0 : if (value_format1 && !ParseValueRecord(font, &subtable, data, length,
349 : value_format1)) {
350 0 : return OTS_FAILURE_MSG("Failed to parse value record 1 %d and %d", j, i);
351 : }
352 0 : if (value_format2 && !ParseValueRecord(font, &subtable, data, length,
353 : value_format2)) {
354 0 : return OTS_FAILURE_MSG("Falied to parse value record 2 %d and %d", j, i);
355 : }
356 : }
357 : }
358 :
359 : // Check class definition tables.
360 0 : if (offset_class_def1 < subtable.offset() || offset_class_def1 >= length ||
361 0 : offset_class_def2 < subtable.offset() || offset_class_def2 >= length) {
362 0 : return OTS_FAILURE_MSG("Bad class definition table offsets %d or %d", offset_class_def1, offset_class_def2);
363 : }
364 0 : if (!ots::ParseClassDefTable(font, data + offset_class_def1,
365 : length - offset_class_def1,
366 : num_glyphs, kMaxClassDefValue)) {
367 0 : return OTS_FAILURE_MSG("Failed to parse class definition table 1");
368 : }
369 0 : if (!ots::ParseClassDefTable(font, data + offset_class_def2,
370 : length - offset_class_def2,
371 : num_glyphs, kMaxClassDefValue)) {
372 0 : return OTS_FAILURE_MSG("Failed to parse class definition table 2");
373 : }
374 :
375 0 : return true;
376 : }
377 :
378 : // Lookup Type 2:
379 : // Pair Adjustment Positioning Subtable
380 0 : bool ParsePairAdjustment(const ots::Font *font, const uint8_t *data,
381 : const size_t length) {
382 0 : ots::Buffer subtable(data, length);
383 :
384 0 : uint16_t format = 0;
385 0 : uint16_t offset_coverage = 0;
386 0 : uint16_t value_format1 = 0;
387 0 : uint16_t value_format2 = 0;
388 0 : if (!subtable.ReadU16(&format) ||
389 0 : !subtable.ReadU16(&offset_coverage) ||
390 0 : !subtable.ReadU16(&value_format1) ||
391 0 : !subtable.ReadU16(&value_format2)) {
392 0 : return OTS_FAILURE_MSG("Failed to read pair adjustment structure");
393 : }
394 :
395 0 : if (format == 1) {
396 0 : if (!ParsePairPosFormat1(font, data, length, value_format1, value_format2,
397 0 : font->maxp->num_glyphs)) {
398 0 : return OTS_FAILURE_MSG("Failed to parse pair pos format 1");
399 : }
400 0 : } else if (format == 2) {
401 0 : if (!ParsePairPosFormat2(font, data, length, value_format1, value_format2,
402 0 : font->maxp->num_glyphs)) {
403 0 : return OTS_FAILURE_MSG("Failed to parse pair format 2");
404 : }
405 : } else {
406 0 : return OTS_FAILURE_MSG("Bad pos pair format %d", format);
407 : }
408 :
409 0 : if (offset_coverage < subtable.offset() || offset_coverage >= length) {
410 0 : return OTS_FAILURE_MSG("Bad pair pos offset coverage %d", offset_coverage);
411 : }
412 0 : if (!ots::ParseCoverageTable(font, data + offset_coverage,
413 : length - offset_coverage,
414 0 : font->maxp->num_glyphs)) {
415 0 : return OTS_FAILURE_MSG("Failed to parse coverage table");
416 : }
417 :
418 0 : return true;
419 : }
420 :
421 : // Lookup Type 3
422 : // Cursive Attachment Positioning Subtable
423 0 : bool ParseCursiveAttachment(const ots::Font *font, const uint8_t *data,
424 : const size_t length) {
425 0 : ots::Buffer subtable(data, length);
426 :
427 0 : uint16_t format = 0;
428 0 : uint16_t offset_coverage = 0;
429 0 : uint16_t entry_exit_count = 0;
430 0 : if (!subtable.ReadU16(&format) ||
431 0 : !subtable.ReadU16(&offset_coverage) ||
432 0 : !subtable.ReadU16(&entry_exit_count)) {
433 0 : return OTS_FAILURE_MSG("Failed to read cursive attachment structure");
434 : }
435 :
436 0 : if (format != 1) {
437 0 : return OTS_FAILURE_MSG("Bad cursive attachment format %d", format);
438 : }
439 :
440 : // Check entry exit records.
441 : const unsigned entry_exit_records_end =
442 0 : 2 * static_cast<unsigned>(entry_exit_count) + 6;
443 0 : if (entry_exit_records_end > std::numeric_limits<uint16_t>::max()) {
444 0 : return OTS_FAILURE_MSG("Bad entry exit record end %d", entry_exit_records_end);
445 : }
446 0 : for (unsigned i = 0; i < entry_exit_count; ++i) {
447 0 : uint16_t offset_entry_anchor = 0;
448 0 : uint16_t offset_exit_anchor = 0;
449 0 : if (!subtable.ReadU16(&offset_entry_anchor) ||
450 0 : !subtable.ReadU16(&offset_exit_anchor)) {
451 0 : return OTS_FAILURE_MSG("Can't read entry exit record %d", i);
452 : }
453 : // These offsets could be NULL.
454 0 : if (offset_entry_anchor) {
455 0 : if (offset_entry_anchor < entry_exit_records_end ||
456 0 : offset_entry_anchor >= length) {
457 0 : return OTS_FAILURE_MSG("Bad entry anchor offset %d in entry exit record %d", offset_entry_anchor, i);
458 : }
459 0 : if (!ParseAnchorTable(font, data + offset_entry_anchor,
460 : length - offset_entry_anchor)) {
461 0 : return OTS_FAILURE_MSG("Failed to parse entry anchor table in entry exit record %d", i);
462 : }
463 : }
464 0 : if (offset_exit_anchor) {
465 0 : if (offset_exit_anchor < entry_exit_records_end ||
466 0 : offset_exit_anchor >= length) {
467 0 : return OTS_FAILURE_MSG("Bad exit anchor offset %d in entry exit record %d", offset_exit_anchor, i);
468 : }
469 0 : if (!ParseAnchorTable(font, data + offset_exit_anchor,
470 : length - offset_exit_anchor)) {
471 0 : return OTS_FAILURE_MSG("Failed to parse exit anchor table in entry exit record %d", i);
472 : }
473 : }
474 : }
475 :
476 0 : if (offset_coverage < subtable.offset() || offset_coverage >= length) {
477 0 : return OTS_FAILURE_MSG("Bad coverage offset in cursive attachment %d", offset_coverage);
478 : }
479 0 : if (!ots::ParseCoverageTable(font, data + offset_coverage,
480 : length - offset_coverage,
481 0 : font->maxp->num_glyphs)) {
482 0 : return OTS_FAILURE_MSG("Failed to parse coverage table in cursive attachment");
483 : }
484 :
485 0 : return true;
486 : }
487 :
488 0 : bool ParseAnchorArrayTable(const ots::Font *font,
489 : const uint8_t *data, const size_t length,
490 : const uint16_t class_count) {
491 0 : ots::Buffer subtable(data, length);
492 :
493 0 : uint16_t record_count = 0;
494 0 : if (!subtable.ReadU16(&record_count)) {
495 0 : return OTS_FAILURE_MSG("Can't read anchor array length");
496 : }
497 :
498 0 : const unsigned anchor_array_end = 2 * static_cast<unsigned>(record_count) *
499 0 : static_cast<unsigned>(class_count) + 2;
500 0 : if (anchor_array_end > std::numeric_limits<uint16_t>::max()) {
501 0 : return OTS_FAILURE_MSG("Bad end of anchor array %d", anchor_array_end);
502 : }
503 0 : for (unsigned i = 0; i < record_count; ++i) {
504 0 : for (unsigned j = 0; j < class_count; ++j) {
505 0 : uint16_t offset_record = 0;
506 0 : if (!subtable.ReadU16(&offset_record)) {
507 0 : return OTS_FAILURE_MSG("Can't read anchor array record offset for class %d and record %d", j, i);
508 : }
509 : // |offset_record| could be NULL.
510 0 : if (offset_record) {
511 0 : if (offset_record < anchor_array_end || offset_record >= length) {
512 0 : return OTS_FAILURE_MSG("Bad record offset %d in class %d, record %d", offset_record, j, i);
513 : }
514 0 : if (!ParseAnchorTable(font, data + offset_record,
515 : length - offset_record)) {
516 0 : return OTS_FAILURE_MSG("Failed to parse anchor table for class %d, record %d", j, i);
517 : }
518 : }
519 : }
520 : }
521 0 : return true;
522 : }
523 :
524 0 : bool ParseLigatureArrayTable(const ots::Font *font,
525 : const uint8_t *data, const size_t length,
526 : const uint16_t class_count) {
527 0 : ots::Buffer subtable(data, length);
528 :
529 0 : uint16_t ligature_count = 0;
530 0 : if (!subtable.ReadU16(&ligature_count)) {
531 0 : return OTS_FAILURE_MSG("Failed to read ligature count");
532 : }
533 0 : for (unsigned i = 0; i < ligature_count; ++i) {
534 0 : uint16_t offset_ligature_attach = 0;
535 0 : if (!subtable.ReadU16(&offset_ligature_attach)) {
536 0 : return OTS_FAILURE_MSG("Can't read ligature offset %d", i);
537 : }
538 0 : if (offset_ligature_attach < 2 || offset_ligature_attach >= length) {
539 0 : return OTS_FAILURE_MSG("Bad ligature attachment offset %d in ligature %d", offset_ligature_attach, i);
540 : }
541 0 : if (!ParseAnchorArrayTable(font, data + offset_ligature_attach,
542 : length - offset_ligature_attach, class_count)) {
543 0 : return OTS_FAILURE_MSG("Failed to parse anchor table for ligature %d", i);
544 : }
545 : }
546 0 : return true;
547 : }
548 :
549 : // Common parser for Lookup Type 4, 5 and 6.
550 0 : bool ParseMarkToAttachmentSubtables(const ots::Font *font,
551 : const uint8_t *data, const size_t length,
552 : const GPOS_TYPE type) {
553 0 : ots::Buffer subtable(data, length);
554 :
555 0 : uint16_t format = 0;
556 0 : uint16_t offset_coverage1 = 0;
557 0 : uint16_t offset_coverage2 = 0;
558 0 : uint16_t class_count = 0;
559 0 : uint16_t offset_mark_array = 0;
560 0 : uint16_t offset_type_specific_array = 0;
561 0 : if (!subtable.ReadU16(&format) ||
562 0 : !subtable.ReadU16(&offset_coverage1) ||
563 0 : !subtable.ReadU16(&offset_coverage2) ||
564 0 : !subtable.ReadU16(&class_count) ||
565 0 : !subtable.ReadU16(&offset_mark_array) ||
566 0 : !subtable.ReadU16(&offset_type_specific_array)) {
567 0 : return OTS_FAILURE_MSG("Failed to read mark attachment subtable header");
568 : }
569 :
570 0 : if (format != 1) {
571 0 : return OTS_FAILURE_MSG("bad mark attachment subtable format %d", format);
572 : }
573 :
574 0 : const unsigned header_end = static_cast<unsigned>(subtable.offset());
575 0 : if (header_end > std::numeric_limits<uint16_t>::max()) {
576 0 : return OTS_FAILURE_MSG("Bad mark attachment subtable size ending at %d", header_end);
577 : }
578 0 : if (offset_coverage1 < header_end || offset_coverage1 >= length) {
579 0 : return OTS_FAILURE_MSG("Bad coverage 1 offset %d", offset_coverage1);
580 : }
581 0 : if (!ots::ParseCoverageTable(font, data + offset_coverage1,
582 : length - offset_coverage1,
583 0 : font->maxp->num_glyphs)) {
584 0 : return OTS_FAILURE_MSG("Failed to parse converge 1 table");
585 : }
586 0 : if (offset_coverage2 < header_end || offset_coverage2 >= length) {
587 0 : return OTS_FAILURE_MSG("Bad coverage 2 offset %d", offset_coverage2);
588 : }
589 0 : if (!ots::ParseCoverageTable(font, data + offset_coverage2,
590 : length - offset_coverage2,
591 0 : font->maxp->num_glyphs)) {
592 0 : return OTS_FAILURE_MSG("Failed to parse coverage table 2");
593 : }
594 :
595 0 : if (offset_mark_array < header_end || offset_mark_array >= length) {
596 0 : return OTS_FAILURE_MSG("Bad mark array offset %d", offset_mark_array);
597 : }
598 0 : if (!ParseMarkArrayTable(font, data + offset_mark_array,
599 : length - offset_mark_array, class_count)) {
600 0 : return OTS_FAILURE_MSG("Failed to parse mark array");
601 : }
602 :
603 0 : if (offset_type_specific_array < header_end ||
604 0 : offset_type_specific_array >= length) {
605 0 : return OTS_FAILURE_MSG("Bad type specific array offset %d", offset_type_specific_array);
606 : }
607 0 : if (type == GPOS_TYPE_MARK_TO_BASE_ATTACHMENT ||
608 : type == GPOS_TYPE_MARK_TO_MARK_ATTACHMENT) {
609 0 : if (!ParseAnchorArrayTable(font, data + offset_type_specific_array,
610 : length - offset_type_specific_array,
611 : class_count)) {
612 0 : return OTS_FAILURE_MSG("Failed to parse anchor array");
613 : }
614 0 : } else if (type == GPOS_TYPE_MARK_TO_LIGATURE_ATTACHMENT) {
615 0 : if (!ParseLigatureArrayTable(font, data + offset_type_specific_array,
616 : length - offset_type_specific_array,
617 : class_count)) {
618 0 : return OTS_FAILURE_MSG("Failed to parse ligature array");
619 : }
620 : } else {
621 0 : return OTS_FAILURE_MSG("Bad attachment type %d", type);
622 : }
623 :
624 0 : return true;
625 : }
626 :
627 : // Lookup Type 4:
628 : // MarkToBase Attachment Positioning Subtable
629 0 : bool ParseMarkToBaseAttachment(const ots::Font *font,
630 : const uint8_t *data, const size_t length) {
631 : return ParseMarkToAttachmentSubtables(font, data, length,
632 0 : GPOS_TYPE_MARK_TO_BASE_ATTACHMENT);
633 : }
634 :
635 : // Lookup Type 5:
636 : // MarkToLigature Attachment Positioning Subtable
637 0 : bool ParseMarkToLigatureAttachment(const ots::Font *font,
638 : const uint8_t *data, const size_t length) {
639 : return ParseMarkToAttachmentSubtables(font, data, length,
640 0 : GPOS_TYPE_MARK_TO_LIGATURE_ATTACHMENT);
641 : }
642 :
643 : // Lookup Type 6:
644 : // MarkToMark Attachment Positioning Subtable
645 0 : bool ParseMarkToMarkAttachment(const ots::Font *font,
646 : const uint8_t *data, const size_t length) {
647 : return ParseMarkToAttachmentSubtables(font, data, length,
648 0 : GPOS_TYPE_MARK_TO_MARK_ATTACHMENT);
649 : }
650 :
651 : // Lookup Type 7:
652 : // Contextual Positioning Subtables
653 0 : bool ParseContextPositioning(const ots::Font *font,
654 : const uint8_t *data, const size_t length) {
655 0 : return ots::ParseContextSubtable(font, data, length, font->maxp->num_glyphs,
656 0 : font->gpos->num_lookups);
657 : }
658 :
659 : // Lookup Type 8:
660 : // Chaining Contexual Positioning Subtable
661 0 : bool ParseChainedContextPositioning(const ots::Font *font,
662 : const uint8_t *data, const size_t length) {
663 0 : return ots::ParseChainingContextSubtable(font, data, length,
664 0 : font->maxp->num_glyphs,
665 0 : font->gpos->num_lookups);
666 : }
667 :
668 : // Lookup Type 9:
669 : // Extension Positioning
670 0 : bool ParseExtensionPositioning(const ots::Font *font,
671 : const uint8_t *data, const size_t length) {
672 : return ots::ParseExtensionSubtable(font, data, length,
673 0 : &kGposLookupSubtableParser);
674 : }
675 :
676 : } // namespace
677 :
678 : namespace ots {
679 :
680 : // As far as I checked, following fonts contain invalid GPOS table and
681 : // OTS will drop their GPOS table.
682 : //
683 : // # invalid delta format in device table
684 : // samanata.ttf
685 : //
686 : // # bad size range in device table
687 : // Sarai_07.ttf
688 : //
689 : // # bad offset to PairSetTable
690 : // chandas1-2.ttf
691 : //
692 : // # bad offset to FeatureTable
693 : // glrso12.ttf
694 : // gllr12.ttf
695 : // glbo12.ttf
696 : // glb12.ttf
697 : // glro12.ttf
698 : // glbso12.ttf
699 : // glrc12.ttf
700 : // glrsc12.ttf
701 : // glbs12.ttf
702 : // glrs12.ttf
703 : // glr12.ttf
704 : //
705 : // # ScriptRecords aren't sorted by tag
706 : // Garogier_unhinted.otf
707 : //
708 : // # bad start coverage index in CoverageFormat2
709 : // AndBasR.ttf
710 : // CharisSILB.ttf
711 : // CharisSILBI.ttf
712 : // CharisSILI.ttf
713 : // CharisSILR.ttf
714 : // DoulosSILR.ttf
715 : // GenBasBI.ttf
716 : // GenBasI.ttf
717 : // GenBkBasI.ttf
718 : // GenBkBasB.ttf
719 : // GenBkBasR.ttf
720 : // Padauk-Bold.ttf
721 : // Padauk.ttf
722 : //
723 : // # Contour point indexes aren't sorted
724 : // Arial Unicode.ttf
725 :
726 0 : bool ots_gpos_parse(Font *font, const uint8_t *data, size_t length) {
727 : // Parsing GPOS table requires num_glyphs which is contained in maxp table.
728 0 : if (!font->maxp) {
729 0 : return OTS_FAILURE_MSG("missing maxp table needed in GPOS");
730 : }
731 :
732 0 : Buffer table(data, length);
733 :
734 0 : OpenTypeGPOS *gpos = new OpenTypeGPOS;
735 0 : font->gpos = gpos;
736 :
737 0 : uint32_t version = 0;
738 0 : uint16_t offset_script_list = 0;
739 0 : uint16_t offset_feature_list = 0;
740 0 : uint16_t offset_lookup_list = 0;
741 0 : if (!table.ReadU32(&version) ||
742 0 : !table.ReadU16(&offset_script_list) ||
743 0 : !table.ReadU16(&offset_feature_list) ||
744 0 : !table.ReadU16(&offset_lookup_list)) {
745 0 : return OTS_FAILURE_MSG("Incomplete table");
746 : }
747 :
748 0 : if (version != 0x00010000) {
749 0 : return OTS_FAILURE_MSG("Bad version");
750 : }
751 :
752 0 : if (offset_lookup_list) {
753 0 : if (offset_lookup_list < kGposHeaderSize || offset_lookup_list >= length) {
754 0 : return OTS_FAILURE_MSG("Bad lookup list offset in table header");
755 : }
756 :
757 0 : if (!ParseLookupListTable(font, data + offset_lookup_list,
758 : length - offset_lookup_list,
759 : &kGposLookupSubtableParser,
760 : &gpos->num_lookups)) {
761 0 : return OTS_FAILURE_MSG("Failed to parse lookup list table");
762 : }
763 : }
764 :
765 0 : uint16_t num_features = 0;
766 0 : if (offset_feature_list) {
767 0 : if (offset_feature_list < kGposHeaderSize || offset_feature_list >= length) {
768 0 : return OTS_FAILURE_MSG("Bad feature list offset in table header");
769 : }
770 :
771 0 : if (!ParseFeatureListTable(font, data + offset_feature_list,
772 0 : length - offset_feature_list, gpos->num_lookups,
773 : &num_features)) {
774 0 : return OTS_FAILURE_MSG("Failed to parse feature list table");
775 : }
776 : }
777 :
778 0 : if (offset_script_list) {
779 0 : if (offset_script_list < kGposHeaderSize || offset_script_list >= length) {
780 0 : return OTS_FAILURE_MSG("Bad script list offset in table header");
781 : }
782 :
783 0 : if (!ParseScriptListTable(font, data + offset_script_list,
784 : length - offset_script_list, num_features)) {
785 0 : return OTS_FAILURE_MSG("Failed to parse script list table");
786 : }
787 : }
788 :
789 0 : gpos->data = data;
790 0 : gpos->length = length;
791 0 : return true;
792 : }
793 :
794 0 : bool ots_gpos_should_serialise(Font *font) {
795 0 : return font->gpos != NULL && font->gpos->data != NULL;
796 : }
797 :
798 0 : bool ots_gpos_serialise(OTSStream *out, Font *font) {
799 0 : if (!out->Write(font->gpos->data, font->gpos->length)) {
800 0 : return OTS_FAILURE_MSG("Failed to write GPOS table");
801 : }
802 :
803 0 : return true;
804 : }
805 :
806 0 : void ots_gpos_reuse(Font *font, Font *other) {
807 0 : font->gpos = other->gpos;
808 0 : font->gpos_reused = true;
809 0 : }
810 :
811 0 : void ots_gpos_free(Font *font) {
812 0 : delete font->gpos;
813 0 : }
814 :
815 : } // namespace ots
816 :
817 : #undef TABLE_NAME
|
