-
d276bcb7
by Werner Lemberg
at 2022-01-09T07:48:59+01:00
[bzip2] Avoid use of uninitialized memory.
* src/bzip2/ftbzip2.c (FT_Stream_OpenBzip2): Don't use `FT_QNEW` but
`FT_NEW` for setting up `zip` to avoid uninitialized memory access while
handling malformed PCF fonts later on.
Fixes
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42800
-
0d343863
by David Turner
at 2022-01-09T21:38:29+01:00
[meson] Change Zlib configuration option.
* meson_options.txt, meson.build: Change the format of the 'zlib' meson
build configuration option to be a combo with the following choices:
- none: Do not support gzip-compressed streams at all.
- internal: Support gzip-compressed streams using the copy of the gzip
sources under `src/gzip/`; this should only be used during development
to ensure these work properly.
- external: Support gzip-compressed streams using the 'zlib' Meson
subproject, linked as a static library.
- system: Support gzip-compressed streams using a system-installed version
of zlib.
- auto: Support gzip-compressed streams using a system-installed version
of zlib, if available, or using the 'zlib' subproject otherwise. This
is the default.
- disabled: Backward-compatible alias for 'none'.
- enabled: Backward-compatible alias for 'auto'.
-
a25e85ed
by David Turner
at 2022-01-09T23:16:00+01:00
[gzip] Update sources to zlib 1.2.11
This can be tested by building with the Unix development build
make setup devel
make
or by building the freetype-demos programs with
meson setup build -Dfreetype2:zlib=internal
meson compile -C out
and trying to run `ftview` with a `.pcf.gz` font file.
* src/gzip/ftgzip.c, src/gzip/rules.mk: Update for new zlib sources. Also
remove the temporary fix introduced in commit 6a431038 to work around the
fact that the internal sources were too old.
* src/gzip/README.freetype: New file describing the origin of the sources
and how they were modified.
* src/gzip/patches/*: Patch files applied to original sources.
* src/gzip/*: Updated zlib sources with the patch file(s) from
`src/gzip/patches/` applied, followed by a conversion with zlib's
`zlib2ansi` script.
-
da8a8b8b
by Werner Lemberg
at 2022-01-10T18:13:10+01:00
[zlib] Some organizational changes.
We now first apply zlib's `zlib2ansi` script, then FreeType's patch file.
* src/gzip/README.freetype: Updated.
* patches/0001-zlib-Fix-zlib-sources-to-compile-for-FreeType.patch: Renamed
to...
* patches/freetype-zlib.diff: This.
Clean up description, then regenerate it as follows:
- Copy unmodified files from `zlib` repository.
- Run `zlib2ansi` script.
- Run `git diff -R > patches/freetype-zlib.diff.new`.
- Insert patch description of old diff file, then replace old diff with
new diff file.
-
3f9b78fc
by Werner Lemberg
at 2022-01-10T18:24:56+01:00
[zlib] Don't typedef `ptrdiff_t`.
While using zlib in 'solo' mode (via the `Z_SOLO` macro), we actually
include some standard header files, making the typedef fail on systems where
the native `ptrdiff_t` type differs.
Fixes #1124.
* src/zlib/zutil.h: Comment out definition; it doesn't work on Windows.
* src/zlib/patches/freetype-zlib.diff: Updated.
-
4a89112b
by Werner Lemberg
at 2022-01-10T18:31:17+00:00
* src/sfnt/ttcolr.c (tt_face_get_color_glyph_clipbox): Add limit checks.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=40716
-
2e62b744
by Werner Lemberg
at 2022-01-11T05:37:56+01:00
* subprojects/zlib.wrap: Update from upstream.
-
4c0db607
by Werner Lemberg
at 2022-01-11T07:52:28+01:00
.gitlab-ci.yml: Update Windows image.
The old image produced errors like
```
Downloading zlib patch from
https://wrapdb.mesonbuild.com/v2/zlib_1.2.11-5/get_patch
A fallback URL could be specified using patch_fallback_url key in the wrap file
WrapDB connection failed to
https://wrapdb.mesonbuild.com/v2/zlib_1.2.11-5/get_patch
with error
<urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify
failed: certificate has expired (_ssl.c:1122)>
```
-
33626164
by Werner Lemberg
at 2022-01-11T08:01:30+01:00
.gitlab-ci.yml: Fix typo in previous commit.
-
639a0215
by Werner Lemberg
at 2022-01-11T09:14:48+01:00
* src/type42/t42objs.c (T42_Open_Face): Avoid use of uninitialized memory.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43508
-
947fddc8
by Werner Lemberg
at 2022-01-11T08:27:26+00:00
* src/sfnt/ttcolr.c (read_paint): Fix undefined left-shift operation.
Reported as
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=43151