Index: third_party/freetype/src/psaux/psconv.c |
diff --git a/core/src/fxge/fx_freetype/fxft2.5.01/src/psaux/psconv.c b/third_party/freetype/src/psaux/psconv.c |
similarity index 84% |
rename from core/src/fxge/fx_freetype/fxft2.5.01/src/psaux/psconv.c |
rename to third_party/freetype/src/psaux/psconv.c |
index c13d41b6a894e1538d40a0497d705c9feb2e7767..7792a62947b67a6b62aec3bb53181f3436681905 100644 |
--- a/core/src/fxge/fx_freetype/fxft2.5.01/src/psaux/psconv.c |
+++ b/third_party/freetype/src/psaux/psconv.c |
@@ -16,9 +16,9 @@ |
/***************************************************************************/ |
-#include "../../include/ft2build.h" |
-#include "../../include/freetype/internal/psaux.h" |
-#include "../../include/freetype/internal/ftdebug.h" |
+#include <ft2build.h> |
+#include FT_INTERNAL_POSTSCRIPT_AUX_H |
+#include FT_INTERNAL_DEBUG_H |
#include "psconv.h" |
#include "psauxerr.h" |
@@ -195,24 +195,16 @@ |
{ |
FT_Byte* p = *cursor; |
FT_Byte* curp; |
- // Fix the Vulnerability Report FoxIT Reader - MSVR-10-0077. |
- // We must use 64-bit integer to avoid overflow. If there is some 64-bit integer support. |
- // Since some platform doesn't support 64-bit integer, then use integer instead. |
-#if defined(FT_INT64) |
- FT_INT64 integral = 0; |
- FT_INT64 decimal = 0; |
-#else |
- FT_Long integral = 0; |
- FT_Long decimal = 0; |
- FT_Int temp0 = 65536; |
- FT_Int temp1 = power_ten; |
-#endif |
- FT_Long divider = 1; |
- |
- FT_Bool sign = 0; |
+ |
+ FT_Fixed integral = 0; |
+ FT_Long decimal = 0; |
+ FT_Long divider = 1; |
+ |
+ FT_Bool sign = 0; |
FT_Bool have_overflow = 0; |
FT_Bool have_underflow = 0; |
+ |
if ( p >= limit ) |
goto Bad; |
@@ -229,25 +221,15 @@ |
if ( *p != '.' ) |
{ |
curp = p; |
+ integral = PS_Conv_ToInt( &p, limit ); |
- // Fix the Vulnerability Report FoxIT Reader - MSVR-10-0077. |
- // Limited to the fix-point mechanism, we have no choice now to crop the value domain. |
- // Do accurate overflow check if FT_INT64 supported, otherwise vague check. |
-#if defined(FT_INT64) |
- integral = ((FT_INT64)PS_Conv_ToInt( &p, limit )) << 16; |
-#else |
- // We use 'power_ten' and 2^16 to compute the coefficient. |
- //while ( temp1 > 0 ) { temp0 *= 10; temp1 --; } |
- //while ( temp1 < 0 ) { temp0 /= 10; temp1 ++; } |
- |
- integral = PS_Conv_ToInt( &p, limit ); |
- if ( p == curp ) |
- return 0; |
- if ( integral > 0x7FFF ) |
- have_overflow = 1; |
- else |
- integral = integral << 16; |
-#endif |
+ if ( p == curp ) |
+ return 0; |
+ |
+ if ( integral > 0x7FFF ) |
+ have_overflow = 1; |
+ else |
+ integral = (FT_Fixed)( (FT_UInt32)integral << 16 ); |
} |
/* read the decimal part */ |
@@ -268,7 +250,8 @@ |
if ( c < 0 || c >= 10 ) |
break; |
- if ( decimal < 0xCCCCCCCL ) |
+ /* only add digit if we don't overflow */ |
+ if ( divider < 0xCCCCCCCL && decimal < 0xCCCCCCCL ) |
{ |
decimal = decimal * 10 + c; |
@@ -345,27 +328,19 @@ |
power_ten++; |
} |
-// Fix the Vulnerability Report FoxIT Reader - MSVR-10-0077. |
- // Limited to the fix-point mechanism, we have no choice now to crop the value domain. |
- // Do accurate overflow check if FT_INT64 supported, otherwise ignore the check at this moment. |
- // Since there is also a check using divider < 10000000L. |
-#if defined(FT_INT64) |
- if ( decimal ) { |
- integral += FT_DivFix( (FT_Long)decimal, divider ); |
- } |
- if ( integral > 2147483647) integral = 2147483647; |
-#else |
- if ( decimal ) { |
- integral += FT_DivFix( decimal, divider ); |
- } |
-#endif |
- |
+ if ( decimal ) |
+ { |
+ decimal = FT_DivFix( decimal, divider ); |
+ /* it's not necessary to check this addition for overflow */ |
+ /* due to the structure of the real number representation */ |
+ integral += decimal; |
+ } |
Exit: |
if ( sign ) |
integral = -integral; |
- return (FT_Long)integral; |
+ return integral; |
Bad: |
FT_TRACE4(( "!!!END OF DATA:!!!" )); |
@@ -624,18 +599,5 @@ |
return r; |
} |
-FT_LOCAL_DEF( FT_Bool ) |
- xyq_PS_Conv_ToInt( FT_Byte** cursor, |
- FT_Byte* limit, FT_Long* val ) |
- |
- { |
- FT_Byte first_char = **cursor; |
- if (first_char == '+' || first_char == '-' || (first_char >= '0' && first_char <= '9')) { |
- *val = PS_Conv_ToInt(cursor, limit); |
- return 1; |
- } |
- return 0; |
- } |
/* END */ |
- |