michael@0: // Copyright (c) 2011 The Chromium Authors. All rights reserved. michael@0: // Use of this source code is governed by a BSD-style license that can be michael@0: // found in the LICENSE file. michael@0: michael@0: #include "layout.h" michael@0: michael@0: #include michael@0: #include michael@0: michael@0: #include "gdef.h" michael@0: michael@0: // OpenType Layout Common Table Formats michael@0: // http://www.microsoft.com/typography/otspec/chapter2.htm michael@0: michael@0: #define TABLE_NAME "Layout" // XXX: use individual table names michael@0: michael@0: namespace { michael@0: michael@0: // The 'DFLT' tag of script table. michael@0: const uint32_t kScriptTableTagDflt = 0x44464c54; michael@0: // The value which represents there is no required feature index. michael@0: const uint16_t kNoRequiredFeatureIndexDefined = 0xFFFF; michael@0: // The lookup flag bit which indicates existence of MarkFilteringSet. michael@0: const uint16_t kUseMarkFilteringSetBit = 0x0010; michael@0: // The lookup flags which require GDEF table. michael@0: const uint16_t kGdefRequiredFlags = 0x0002 | 0x0004 | 0x0008; michael@0: // The mask for MarkAttachmentType. michael@0: const uint16_t kMarkAttachmentTypeMask = 0xFF00; michael@0: // The maximum type number of format for device tables. michael@0: const uint16_t kMaxDeltaFormatType = 3; michael@0: // The maximum number of class value. michael@0: const uint16_t kMaxClassDefValue = 0xFFFF; michael@0: michael@0: struct ScriptRecord { michael@0: uint32_t tag; michael@0: uint16_t offset; michael@0: }; michael@0: michael@0: struct LangSysRecord { michael@0: uint32_t tag; michael@0: uint16_t offset; michael@0: }; michael@0: michael@0: struct FeatureRecord { michael@0: uint32_t tag; michael@0: uint16_t offset; michael@0: }; michael@0: michael@0: bool ParseLangSysTable(const ots::OpenTypeFile *file, michael@0: ots::Buffer *subtable, const uint32_t tag, michael@0: const uint16_t num_features) { michael@0: uint16_t offset_lookup_order = 0; michael@0: uint16_t req_feature_index = 0; michael@0: uint16_t feature_count = 0; michael@0: if (!subtable->ReadU16(&offset_lookup_order) || michael@0: !subtable->ReadU16(&req_feature_index) || michael@0: !subtable->ReadU16(&feature_count)) { michael@0: return OTS_FAILURE_MSG("Failed to read langsys header for tag %4.4s", (char *)&tag); michael@0: } michael@0: // |offset_lookup_order| is reserved and should be NULL. michael@0: if (offset_lookup_order != 0) { michael@0: return OTS_FAILURE_MSG("Bad lookup offset order %d for langsys tag %4.4s", offset_lookup_order, (char *)&tag); michael@0: } michael@0: if (req_feature_index != kNoRequiredFeatureIndexDefined && michael@0: req_feature_index >= num_features) { michael@0: return OTS_FAILURE_MSG("Bad required features index %d for langsys tag %4.4s", req_feature_index, (char *)&tag); michael@0: } michael@0: if (feature_count > num_features) { michael@0: return OTS_FAILURE_MSG("Bad feature count %d for langsys tag %4.4s", feature_count, (char *)&tag); michael@0: } michael@0: michael@0: for (unsigned i = 0; i < feature_count; ++i) { michael@0: uint16_t feature_index = 0; michael@0: if (!subtable->ReadU16(&feature_index)) { michael@0: return OTS_FAILURE_MSG("Failed to read feature index %d for langsys tag %4.4s", i, (char *)&tag); michael@0: } michael@0: if (feature_index >= num_features) { michael@0: return OTS_FAILURE_MSG("Bad feature index %d for feature %d for langsys tag %4.4s", feature_index, i, (char *)&tag); michael@0: } michael@0: } michael@0: return true; michael@0: } michael@0: michael@0: bool ParseScriptTable(const ots::OpenTypeFile *file, michael@0: const uint8_t *data, const size_t length, michael@0: const uint32_t tag, const uint16_t num_features) { michael@0: ots::Buffer subtable(data, length); michael@0: michael@0: uint16_t offset_default_lang_sys = 0; michael@0: uint16_t lang_sys_count = 0; michael@0: if (!subtable.ReadU16(&offset_default_lang_sys) || michael@0: !subtable.ReadU16(&lang_sys_count)) { michael@0: return OTS_FAILURE_MSG("Failed to read script header for script tag %4.4s", (char *)&tag); michael@0: } michael@0: michael@0: // The spec requires a script table for 'DFLT' tag must contain non-NULL michael@0: // |offset_default_lang_sys| and |lang_sys_count| == 0 michael@0: if (tag == kScriptTableTagDflt && michael@0: (offset_default_lang_sys == 0 || lang_sys_count != 0)) { michael@0: return OTS_FAILURE_MSG("DFLT table doesn't satisfy the spec. for script tag %4.4s", (char *)&tag); michael@0: } michael@0: michael@0: const unsigned lang_sys_record_end = michael@0: 6 * static_cast(lang_sys_count) + 4; michael@0: if (lang_sys_record_end > std::numeric_limits::max()) { michael@0: return OTS_FAILURE_MSG("Bad end of langsys record %d for script tag %4.4s", lang_sys_record_end, (char *)&tag); michael@0: } michael@0: michael@0: std::vector lang_sys_records; michael@0: lang_sys_records.resize(lang_sys_count); michael@0: uint32_t last_tag = 0; michael@0: for (unsigned i = 0; i < lang_sys_count; ++i) { michael@0: if (!subtable.ReadU32(&lang_sys_records[i].tag) || michael@0: !subtable.ReadU16(&lang_sys_records[i].offset)) { michael@0: return OTS_FAILURE_MSG("Failed to read langsys record header %d for script tag %4.4s", i, (char *)&tag); michael@0: } michael@0: // The record array must store the records alphabetically by tag michael@0: if (last_tag != 0 && last_tag > lang_sys_records[i].tag) { michael@0: return OTS_FAILURE_MSG("Bad last tag %d for langsys record %d for script tag %4.4s", last_tag, i, (char *)&tag); michael@0: } michael@0: if (lang_sys_records[i].offset < lang_sys_record_end || michael@0: lang_sys_records[i].offset >= length) { michael@0: return OTS_FAILURE_MSG("bad offset to lang sys table: %x", michael@0: lang_sys_records[i].offset); michael@0: } michael@0: last_tag = lang_sys_records[i].tag; michael@0: } michael@0: michael@0: // Check lang sys tables michael@0: for (unsigned i = 0; i < lang_sys_count; ++i) { michael@0: subtable.set_offset(lang_sys_records[i].offset); michael@0: if (!ParseLangSysTable(file, &subtable, lang_sys_records[i].tag, num_features)) { michael@0: return OTS_FAILURE_MSG("Failed to parse langsys table %d (%4.4s) for script tag %4.4s", i, (char *)&lang_sys_records[i].tag, (char *)&tag); michael@0: } michael@0: } michael@0: michael@0: return true; michael@0: } michael@0: michael@0: bool ParseFeatureTable(const ots::OpenTypeFile *file, michael@0: const uint8_t *data, const size_t length, michael@0: const uint16_t num_lookups) { michael@0: ots::Buffer subtable(data, length); michael@0: michael@0: uint16_t offset_feature_params = 0; michael@0: uint16_t lookup_count = 0; michael@0: if (!subtable.ReadU16(&offset_feature_params) || michael@0: !subtable.ReadU16(&lookup_count)) { michael@0: return OTS_FAILURE_MSG("Failed to read feature table header"); michael@0: } michael@0: michael@0: const unsigned feature_table_end = michael@0: 2 * static_cast(lookup_count) + 4; michael@0: if (feature_table_end > std::numeric_limits::max()) { michael@0: return OTS_FAILURE_MSG("Bad end of feature table %d", feature_table_end); michael@0: } michael@0: // |offset_feature_params| is generally set to NULL. michael@0: if (offset_feature_params != 0 && michael@0: (offset_feature_params < feature_table_end || michael@0: offset_feature_params >= length)) { michael@0: return OTS_FAILURE_MSG("Bad feature params offset %d", offset_feature_params); michael@0: } michael@0: michael@0: for (unsigned i = 0; i < lookup_count; ++i) { michael@0: uint16_t lookup_index = 0; michael@0: if (!subtable.ReadU16(&lookup_index)) { michael@0: return OTS_FAILURE_MSG("Failed to read lookup index for lookup %d", i); michael@0: } michael@0: // lookup index starts with 0. michael@0: if (lookup_index >= num_lookups) { michael@0: return OTS_FAILURE_MSG("Bad lookup index %d for lookup %d", lookup_index, i); michael@0: } michael@0: } michael@0: return true; michael@0: } michael@0: michael@0: bool ParseLookupTable(ots::OpenTypeFile *file, const uint8_t *data, michael@0: const size_t length, michael@0: const ots::LookupSubtableParser* parser) { michael@0: ots::Buffer subtable(data, length); michael@0: michael@0: uint16_t lookup_type = 0; michael@0: uint16_t lookup_flag = 0; michael@0: uint16_t subtable_count = 0; michael@0: if (!subtable.ReadU16(&lookup_type) || michael@0: !subtable.ReadU16(&lookup_flag) || michael@0: !subtable.ReadU16(&subtable_count)) { michael@0: return OTS_FAILURE_MSG("Failed to read lookup table header"); michael@0: } michael@0: michael@0: if (lookup_type == 0 || lookup_type > parser->num_types) { michael@0: return OTS_FAILURE_MSG("Bad lookup type %d", lookup_type); michael@0: } michael@0: michael@0: // Check lookup flags. michael@0: if ((lookup_flag & kGdefRequiredFlags) && michael@0: (!file->gdef || !file->gdef->has_glyph_class_def)) { michael@0: return OTS_FAILURE_MSG("Bad lookup flags %d", lookup_flag); michael@0: } michael@0: if ((lookup_flag & kMarkAttachmentTypeMask) && michael@0: (!file->gdef || !file->gdef->has_mark_attachment_class_def)) { michael@0: return OTS_FAILURE_MSG("lookup flag asks for mark attachment that is bad %d", lookup_flag); michael@0: } michael@0: bool use_mark_filtering_set = false; michael@0: if (lookup_flag & kUseMarkFilteringSetBit) { michael@0: if (!file->gdef || !file->gdef->has_mark_glyph_sets_def) { michael@0: return OTS_FAILURE_MSG("lookup flag asks for mark filtering that is bad %d", lookup_flag); michael@0: } michael@0: use_mark_filtering_set = true; michael@0: } michael@0: michael@0: std::vector subtables; michael@0: subtables.reserve(subtable_count); michael@0: // If the |kUseMarkFilteringSetBit| of |lookup_flag| is set, michael@0: // extra 2 bytes will follow after subtable offset array. michael@0: const unsigned lookup_table_end = 2 * static_cast(subtable_count) + michael@0: (use_mark_filtering_set ? 8 : 6); michael@0: if (lookup_table_end > std::numeric_limits::max()) { michael@0: return OTS_FAILURE_MSG("Bad end of lookup %d", lookup_table_end); michael@0: } michael@0: for (unsigned i = 0; i < subtable_count; ++i) { michael@0: uint16_t offset_subtable = 0; michael@0: if (!subtable.ReadU16(&offset_subtable)) { michael@0: return OTS_FAILURE_MSG("Failed to read subtable offset %d", i); michael@0: } michael@0: if (offset_subtable < lookup_table_end || michael@0: offset_subtable >= length) { michael@0: return OTS_FAILURE_MSG("Bad subtable offset %d for subtable %d", offset_subtable, i); michael@0: } michael@0: subtables.push_back(offset_subtable); michael@0: } michael@0: if (subtables.size() != subtable_count) { michael@0: return OTS_FAILURE_MSG("Bad subtable size %ld", subtables.size()); michael@0: } michael@0: michael@0: if (use_mark_filtering_set) { michael@0: uint16_t mark_filtering_set = 0; michael@0: if (!subtable.ReadU16(&mark_filtering_set)) { michael@0: return OTS_FAILURE_MSG("Failed to read mark filtering set"); michael@0: } michael@0: if (file->gdef->num_mark_glyph_sets == 0 || michael@0: mark_filtering_set >= file->gdef->num_mark_glyph_sets) { michael@0: return OTS_FAILURE_MSG("Bad mark filtering set %d", mark_filtering_set); michael@0: } michael@0: } michael@0: michael@0: // Parse lookup subtables for this lookup type. michael@0: for (unsigned i = 0; i < subtable_count; ++i) { michael@0: if (!parser->Parse(file, data + subtables[i], length - subtables[i], michael@0: lookup_type)) { michael@0: return OTS_FAILURE_MSG("Failed to parse subtable %d", i); michael@0: } michael@0: } michael@0: return true; michael@0: } michael@0: michael@0: bool ParseClassDefFormat1(const ots::OpenTypeFile *file, michael@0: const uint8_t *data, size_t length, michael@0: const uint16_t num_glyphs, michael@0: const uint16_t num_classes) { michael@0: ots::Buffer subtable(data, length); michael@0: michael@0: // Skip format field. michael@0: if (!subtable.Skip(2)) { michael@0: return OTS_FAILURE_MSG("Failed to skip class definition header"); michael@0: } michael@0: michael@0: uint16_t start_glyph = 0; michael@0: if (!subtable.ReadU16(&start_glyph)) { michael@0: return OTS_FAILURE_MSG("Failed to read starting glyph of class definition"); michael@0: } michael@0: if (start_glyph > num_glyphs) { michael@0: OTS_WARNING("bad start glyph ID: %u", start_glyph); michael@0: return OTS_FAILURE_MSG("Bad starting glyph %d in class definition", start_glyph); michael@0: } michael@0: michael@0: uint16_t glyph_count = 0; michael@0: if (!subtable.ReadU16(&glyph_count)) { michael@0: return OTS_FAILURE_MSG("Failed to read glyph count in class definition"); michael@0: } michael@0: if (glyph_count > num_glyphs) { michael@0: return OTS_FAILURE_MSG("bad glyph count: %u", glyph_count); michael@0: } michael@0: for (unsigned i = 0; i < glyph_count; ++i) { michael@0: uint16_t class_value = 0; michael@0: if (!subtable.ReadU16(&class_value)) { michael@0: return OTS_FAILURE_MSG("Failed to read class value for glyph %d in class definition", i); michael@0: } michael@0: if (class_value > num_classes) { michael@0: OTS_WARNING("bad class value: %u", class_value); michael@0: return OTS_FAILURE_MSG("Bad class value %d for glyph %d in class definition", class_value, i); michael@0: } michael@0: } michael@0: michael@0: return true; michael@0: } michael@0: michael@0: bool ParseClassDefFormat2(const ots::OpenTypeFile *file, michael@0: const uint8_t *data, size_t length, michael@0: const uint16_t num_glyphs, michael@0: const uint16_t num_classes) { michael@0: ots::Buffer subtable(data, length); michael@0: michael@0: // Skip format field. michael@0: if (!subtable.Skip(2)) { michael@0: return OTS_FAILURE_MSG("Failed to skip format of class defintion header"); michael@0: } michael@0: michael@0: uint16_t range_count = 0; michael@0: if (!subtable.ReadU16(&range_count)) { michael@0: return OTS_FAILURE_MSG("Failed to read range count in class definition"); michael@0: } michael@0: if (range_count > num_glyphs) { michael@0: return OTS_FAILURE_MSG("bad range count: %u", range_count); michael@0: } michael@0: michael@0: uint16_t last_end = 0; michael@0: for (unsigned i = 0; i < range_count; ++i) { michael@0: uint16_t start = 0; michael@0: uint16_t end = 0; michael@0: uint16_t class_value = 0; michael@0: if (!subtable.ReadU16(&start) || michael@0: !subtable.ReadU16(&end) || michael@0: !subtable.ReadU16(&class_value)) { michael@0: return OTS_FAILURE_MSG("Failed to read class definition reange %d", i); michael@0: } michael@0: if (start > end || (last_end && start <= last_end)) { michael@0: return OTS_FAILURE_MSG("glyph range is overlapping.in range %d", i); michael@0: } michael@0: if (class_value > num_classes) { michael@0: return OTS_FAILURE_MSG("bad class value: %u", class_value); michael@0: } michael@0: last_end = end; michael@0: } michael@0: michael@0: return true; michael@0: } michael@0: michael@0: bool ParseCoverageFormat1(const ots::OpenTypeFile *file, michael@0: const uint8_t *data, size_t length, michael@0: const uint16_t num_glyphs, michael@0: const uint16_t expected_num_glyphs) { michael@0: ots::Buffer subtable(data, length); michael@0: michael@0: // Skip format field. michael@0: if (!subtable.Skip(2)) { michael@0: return OTS_FAILURE_MSG("Failed to skip coverage format"); michael@0: } michael@0: michael@0: uint16_t glyph_count = 0; michael@0: if (!subtable.ReadU16(&glyph_count)) { michael@0: return OTS_FAILURE_MSG("Failed to read glyph count in coverage"); michael@0: } michael@0: if (glyph_count > num_glyphs) { michael@0: return OTS_FAILURE_MSG("bad glyph count: %u", glyph_count); michael@0: } michael@0: for (unsigned i = 0; i < glyph_count; ++i) { michael@0: uint16_t glyph = 0; michael@0: if (!subtable.ReadU16(&glyph)) { michael@0: return OTS_FAILURE_MSG("Failed to read glyph %d in coverage", i); michael@0: } michael@0: if (glyph > num_glyphs) { michael@0: return OTS_FAILURE_MSG("bad glyph ID: %u", glyph); michael@0: } michael@0: } michael@0: michael@0: if (expected_num_glyphs && expected_num_glyphs != glyph_count) { michael@0: return OTS_FAILURE_MSG("unexpected number of glyphs: %u", glyph_count); michael@0: } michael@0: michael@0: return true; michael@0: } michael@0: michael@0: bool ParseCoverageFormat2(const ots::OpenTypeFile *file, michael@0: const uint8_t *data, size_t length, michael@0: const uint16_t num_glyphs, michael@0: const uint16_t expected_num_glyphs) { michael@0: ots::Buffer subtable(data, length); michael@0: michael@0: // Skip format field. michael@0: if (!subtable.Skip(2)) { michael@0: return OTS_FAILURE_MSG("Failed to skip format of coverage type 2"); michael@0: } michael@0: michael@0: uint16_t range_count = 0; michael@0: if (!subtable.ReadU16(&range_count)) { michael@0: return OTS_FAILURE_MSG("Failed to read range count in coverage"); michael@0: } michael@0: if (range_count > num_glyphs) { michael@0: return OTS_FAILURE_MSG("bad range count: %u", range_count); michael@0: } michael@0: uint16_t last_end = 0; michael@0: uint16_t last_start_coverage_index = 0; michael@0: for (unsigned i = 0; i < range_count; ++i) { michael@0: uint16_t start = 0; michael@0: uint16_t end = 0; michael@0: uint16_t start_coverage_index = 0; michael@0: if (!subtable.ReadU16(&start) || michael@0: !subtable.ReadU16(&end) || michael@0: !subtable.ReadU16(&start_coverage_index)) { michael@0: return OTS_FAILURE_MSG("Failed to read range %d in coverage", i); michael@0: } michael@0: michael@0: // Some of the Adobe Pro fonts have ranges that overlap by one element: the michael@0: // start of one range is equal to the end of the previous range. Therefore michael@0: // the < in the following condition should be <= were it not for this. michael@0: // See crbug.com/134135. michael@0: if (start > end || (last_end && start < last_end)) { michael@0: return OTS_FAILURE_MSG("glyph range is overlapping."); michael@0: } michael@0: if (start_coverage_index != last_start_coverage_index) { michael@0: return OTS_FAILURE_MSG("bad start coverage index."); michael@0: } michael@0: last_end = end; michael@0: last_start_coverage_index += end - start + 1; michael@0: } michael@0: michael@0: if (expected_num_glyphs && michael@0: expected_num_glyphs != last_start_coverage_index) { michael@0: return OTS_FAILURE_MSG("unexpected number of glyphs: %u", last_start_coverage_index); michael@0: } michael@0: michael@0: return true; michael@0: } michael@0: michael@0: // Parsers for Contextual subtables in GSUB/GPOS tables. michael@0: michael@0: bool ParseLookupRecord(const ots::OpenTypeFile *file, michael@0: ots::Buffer *subtable, const uint16_t num_glyphs, michael@0: const uint16_t num_lookups) { michael@0: uint16_t sequence_index = 0; michael@0: uint16_t lookup_list_index = 0; michael@0: if (!subtable->ReadU16(&sequence_index) || michael@0: !subtable->ReadU16(&lookup_list_index)) { michael@0: return OTS_FAILURE_MSG("Failed to read header for lookup record"); michael@0: } michael@0: if (sequence_index >= num_glyphs) { michael@0: return OTS_FAILURE_MSG("Bad sequence index %d in lookup record", sequence_index); michael@0: } michael@0: if (lookup_list_index >= num_lookups) { michael@0: return OTS_FAILURE_MSG("Bad lookup list index %d in lookup record", lookup_list_index); michael@0: } michael@0: return true; michael@0: } michael@0: michael@0: bool ParseRuleSubtable(const ots::OpenTypeFile *file, michael@0: const uint8_t *data, const size_t length, michael@0: const uint16_t num_glyphs, michael@0: const uint16_t num_lookups) { michael@0: ots::Buffer subtable(data, length); michael@0: michael@0: uint16_t glyph_count = 0; michael@0: uint16_t lookup_count = 0; michael@0: if (!subtable.ReadU16(&glyph_count) || michael@0: !subtable.ReadU16(&lookup_count)) { michael@0: return OTS_FAILURE_MSG("Failed to read rule subtable header"); michael@0: } michael@0: michael@0: if (glyph_count == 0 || glyph_count >= num_glyphs) { michael@0: return OTS_FAILURE_MSG("Bad glyph count %d in rule subtable", glyph_count); michael@0: } michael@0: for (unsigned i = 0; i < glyph_count - static_cast(1); ++i) { michael@0: uint16_t glyph_id = 0; michael@0: if (!subtable.ReadU16(&glyph_id)) { michael@0: return OTS_FAILURE_MSG("Failed to read glyph %d", i); michael@0: } michael@0: if (glyph_id > num_glyphs) { michael@0: return OTS_FAILURE_MSG("Bad glyph %d for entry %d", glyph_id, i); michael@0: } michael@0: } michael@0: michael@0: for (unsigned i = 0; i < lookup_count; ++i) { michael@0: if (!ParseLookupRecord(file, &subtable, num_glyphs, num_lookups)) { michael@0: return OTS_FAILURE_MSG("Failed to parse lookup record %d", i); michael@0: } michael@0: } michael@0: return true; michael@0: } michael@0: michael@0: bool ParseRuleSetTable(const ots::OpenTypeFile *file, michael@0: const uint8_t *data, const size_t length, michael@0: const uint16_t num_glyphs, michael@0: const uint16_t num_lookups) { michael@0: ots::Buffer subtable(data, length); michael@0: michael@0: uint16_t rule_count = 0; michael@0: if (!subtable.ReadU16(&rule_count)) { michael@0: return OTS_FAILURE_MSG("Failed to read rule count in rule set"); michael@0: } michael@0: const unsigned rule_end = 2 * static_cast(rule_count) + 2; michael@0: if (rule_end > std::numeric_limits::max()) { michael@0: return OTS_FAILURE_MSG("Bad end of rule %d in rule set", rule_end); michael@0: } michael@0: michael@0: for (unsigned i = 0; i < rule_count; ++i) { michael@0: uint16_t offset_rule = 0; michael@0: if (!subtable.ReadU16(&offset_rule)) { michael@0: return OTS_FAILURE_MSG("Failed to read rule offset for rule set %d", i); michael@0: } michael@0: if (offset_rule < rule_end || offset_rule >= length) { michael@0: return OTS_FAILURE_MSG("Bad rule offset %d in set %d", offset_rule, i); michael@0: } michael@0: if (!ParseRuleSubtable(file, data + offset_rule, length - offset_rule, michael@0: num_glyphs, num_lookups)) { michael@0: return OTS_FAILURE_MSG("Failed to parse rule set %d", i); michael@0: } michael@0: } michael@0: michael@0: return true; michael@0: } michael@0: michael@0: bool ParseContextFormat1(const ots::OpenTypeFile *file, michael@0: const uint8_t *data, const size_t length, michael@0: const uint16_t num_glyphs, michael@0: const uint16_t num_lookups) { michael@0: ots::Buffer subtable(data, length); michael@0: michael@0: uint16_t offset_coverage = 0; michael@0: uint16_t rule_set_count = 0; michael@0: // Skip format field. michael@0: if (!subtable.Skip(2) || michael@0: !subtable.ReadU16(&offset_coverage) || michael@0: !subtable.ReadU16(&rule_set_count)) { michael@0: return OTS_FAILURE_MSG("Failed to read header of context format 1"); michael@0: } michael@0: michael@0: const unsigned rule_set_end = static_cast(6) + michael@0: rule_set_count * 2; michael@0: if (rule_set_end > std::numeric_limits::max()) { michael@0: return OTS_FAILURE_MSG("Bad end of rule set %d of context format 1", rule_set_end); michael@0: } michael@0: if (offset_coverage < rule_set_end || offset_coverage >= length) { michael@0: return OTS_FAILURE_MSG("Bad coverage offset %d in context format 1", offset_coverage); michael@0: } michael@0: if (!ots::ParseCoverageTable(file, data + offset_coverage, michael@0: length - offset_coverage, num_glyphs)) { michael@0: return OTS_FAILURE_MSG("Failed to parse coverage table in context format 1"); michael@0: } michael@0: michael@0: for (unsigned i = 0; i < rule_set_count; ++i) { michael@0: uint16_t offset_rule = 0; michael@0: if (!subtable.ReadU16(&offset_rule)) { michael@0: return OTS_FAILURE_MSG("Failed to read rule offset %d in context format 1", i); michael@0: } michael@0: if (offset_rule < rule_set_end || offset_rule >= length) { michael@0: return OTS_FAILURE_MSG("Bad rule offset %d in rule %d in context format 1", offset_rule, i); michael@0: } michael@0: if (!ParseRuleSetTable(file, data + offset_rule, length - offset_rule, michael@0: num_glyphs, num_lookups)) { michael@0: return OTS_FAILURE_MSG("Failed to parse rule set %d in context format 1", i); michael@0: } michael@0: } michael@0: michael@0: return true; michael@0: } michael@0: michael@0: bool ParseClassRuleTable(const ots::OpenTypeFile *file, michael@0: const uint8_t *data, const size_t length, michael@0: const uint16_t num_glyphs, michael@0: const uint16_t num_lookups) { michael@0: ots::Buffer subtable(data, length); michael@0: michael@0: uint16_t glyph_count = 0; michael@0: uint16_t lookup_count = 0; michael@0: if (!subtable.ReadU16(&glyph_count) || michael@0: !subtable.ReadU16(&lookup_count)) { michael@0: return OTS_FAILURE_MSG("Failed to read header of class rule table"); michael@0: } michael@0: michael@0: if (glyph_count == 0 || glyph_count >= num_glyphs) { michael@0: return OTS_FAILURE_MSG("Bad glyph count %d in class rule table", glyph_count); michael@0: } michael@0: michael@0: // ClassRule table contains an array of classes. Each value of classes michael@0: // could take arbitrary values including zero so we don't check these value. michael@0: const unsigned num_classes = glyph_count - static_cast(1); michael@0: if (!subtable.Skip(2 * num_classes)) { michael@0: return OTS_FAILURE_MSG("Failed to skip classes in class rule table"); michael@0: } michael@0: michael@0: for (unsigned i = 0; i < lookup_count; ++i) { michael@0: if (!ParseLookupRecord(file, &subtable, num_glyphs, num_lookups)) { michael@0: return OTS_FAILURE_MSG("Failed to parse lookup record %d in class rule table", i); michael@0: } michael@0: } michael@0: return true; michael@0: } michael@0: michael@0: bool ParseClassSetTable(const ots::OpenTypeFile *file, michael@0: const uint8_t *data, const size_t length, michael@0: const uint16_t num_glyphs, michael@0: const uint16_t num_lookups) { michael@0: ots::Buffer subtable(data, length); michael@0: michael@0: uint16_t class_rule_count = 0; michael@0: if (!subtable.ReadU16(&class_rule_count)) { michael@0: return OTS_FAILURE_MSG("Failed to read class rule count in class set table"); michael@0: } michael@0: const unsigned class_rule_end = michael@0: 2 * static_cast(class_rule_count) + 2; michael@0: if (class_rule_end > std::numeric_limits::max()) { michael@0: return OTS_FAILURE_MSG("bad class rule end %d in class set table", class_rule_end); michael@0: } michael@0: for (unsigned i = 0; i < class_rule_count; ++i) { michael@0: uint16_t offset_class_rule = 0; michael@0: if (!subtable.ReadU16(&offset_class_rule)) { michael@0: return OTS_FAILURE_MSG("Failed to read class rule offset %d in class set table", i); michael@0: } michael@0: if (offset_class_rule < class_rule_end || offset_class_rule >= length) { michael@0: return OTS_FAILURE_MSG("Bad class rule offset %d in class %d", offset_class_rule, i); michael@0: } michael@0: if (!ParseClassRuleTable(file, data + offset_class_rule, michael@0: length - offset_class_rule, num_glyphs, michael@0: num_lookups)) { michael@0: return OTS_FAILURE_MSG("Failed to parse class rule table %d", i); michael@0: } michael@0: } michael@0: michael@0: return true; michael@0: } michael@0: michael@0: bool ParseContextFormat2(const ots::OpenTypeFile *file, michael@0: const uint8_t *data, const size_t length, michael@0: const uint16_t num_glyphs, michael@0: const uint16_t num_lookups) { michael@0: ots::Buffer subtable(data, length); michael@0: michael@0: uint16_t offset_coverage = 0; michael@0: uint16_t offset_class_def = 0; michael@0: uint16_t class_set_cnt = 0; michael@0: // Skip format field. michael@0: if (!subtable.Skip(2) || michael@0: !subtable.ReadU16(&offset_coverage) || michael@0: !subtable.ReadU16(&offset_class_def) || michael@0: !subtable.ReadU16(&class_set_cnt)) { michael@0: return OTS_FAILURE_MSG("Failed to read header for context format 2"); michael@0: } michael@0: michael@0: const unsigned class_set_end = 2 * static_cast(class_set_cnt) + 8; michael@0: if (class_set_end > std::numeric_limits::max()) { michael@0: return OTS_FAILURE_MSG("Bad end of class set %d for context format 2", class_set_end); michael@0: } michael@0: if (offset_coverage < class_set_end || offset_coverage >= length) { michael@0: return OTS_FAILURE_MSG("Bad coverage offset %d in context format 2", offset_coverage); michael@0: } michael@0: if (!ots::ParseCoverageTable(file, data + offset_coverage, michael@0: length - offset_coverage, num_glyphs)) { michael@0: return OTS_FAILURE_MSG("Failed to parse coverage table in context format 2"); michael@0: } michael@0: michael@0: if (offset_class_def < class_set_end || offset_class_def >= length) { michael@0: return OTS_FAILURE_MSG("bad class definition offset %d in context format 2", offset_class_def); michael@0: } michael@0: if (!ots::ParseClassDefTable(file, data + offset_class_def, michael@0: length - offset_class_def, michael@0: num_glyphs, kMaxClassDefValue)) { michael@0: return OTS_FAILURE_MSG("Failed to parse class definition table in context format 2"); michael@0: } michael@0: michael@0: for (unsigned i = 0; i < class_set_cnt; ++i) { michael@0: uint16_t offset_class_rule = 0; michael@0: if (!subtable.ReadU16(&offset_class_rule)) { michael@0: return OTS_FAILURE_MSG("Failed to read class rule offset %d in context format 2", i); michael@0: } michael@0: if (offset_class_rule) { michael@0: if (offset_class_rule < class_set_end || offset_class_rule >= length) { michael@0: return OTS_FAILURE_MSG("Bad class rule offset %d for rule %d in context format 2", offset_class_rule, i); michael@0: } michael@0: if (!ParseClassSetTable(file, data + offset_class_rule, michael@0: length - offset_class_rule, num_glyphs, michael@0: num_lookups)) { michael@0: return OTS_FAILURE_MSG("Failed to parse class set %d in context format 2", i); michael@0: } michael@0: } michael@0: } michael@0: michael@0: return true; michael@0: } michael@0: michael@0: bool ParseContextFormat3(const ots::OpenTypeFile *file, michael@0: const uint8_t *data, const size_t length, michael@0: const uint16_t num_glyphs, michael@0: const uint16_t num_lookups) { michael@0: ots::Buffer subtable(data, length); michael@0: michael@0: uint16_t glyph_count = 0; michael@0: uint16_t lookup_count = 0; michael@0: // Skip format field. michael@0: if (!subtable.Skip(2) || michael@0: !subtable.ReadU16(&glyph_count) || michael@0: !subtable.ReadU16(&lookup_count)) { michael@0: return OTS_FAILURE_MSG("Failed to read header in context format 3"); michael@0: } michael@0: michael@0: if (glyph_count >= num_glyphs) { michael@0: return OTS_FAILURE_MSG("Bad glyph count %d in context format 3", glyph_count); michael@0: } michael@0: const unsigned lookup_record_end = 2 * static_cast(glyph_count) + michael@0: 4 * static_cast(lookup_count) + 6; michael@0: if (lookup_record_end > std::numeric_limits::max()) { michael@0: return OTS_FAILURE_MSG("Bad end of lookup %d in context format 3", lookup_record_end); michael@0: } michael@0: for (unsigned i = 0; i < glyph_count; ++i) { michael@0: uint16_t offset_coverage = 0; michael@0: if (!subtable.ReadU16(&offset_coverage)) { michael@0: return OTS_FAILURE_MSG("Failed to read coverage offset %d in conxtext format 3", i); michael@0: } michael@0: if (offset_coverage < lookup_record_end || offset_coverage >= length) { michael@0: return OTS_FAILURE_MSG("Bad coverage offset %d for glyph %d in context format 3", offset_coverage, i); michael@0: } michael@0: if (!ots::ParseCoverageTable(file, data + offset_coverage, michael@0: length - offset_coverage, num_glyphs)) { michael@0: return OTS_FAILURE_MSG("Failed to parse coverage table for glyph %d in context format 3", i); michael@0: } michael@0: } michael@0: michael@0: for (unsigned i = 0; i < lookup_count; ++i) { michael@0: if (!ParseLookupRecord(file, &subtable, num_glyphs, num_lookups)) { michael@0: return OTS_FAILURE_MSG("Failed to parse lookup record %d in context format 3", i); michael@0: } michael@0: } michael@0: michael@0: return true; michael@0: } michael@0: michael@0: // Parsers for Chaning Contextual subtables in GSUB/GPOS tables. michael@0: michael@0: bool ParseChainRuleSubtable(const ots::OpenTypeFile *file, michael@0: const uint8_t *data, const size_t length, michael@0: const uint16_t num_glyphs, michael@0: const uint16_t num_lookups) { michael@0: ots::Buffer subtable(data, length); michael@0: michael@0: uint16_t backtrack_count = 0; michael@0: if (!subtable.ReadU16(&backtrack_count)) { michael@0: return OTS_FAILURE_MSG("Failed to read backtrack count in chain rule subtable"); michael@0: } michael@0: if (backtrack_count >= num_glyphs) { michael@0: return OTS_FAILURE_MSG("Bad backtrack count %d in chain rule subtable", backtrack_count); michael@0: } michael@0: for (unsigned i = 0; i < backtrack_count; ++i) { michael@0: uint16_t glyph_id = 0; michael@0: if (!subtable.ReadU16(&glyph_id)) { michael@0: return OTS_FAILURE_MSG("Failed to read backtrack glyph %d in chain rule subtable", i); michael@0: } michael@0: if (glyph_id > num_glyphs) { michael@0: return OTS_FAILURE_MSG("Bad glyph id %d for bactrack glyph %d in chain rule subtable", glyph_id, i); michael@0: } michael@0: } michael@0: michael@0: uint16_t input_count = 0; michael@0: if (!subtable.ReadU16(&input_count)) { michael@0: return OTS_FAILURE_MSG("Failed to read input count in chain rule subtable"); michael@0: } michael@0: if (input_count == 0 || input_count >= num_glyphs) { michael@0: return OTS_FAILURE_MSG("Bad input count %d in chain rule subtable", input_count); michael@0: } michael@0: for (unsigned i = 0; i < input_count - static_cast(1); ++i) { michael@0: uint16_t glyph_id = 0; michael@0: if (!subtable.ReadU16(&glyph_id)) { michael@0: return OTS_FAILURE_MSG("Failed to read input glyph %d in chain rule subtable", i); michael@0: } michael@0: if (glyph_id > num_glyphs) { michael@0: return OTS_FAILURE_MSG("Bad glyph id %d for input glyph %d in chain rule subtable", glyph_id, i); michael@0: } michael@0: } michael@0: michael@0: uint16_t lookahead_count = 0; michael@0: if (!subtable.ReadU16(&lookahead_count)) { michael@0: return OTS_FAILURE_MSG("Failed to read lookahead count in chain rule subtable"); michael@0: } michael@0: if (lookahead_count >= num_glyphs) { michael@0: return OTS_FAILURE_MSG("Bad lookahead count %d in chain rule subtable", lookahead_count); michael@0: } michael@0: for (unsigned i = 0; i < lookahead_count; ++i) { michael@0: uint16_t glyph_id = 0; michael@0: if (!subtable.ReadU16(&glyph_id)) { michael@0: return OTS_FAILURE_MSG("Failed to read lookahead glyph %d in chain rule subtable", i); michael@0: } michael@0: if (glyph_id > num_glyphs) { michael@0: return OTS_FAILURE_MSG("Bad glyph id %d for lookadhead glyph %d in chain rule subtable", glyph_id, i); michael@0: } michael@0: } michael@0: michael@0: uint16_t lookup_count = 0; michael@0: if (!subtable.ReadU16(&lookup_count)) { michael@0: return OTS_FAILURE_MSG("Failed to read lookup count in chain rule subtable"); michael@0: } michael@0: for (unsigned i = 0; i < lookup_count; ++i) { michael@0: if (!ParseLookupRecord(file, &subtable, num_glyphs, num_lookups)) { michael@0: return OTS_FAILURE_MSG("Failed to parse lookup record %d in chain rule subtable", i); michael@0: } michael@0: } michael@0: michael@0: return true; michael@0: } michael@0: michael@0: bool ParseChainRuleSetTable(const ots::OpenTypeFile *file, michael@0: const uint8_t *data, const size_t length, michael@0: const uint16_t num_glyphs, michael@0: const uint16_t num_lookups) { michael@0: ots::Buffer subtable(data, length); michael@0: michael@0: uint16_t chain_rule_count = 0; michael@0: if (!subtable.ReadU16(&chain_rule_count)) { michael@0: return OTS_FAILURE_MSG("Failed to read rule count in chain rule set"); michael@0: } michael@0: const unsigned chain_rule_end = michael@0: 2 * static_cast(chain_rule_count) + 2; michael@0: if (chain_rule_end > std::numeric_limits::max()) { michael@0: return OTS_FAILURE_MSG("Bad end of chain rule %d in chain rule set", chain_rule_end); michael@0: } michael@0: for (unsigned i = 0; i < chain_rule_count; ++i) { michael@0: uint16_t offset_chain_rule = 0; michael@0: if (!subtable.ReadU16(&offset_chain_rule)) { michael@0: return OTS_FAILURE_MSG("Failed to read chain rule offset %d in chain rule set", i); michael@0: } michael@0: if (offset_chain_rule < chain_rule_end || offset_chain_rule >= length) { michael@0: return OTS_FAILURE_MSG("Bad chain rule offset %d for chain rule %d in chain rule set", offset_chain_rule, i); michael@0: } michael@0: if (!ParseChainRuleSubtable(file, data + offset_chain_rule, michael@0: length - offset_chain_rule, michael@0: num_glyphs, num_lookups)) { michael@0: return OTS_FAILURE_MSG("Failed to parse chain rule %d in chain rule set", i); michael@0: } michael@0: } michael@0: michael@0: return true; michael@0: } michael@0: michael@0: bool ParseChainContextFormat1(const ots::OpenTypeFile *file, michael@0: const uint8_t *data, const size_t length, michael@0: const uint16_t num_glyphs, michael@0: const uint16_t num_lookups) { michael@0: ots::Buffer subtable(data, length); michael@0: michael@0: uint16_t offset_coverage = 0; michael@0: uint16_t chain_rule_set_count = 0; michael@0: // Skip format field. michael@0: if (!subtable.Skip(2) || michael@0: !subtable.ReadU16(&offset_coverage) || michael@0: !subtable.ReadU16(&chain_rule_set_count)) { michael@0: return OTS_FAILURE_MSG("Failed to read header of chain context format 1"); michael@0: } michael@0: michael@0: const unsigned chain_rule_set_end = michael@0: 2 * static_cast(chain_rule_set_count) + 6; michael@0: if (chain_rule_set_end > std::numeric_limits::max()) { michael@0: return OTS_FAILURE_MSG("Bad chain rule end %d in chain context format 1", chain_rule_set_end); michael@0: } michael@0: if (offset_coverage < chain_rule_set_end || offset_coverage >= length) { michael@0: return OTS_FAILURE_MSG("Bad coverage offset %d in chain context format 1", chain_rule_set_end); michael@0: } michael@0: if (!ots::ParseCoverageTable(file, data + offset_coverage, michael@0: length - offset_coverage, num_glyphs)) { michael@0: return OTS_FAILURE_MSG("Failed to parse coverage table for chain context format 1"); michael@0: } michael@0: michael@0: for (unsigned i = 0; i < chain_rule_set_count; ++i) { michael@0: uint16_t offset_chain_rule_set = 0; michael@0: if (!subtable.ReadU16(&offset_chain_rule_set)) { michael@0: return OTS_FAILURE_MSG("Failed to read chain rule offset %d in chain context format 1", i); michael@0: } michael@0: if (offset_chain_rule_set < chain_rule_set_end || michael@0: offset_chain_rule_set >= length) { michael@0: return OTS_FAILURE_MSG("Bad chain rule set offset %d for chain rule set %d in chain context format 1", offset_chain_rule_set, i); michael@0: } michael@0: if (!ParseChainRuleSetTable(file, data + offset_chain_rule_set, michael@0: length - offset_chain_rule_set, michael@0: num_glyphs, num_lookups)) { michael@0: return OTS_FAILURE_MSG("Failed to parse chain rule set %d in chain context format 1", i); michael@0: } michael@0: } michael@0: michael@0: return true; michael@0: } michael@0: michael@0: bool ParseChainClassRuleSubtable(const ots::OpenTypeFile *file, michael@0: const uint8_t *data, const size_t length, michael@0: const uint16_t num_glyphs, michael@0: const uint16_t num_lookups) { michael@0: ots::Buffer subtable(data, length); michael@0: michael@0: // In this subtable, we don't check the value of classes for now since michael@0: // these could take arbitrary values. michael@0: michael@0: uint16_t backtrack_count = 0; michael@0: if (!subtable.ReadU16(&backtrack_count)) { michael@0: return OTS_FAILURE_MSG("Failed to read backtrack count in chain class rule subtable"); michael@0: } michael@0: if (backtrack_count >= num_glyphs) { michael@0: return OTS_FAILURE_MSG("Bad backtrack count %d in chain class rule subtable", backtrack_count); michael@0: } michael@0: if (!subtable.Skip(2 * backtrack_count)) { michael@0: return OTS_FAILURE_MSG("Failed to skip backtrack offsets in chain class rule subtable"); michael@0: } michael@0: michael@0: uint16_t input_count = 0; michael@0: if (!subtable.ReadU16(&input_count)) { michael@0: return OTS_FAILURE_MSG("Failed to read input count in chain class rule subtable"); michael@0: } michael@0: if (input_count == 0 || input_count >= num_glyphs) { michael@0: return OTS_FAILURE_MSG("Bad input count %d in chain class rule subtable", input_count); michael@0: } michael@0: if (!subtable.Skip(2 * (input_count - 1))) { michael@0: return OTS_FAILURE_MSG("Failed to skip input offsets in chain class rule subtable"); michael@0: } michael@0: michael@0: uint16_t lookahead_count = 0; michael@0: if (!subtable.ReadU16(&lookahead_count)) { michael@0: return OTS_FAILURE_MSG("Failed to read lookahead count in chain class rule subtable"); michael@0: } michael@0: if (lookahead_count >= num_glyphs) { michael@0: return OTS_FAILURE_MSG("Bad lookahead count %d in chain class rule subtable", lookahead_count); michael@0: } michael@0: if (!subtable.Skip(2 * lookahead_count)) { michael@0: return OTS_FAILURE_MSG("Failed to skip lookahead offsets in chain class rule subtable"); michael@0: } michael@0: michael@0: uint16_t lookup_count = 0; michael@0: if (!subtable.ReadU16(&lookup_count)) { michael@0: return OTS_FAILURE_MSG("Failed to read lookup count in chain class rule subtable"); michael@0: } michael@0: for (unsigned i = 0; i < lookup_count; ++i) { michael@0: if (!ParseLookupRecord(file, &subtable, num_glyphs, num_lookups)) { michael@0: return OTS_FAILURE_MSG("Failed to parse lookup record %d in chain class rule subtable", i); michael@0: } michael@0: } michael@0: michael@0: return true; michael@0: } michael@0: michael@0: bool ParseChainClassSetTable(const ots::OpenTypeFile *file, michael@0: const uint8_t *data, const size_t length, michael@0: const uint16_t num_glyphs, michael@0: const uint16_t num_lookups) { michael@0: ots::Buffer subtable(data, length); michael@0: michael@0: uint16_t chain_class_rule_count = 0; michael@0: if (!subtable.ReadU16(&chain_class_rule_count)) { michael@0: return OTS_FAILURE_MSG("Failed to read rule count in chain class set"); michael@0: } michael@0: const unsigned chain_class_rule_end = michael@0: 2 * static_cast(chain_class_rule_count) + 2; michael@0: if (chain_class_rule_end > std::numeric_limits::max()) { michael@0: return OTS_FAILURE_MSG("Bad end of chain class set %d in chain class set", chain_class_rule_end); michael@0: } michael@0: for (unsigned i = 0; i < chain_class_rule_count; ++i) { michael@0: uint16_t offset_chain_class_rule = 0; michael@0: if (!subtable.ReadU16(&offset_chain_class_rule)) { michael@0: return OTS_FAILURE_MSG("Failed to read chain class rule offset %d in chain class set", i); michael@0: } michael@0: if (offset_chain_class_rule < chain_class_rule_end || michael@0: offset_chain_class_rule >= length) { michael@0: return OTS_FAILURE_MSG("Bad chain class rule offset %d for chain class %d in chain class set", offset_chain_class_rule, i); michael@0: } michael@0: if (!ParseChainClassRuleSubtable(file, data + offset_chain_class_rule, michael@0: length - offset_chain_class_rule, michael@0: num_glyphs, num_lookups)) { michael@0: return OTS_FAILURE_MSG("Failed to parse chain class rule %d in chain class set", i); michael@0: } michael@0: } michael@0: michael@0: return true; michael@0: } michael@0: michael@0: bool ParseChainContextFormat2(const ots::OpenTypeFile *file, michael@0: const uint8_t *data, const size_t length, michael@0: const uint16_t num_glyphs, michael@0: const uint16_t num_lookups) { michael@0: ots::Buffer subtable(data, length); michael@0: michael@0: uint16_t offset_coverage = 0; michael@0: uint16_t offset_backtrack_class_def = 0; michael@0: uint16_t offset_input_class_def = 0; michael@0: uint16_t offset_lookahead_class_def = 0; michael@0: uint16_t chain_class_set_count = 0; michael@0: // Skip format field. michael@0: if (!subtable.Skip(2) || michael@0: !subtable.ReadU16(&offset_coverage) || michael@0: !subtable.ReadU16(&offset_backtrack_class_def) || michael@0: !subtable.ReadU16(&offset_input_class_def) || michael@0: !subtable.ReadU16(&offset_lookahead_class_def) || michael@0: !subtable.ReadU16(&chain_class_set_count)) { michael@0: return OTS_FAILURE_MSG("Failed to read header of chain context format 2"); michael@0: } michael@0: michael@0: const unsigned chain_class_set_end = michael@0: 2 * static_cast(chain_class_set_count) + 12; michael@0: if (chain_class_set_end > std::numeric_limits::max()) { michael@0: return OTS_FAILURE_MSG("Bad chain class set end %d in chain context format 2", chain_class_set_end); michael@0: } michael@0: if (offset_coverage < chain_class_set_end || offset_coverage >= length) { michael@0: return OTS_FAILURE_MSG("Bad coverage offset %d in chain context format 2", offset_coverage); michael@0: } michael@0: if (!ots::ParseCoverageTable(file, data + offset_coverage, michael@0: length - offset_coverage, num_glyphs)) { michael@0: return OTS_FAILURE_MSG("Failed to parse coverage table in chain context format 2"); michael@0: } michael@0: michael@0: // Classes for backtrack/lookahead sequences might not be defined. michael@0: if (offset_backtrack_class_def) { michael@0: if (offset_backtrack_class_def < chain_class_set_end || michael@0: offset_backtrack_class_def >= length) { michael@0: return OTS_FAILURE_MSG("Bad backtrack class offset %d in chain context format 2", offset_backtrack_class_def); michael@0: } michael@0: if (!ots::ParseClassDefTable(file, data + offset_backtrack_class_def, michael@0: length - offset_backtrack_class_def, michael@0: num_glyphs, kMaxClassDefValue)) { michael@0: return OTS_FAILURE_MSG("Failed to parse backtrack class defn table in chain context format 2"); michael@0: } michael@0: } michael@0: michael@0: if (offset_input_class_def < chain_class_set_end || michael@0: offset_input_class_def >= length) { michael@0: return OTS_FAILURE_MSG("Bad input class defn offset %d in chain context format 2", offset_input_class_def); michael@0: } michael@0: if (!ots::ParseClassDefTable(file, data + offset_input_class_def, michael@0: length - offset_input_class_def, michael@0: num_glyphs, kMaxClassDefValue)) { michael@0: return OTS_FAILURE_MSG("Failed to parse input class defn in chain context format 2"); michael@0: } michael@0: michael@0: if (offset_lookahead_class_def) { michael@0: if (offset_lookahead_class_def < chain_class_set_end || michael@0: offset_lookahead_class_def >= length) { michael@0: return OTS_FAILURE_MSG("Bad lookahead class defn offset %d in chain context format 2", offset_lookahead_class_def); michael@0: } michael@0: if (!ots::ParseClassDefTable(file, data + offset_lookahead_class_def, michael@0: length - offset_lookahead_class_def, michael@0: num_glyphs, kMaxClassDefValue)) { michael@0: return OTS_FAILURE_MSG("Failed to parse lookahead class defn in chain context format 2"); michael@0: } michael@0: } michael@0: michael@0: for (unsigned i = 0; i < chain_class_set_count; ++i) { michael@0: uint16_t offset_chain_class_set = 0; michael@0: if (!subtable.ReadU16(&offset_chain_class_set)) { michael@0: return OTS_FAILURE_MSG("Failed to read chain class set offset %d", i); michael@0: } michael@0: // |offset_chain_class_set| could be NULL. michael@0: if (offset_chain_class_set) { michael@0: if (offset_chain_class_set < chain_class_set_end || michael@0: offset_chain_class_set >= length) { michael@0: return OTS_FAILURE_MSG("Bad chain set class offset %d for chain set %d in chain context format 2", offset_chain_class_set, i); michael@0: } michael@0: if (!ParseChainClassSetTable(file, data + offset_chain_class_set, michael@0: length - offset_chain_class_set, michael@0: num_glyphs, num_lookups)) { michael@0: return OTS_FAILURE_MSG("Failed to parse chain class set table %d in chain context format 2", i); michael@0: } michael@0: } michael@0: } michael@0: michael@0: return true; michael@0: } michael@0: michael@0: bool ParseChainContextFormat3(const ots::OpenTypeFile *file, michael@0: const uint8_t *data, const size_t length, michael@0: const uint16_t num_glyphs, michael@0: const uint16_t num_lookups) { michael@0: ots::Buffer subtable(data, length); michael@0: michael@0: uint16_t backtrack_count = 0; michael@0: // Skip format field. michael@0: if (!subtable.Skip(2) || michael@0: !subtable.ReadU16(&backtrack_count)) { michael@0: return OTS_FAILURE_MSG("Failed to read backtrack count in chain context format 3"); michael@0: } michael@0: michael@0: if (backtrack_count >= num_glyphs) { michael@0: return OTS_FAILURE_MSG("Bad backtrack count %d in chain context format 3", backtrack_count); michael@0: } michael@0: std::vector offsets_backtrack; michael@0: offsets_backtrack.reserve(backtrack_count); michael@0: for (unsigned i = 0; i < backtrack_count; ++i) { michael@0: uint16_t offset = 0; michael@0: if (!subtable.ReadU16(&offset)) { michael@0: return OTS_FAILURE_MSG("Failed to read backtrack offset %d in chain context format 3", i); michael@0: } michael@0: offsets_backtrack.push_back(offset); michael@0: } michael@0: if (offsets_backtrack.size() != backtrack_count) { michael@0: return OTS_FAILURE_MSG("Bad backtrack offsets size %ld in chain context format 3", offsets_backtrack.size()); michael@0: } michael@0: michael@0: uint16_t input_count = 0; michael@0: if (!subtable.ReadU16(&input_count)) { michael@0: return OTS_FAILURE_MSG("Failed to read input count in chain context format 3"); michael@0: } michael@0: if (input_count >= num_glyphs) { michael@0: return OTS_FAILURE_MSG("Bad input count %d in chain context format 3", input_count); michael@0: } michael@0: std::vector offsets_input; michael@0: offsets_input.reserve(input_count); michael@0: for (unsigned i = 0; i < input_count; ++i) { michael@0: uint16_t offset = 0; michael@0: if (!subtable.ReadU16(&offset)) { michael@0: return OTS_FAILURE_MSG("Failed to read input offset %d in chain context format 3", i); michael@0: } michael@0: offsets_input.push_back(offset); michael@0: } michael@0: if (offsets_input.size() != input_count) { michael@0: return OTS_FAILURE_MSG("Bad input offsets size %ld in chain context format 3", offsets_input.size()); michael@0: } michael@0: michael@0: uint16_t lookahead_count = 0; michael@0: if (!subtable.ReadU16(&lookahead_count)) { michael@0: return OTS_FAILURE_MSG("Failed ot read lookahead count in chain context format 3"); michael@0: } michael@0: if (lookahead_count >= num_glyphs) { michael@0: return OTS_FAILURE_MSG("Bad lookahead count %d in chain context format 3", lookahead_count); michael@0: } michael@0: std::vector offsets_lookahead; michael@0: offsets_lookahead.reserve(lookahead_count); michael@0: for (unsigned i = 0; i < lookahead_count; ++i) { michael@0: uint16_t offset = 0; michael@0: if (!subtable.ReadU16(&offset)) { michael@0: return OTS_FAILURE_MSG("Failed to read lookahead offset %d in chain context format 3", i); michael@0: } michael@0: offsets_lookahead.push_back(offset); michael@0: } michael@0: if (offsets_lookahead.size() != lookahead_count) { michael@0: return OTS_FAILURE_MSG("Bad lookahead offsets size %ld in chain context format 3", offsets_lookahead.size()); michael@0: } michael@0: michael@0: uint16_t lookup_count = 0; michael@0: if (!subtable.ReadU16(&lookup_count)) { michael@0: return OTS_FAILURE_MSG("Failed to read lookup count in chain context format 3"); michael@0: } michael@0: for (unsigned i = 0; i < lookup_count; ++i) { michael@0: if (!ParseLookupRecord(file, &subtable, num_glyphs, num_lookups)) { michael@0: return OTS_FAILURE_MSG("Failed to parse lookup %d in chain context format 3", i); michael@0: } michael@0: } michael@0: michael@0: const unsigned lookup_record_end = michael@0: 2 * (static_cast(backtrack_count) + michael@0: static_cast(input_count) + michael@0: static_cast(lookahead_count)) + michael@0: 4 * static_cast(lookup_count) + 10; michael@0: if (lookup_record_end > std::numeric_limits::max()) { michael@0: return OTS_FAILURE_MSG("Bad end of lookup record %d in chain context format 3", lookup_record_end); michael@0: } michael@0: for (unsigned i = 0; i < backtrack_count; ++i) { michael@0: if (offsets_backtrack[i] < lookup_record_end || michael@0: offsets_backtrack[i] >= length) { michael@0: return OTS_FAILURE_MSG("Bad backtrack offset of %d for backtrack %d in chain context format 3", offsets_backtrack[i], i); michael@0: } michael@0: if (!ots::ParseCoverageTable(file, data + offsets_backtrack[i], michael@0: length - offsets_backtrack[i], num_glyphs)) { michael@0: return OTS_FAILURE_MSG("Failed to parse backtrack coverage %d in chain context format 3", i); michael@0: } michael@0: } michael@0: for (unsigned i = 0; i < input_count; ++i) { michael@0: if (offsets_input[i] < lookup_record_end || offsets_input[i] >= length) { michael@0: return OTS_FAILURE_MSG("Bad input offset %d for input %d in chain context format 3", offsets_input[i], i); michael@0: } michael@0: if (!ots::ParseCoverageTable(file, data + offsets_input[i], michael@0: length - offsets_input[i], num_glyphs)) { michael@0: return OTS_FAILURE_MSG("Failed to parse input coverage table %d in chain context format 3", i); michael@0: } michael@0: } michael@0: for (unsigned i = 0; i < lookahead_count; ++i) { michael@0: if (offsets_lookahead[i] < lookup_record_end || michael@0: offsets_lookahead[i] >= length) { michael@0: return OTS_FAILURE_MSG("Bad lookadhead offset %d for lookahead %d in chain context format 3", offsets_lookahead[i], i); michael@0: } michael@0: if (!ots::ParseCoverageTable(file, data + offsets_lookahead[i], michael@0: length - offsets_lookahead[i], num_glyphs)) { michael@0: return OTS_FAILURE_MSG("Failed to parse lookahead coverage table %d in chain context format 3", i); michael@0: } michael@0: } michael@0: michael@0: return true; michael@0: } michael@0: michael@0: } // namespace michael@0: michael@0: namespace ots { michael@0: michael@0: bool LookupSubtableParser::Parse(const OpenTypeFile *file, const uint8_t *data, michael@0: const size_t length, michael@0: const uint16_t lookup_type) const { michael@0: for (unsigned i = 0; i < num_types; ++i) { michael@0: if (parsers[i].type == lookup_type && parsers[i].parse) { michael@0: if (!parsers[i].parse(file, data, length)) { michael@0: return OTS_FAILURE_MSG("Failed to parse lookup subtable %d", i); michael@0: } michael@0: return true; michael@0: } michael@0: } michael@0: return OTS_FAILURE_MSG("No lookup subtables to parse"); michael@0: } michael@0: michael@0: // Parsing ScriptListTable requires number of features so we need to michael@0: // parse FeatureListTable before calling this function. michael@0: bool ParseScriptListTable(const ots::OpenTypeFile *file, michael@0: const uint8_t *data, const size_t length, michael@0: const uint16_t num_features) { michael@0: Buffer subtable(data, length); michael@0: michael@0: uint16_t script_count = 0; michael@0: if (!subtable.ReadU16(&script_count)) { michael@0: return OTS_FAILURE_MSG("Failed to read script count in script list table"); michael@0: } michael@0: michael@0: const unsigned script_record_end = michael@0: 6 * static_cast(script_count) + 2; michael@0: if (script_record_end > std::numeric_limits::max()) { michael@0: return OTS_FAILURE_MSG("Bad end of script record %d in script list table", script_record_end); michael@0: } michael@0: std::vector script_list; michael@0: script_list.reserve(script_count); michael@0: uint32_t last_tag = 0; michael@0: for (unsigned i = 0; i < script_count; ++i) { michael@0: ScriptRecord record; michael@0: if (!subtable.ReadU32(&record.tag) || michael@0: !subtable.ReadU16(&record.offset)) { michael@0: return OTS_FAILURE_MSG("Failed to read script record %d in script list table", i); michael@0: } michael@0: // Script tags should be arranged alphabetically by tag michael@0: if (last_tag != 0 && last_tag > record.tag) { michael@0: // Several fonts don't arrange tags alphabetically. michael@0: // It seems that the order of tags might not be a security issue michael@0: // so we just warn it. michael@0: OTS_WARNING("tags aren't arranged alphabetically."); michael@0: } michael@0: last_tag = record.tag; michael@0: if (record.offset < script_record_end || record.offset >= length) { michael@0: return OTS_FAILURE_MSG("Bad record offset %d for script %4.4s entry %d in script list table", record.offset, (char *)&record.tag, i); michael@0: } michael@0: script_list.push_back(record); michael@0: } michael@0: if (script_list.size() != script_count) { michael@0: return OTS_FAILURE_MSG("Bad script list size %ld in script list table", script_list.size()); michael@0: } michael@0: michael@0: // Check script records. michael@0: for (unsigned i = 0; i < script_count; ++i) { michael@0: if (!ParseScriptTable(file, data + script_list[i].offset, michael@0: length - script_list[i].offset, michael@0: script_list[i].tag, num_features)) { michael@0: return OTS_FAILURE_MSG("Failed to parse script table %d", i); michael@0: } michael@0: } michael@0: michael@0: return true; michael@0: } michael@0: michael@0: // Parsing FeatureListTable requires number of lookups so we need to parse michael@0: // LookupListTable before calling this function. michael@0: bool ParseFeatureListTable(const ots::OpenTypeFile *file, michael@0: const uint8_t *data, const size_t length, michael@0: const uint16_t num_lookups, michael@0: uint16_t* num_features) { michael@0: Buffer subtable(data, length); michael@0: michael@0: uint16_t feature_count = 0; michael@0: if (!subtable.ReadU16(&feature_count)) { michael@0: return OTS_FAILURE_MSG("Failed to read feature count"); michael@0: } michael@0: michael@0: std::vector feature_records; michael@0: feature_records.resize(feature_count); michael@0: const unsigned feature_record_end = michael@0: 6 * static_cast(feature_count) + 2; michael@0: if (feature_record_end > std::numeric_limits::max()) { michael@0: return OTS_FAILURE_MSG("Bad end of feature record %d", feature_record_end); michael@0: } michael@0: uint32_t last_tag = 0; michael@0: for (unsigned i = 0; i < feature_count; ++i) { michael@0: if (!subtable.ReadU32(&feature_records[i].tag) || michael@0: !subtable.ReadU16(&feature_records[i].offset)) { michael@0: return OTS_FAILURE_MSG("Failed to read feature header %d", i); michael@0: } michael@0: // Feature record array should be arranged alphabetically by tag michael@0: if (last_tag != 0 && last_tag > feature_records[i].tag) { michael@0: // Several fonts don't arrange tags alphabetically. michael@0: // It seems that the order of tags might not be a security issue michael@0: // so we just warn it. michael@0: OTS_WARNING("tags aren't arranged alphabetically."); michael@0: } michael@0: last_tag = feature_records[i].tag; michael@0: if (feature_records[i].offset < feature_record_end || michael@0: feature_records[i].offset >= length) { michael@0: return OTS_FAILURE_MSG("Bad feature offset %d for feature %d %4.4s", feature_records[i].offset, i, (char *)&feature_records[i].tag); michael@0: } michael@0: } michael@0: michael@0: for (unsigned i = 0; i < feature_count; ++i) { michael@0: if (!ParseFeatureTable(file, data + feature_records[i].offset, michael@0: length - feature_records[i].offset, num_lookups)) { michael@0: return OTS_FAILURE_MSG("Failed to parse feature table %d", i); michael@0: } michael@0: } michael@0: *num_features = feature_count; michael@0: return true; michael@0: } michael@0: michael@0: // For parsing GPOS/GSUB tables, this function should be called at first to michael@0: // obtain the number of lookups because parsing FeatureTableList requires michael@0: // the number. michael@0: bool ParseLookupListTable(OpenTypeFile *file, const uint8_t *data, michael@0: const size_t length, michael@0: const LookupSubtableParser* parser, michael@0: uint16_t *num_lookups) { michael@0: Buffer subtable(data, length); michael@0: michael@0: if (!subtable.ReadU16(num_lookups)) { michael@0: return OTS_FAILURE_MSG("Failed to read number of lookups"); michael@0: } michael@0: michael@0: std::vector lookups; michael@0: lookups.reserve(*num_lookups); michael@0: const unsigned lookup_end = michael@0: 2 * static_cast(*num_lookups) + 2; michael@0: if (lookup_end > std::numeric_limits::max()) { michael@0: return OTS_FAILURE_MSG("Bad end of lookups %d", lookup_end); michael@0: } michael@0: for (unsigned i = 0; i < *num_lookups; ++i) { michael@0: uint16_t offset = 0; michael@0: if (!subtable.ReadU16(&offset)) { michael@0: return OTS_FAILURE_MSG("Failed to read lookup offset %d", i); michael@0: } michael@0: if (offset < lookup_end || offset >= length) { michael@0: return OTS_FAILURE_MSG("Bad lookup offset %d for lookup %d", offset, i); michael@0: } michael@0: lookups.push_back(offset); michael@0: } michael@0: if (lookups.size() != *num_lookups) { michael@0: return OTS_FAILURE_MSG("Bad lookup offsets list size %ld", lookups.size()); michael@0: } michael@0: michael@0: for (unsigned i = 0; i < *num_lookups; ++i) { michael@0: if (!ParseLookupTable(file, data + lookups[i], length - lookups[i], michael@0: parser)) { michael@0: return OTS_FAILURE_MSG("Failed to parse lookup %d", i); michael@0: } michael@0: } michael@0: michael@0: return true; michael@0: } michael@0: michael@0: bool ParseClassDefTable(const ots::OpenTypeFile *file, michael@0: const uint8_t *data, size_t length, michael@0: const uint16_t num_glyphs, michael@0: const uint16_t num_classes) { michael@0: Buffer subtable(data, length); michael@0: michael@0: uint16_t format = 0; michael@0: if (!subtable.ReadU16(&format)) { michael@0: return OTS_FAILURE_MSG("Failed to read class defn format"); michael@0: } michael@0: if (format == 1) { michael@0: return ParseClassDefFormat1(file, data, length, num_glyphs, num_classes); michael@0: } else if (format == 2) { michael@0: return ParseClassDefFormat2(file, data, length, num_glyphs, num_classes); michael@0: } michael@0: michael@0: return OTS_FAILURE_MSG("Bad class defn format %d", format); michael@0: } michael@0: michael@0: bool ParseCoverageTable(const ots::OpenTypeFile *file, michael@0: const uint8_t *data, size_t length, michael@0: const uint16_t num_glyphs, michael@0: const uint16_t expected_num_glyphs) { michael@0: Buffer subtable(data, length); michael@0: michael@0: uint16_t format = 0; michael@0: if (!subtable.ReadU16(&format)) { michael@0: return OTS_FAILURE_MSG("Failed to read coverage table format"); michael@0: } michael@0: if (format == 1) { michael@0: return ParseCoverageFormat1(file, data, length, num_glyphs, expected_num_glyphs); michael@0: } else if (format == 2) { michael@0: return ParseCoverageFormat2(file, data, length, num_glyphs, expected_num_glyphs); michael@0: } michael@0: michael@0: return OTS_FAILURE_MSG("Bad coverage table format %d", format); michael@0: } michael@0: michael@0: bool ParseDeviceTable(const ots::OpenTypeFile *file, michael@0: const uint8_t *data, size_t length) { michael@0: Buffer subtable(data, length); michael@0: michael@0: uint16_t start_size = 0; michael@0: uint16_t end_size = 0; michael@0: uint16_t delta_format = 0; michael@0: if (!subtable.ReadU16(&start_size) || michael@0: !subtable.ReadU16(&end_size) || michael@0: !subtable.ReadU16(&delta_format)) { michael@0: return OTS_FAILURE_MSG("Failed to read device table header"); michael@0: } michael@0: if (start_size > end_size) { michael@0: return OTS_FAILURE_MSG("bad size range: %u > %u", start_size, end_size); michael@0: } michael@0: if (delta_format == 0 || delta_format > kMaxDeltaFormatType) { michael@0: return OTS_FAILURE_MSG("bad delta format: %u", delta_format); michael@0: } michael@0: // The number of delta values per uint16. The device table should contain michael@0: // at least |num_units| * 2 bytes compressed data. michael@0: const unsigned num_units = (end_size - start_size) / michael@0: (1 << (4 - delta_format)) + 1; michael@0: // Just skip |num_units| * 2 bytes since the compressed data could take michael@0: // arbitrary values. michael@0: if (!subtable.Skip(num_units * 2)) { michael@0: return OTS_FAILURE_MSG("Failed to skip data in device table"); michael@0: } michael@0: return true; michael@0: } michael@0: michael@0: bool ParseContextSubtable(const ots::OpenTypeFile *file, michael@0: const uint8_t *data, const size_t length, michael@0: const uint16_t num_glyphs, michael@0: const uint16_t num_lookups) { michael@0: Buffer subtable(data, length); michael@0: michael@0: uint16_t format = 0; michael@0: if (!subtable.ReadU16(&format)) { michael@0: return OTS_FAILURE_MSG("Failed to read context subtable format"); michael@0: } michael@0: michael@0: if (format == 1) { michael@0: if (!ParseContextFormat1(file, data, length, num_glyphs, num_lookups)) { michael@0: return OTS_FAILURE_MSG("Failed to parse context format 1 subtable"); michael@0: } michael@0: } else if (format == 2) { michael@0: if (!ParseContextFormat2(file, data, length, num_glyphs, num_lookups)) { michael@0: return OTS_FAILURE_MSG("Failed to parse context format 2 subtable"); michael@0: } michael@0: } else if (format == 3) { michael@0: if (!ParseContextFormat3(file, data, length, num_glyphs, num_lookups)) { michael@0: return OTS_FAILURE_MSG("Failed to parse context format 3 subtable"); michael@0: } michael@0: } else { michael@0: return OTS_FAILURE_MSG("Bad context subtable format %d", format); michael@0: } michael@0: michael@0: return true; michael@0: } michael@0: michael@0: bool ParseChainingContextSubtable(const ots::OpenTypeFile *file, michael@0: const uint8_t *data, const size_t length, michael@0: const uint16_t num_glyphs, michael@0: const uint16_t num_lookups) { michael@0: Buffer subtable(data, length); michael@0: michael@0: uint16_t format = 0; michael@0: if (!subtable.ReadU16(&format)) { michael@0: return OTS_FAILURE_MSG("Failed to read chaining context subtable format"); michael@0: } michael@0: michael@0: if (format == 1) { michael@0: if (!ParseChainContextFormat1(file, data, length, num_glyphs, num_lookups)) { michael@0: return OTS_FAILURE_MSG("Failed to parse chaining context format 1 subtable"); michael@0: } michael@0: } else if (format == 2) { michael@0: if (!ParseChainContextFormat2(file, data, length, num_glyphs, num_lookups)) { michael@0: return OTS_FAILURE_MSG("Failed to parse chaining context format 2 subtable"); michael@0: } michael@0: } else if (format == 3) { michael@0: if (!ParseChainContextFormat3(file, data, length, num_glyphs, num_lookups)) { michael@0: return OTS_FAILURE_MSG("Failed to parse chaining context format 3 subtable"); michael@0: } michael@0: } else { michael@0: return OTS_FAILURE_MSG("Bad chaining context subtable format %d", format); michael@0: } michael@0: michael@0: return true; michael@0: } michael@0: michael@0: bool ParseExtensionSubtable(const OpenTypeFile *file, michael@0: const uint8_t *data, const size_t length, michael@0: const LookupSubtableParser* parser) { michael@0: Buffer subtable(data, length); michael@0: michael@0: uint16_t format = 0; michael@0: uint16_t lookup_type = 0; michael@0: uint32_t offset_extension = 0; michael@0: if (!subtable.ReadU16(&format) || michael@0: !subtable.ReadU16(&lookup_type) || michael@0: !subtable.ReadU32(&offset_extension)) { michael@0: return OTS_FAILURE_MSG("Failed to read extension table header"); michael@0: } michael@0: michael@0: if (format != 1) { michael@0: return OTS_FAILURE_MSG("Bad extension table format %d", format); michael@0: } michael@0: // |lookup_type| should be other than |parser->extension_type|. michael@0: if (lookup_type < 1 || lookup_type > parser->num_types || michael@0: lookup_type == parser->extension_type) { michael@0: return OTS_FAILURE_MSG("Bad lookup type %d in extension table", lookup_type); michael@0: } michael@0: michael@0: const unsigned format_end = static_cast(8); michael@0: if (offset_extension < format_end || michael@0: offset_extension >= length) { michael@0: return OTS_FAILURE_MSG("Bad extension offset %d", offset_extension); michael@0: } michael@0: michael@0: // Parse the extension subtable of |lookup_type|. michael@0: if (!parser->Parse(file, data + offset_extension, length - offset_extension, michael@0: lookup_type)) { michael@0: return OTS_FAILURE_MSG("Failed to parse lookup from extension lookup"); michael@0: } michael@0: michael@0: return true; michael@0: } michael@0: michael@0: } // namespace ots michael@0: