[HarfBuzz] harfbuzz: Branch 'master' - 3 commits

Behdad Esfahbod behdad at kemper.freedesktop.org
Thu Oct 25 20:20:09 UTC 2018


 azure-pipelines.yml            |   21 +++++++++++++++++++++
 src/hb-dsalgs.hh               |    2 +-
 src/hb-open-type.hh            |    4 ++--
 src/hb-ot-cmap-table.hh        |    2 +-
 src/hb-ot-layout-gpos-table.hh |    2 +-
 src/hb-set.hh                  |    2 +-
 src/hb-vector.hh               |    2 +-
 7 files changed, 28 insertions(+), 7 deletions(-)

New commits:
commit 21ede867df28d1214ca677a24ac65ab0b7e95f42
Author: Behdad Esfahbod <behdad at behdad.org>
Date:   Thu Oct 25 13:19:34 2018 -0700

    Fix possible overflow in bsearch impls
    
    From bungeman.
    
    Fixes https://github.com/harfbuzz/harfbuzz/pull/1314

diff --git a/src/hb-dsalgs.hh b/src/hb-dsalgs.hh
index 7e846161..d22e8809 100644
--- a/src/hb-dsalgs.hh
+++ b/src/hb-dsalgs.hh
@@ -321,7 +321,7 @@ hb_bsearch_r (const void *key, const void *base,
   int min = 0, max = (int) nmemb - 1;
   while (min <= max)
   {
-    int mid = (min + max) / 2;
+    int mid = ((unsigned int) min + (unsigned int) max) / 2;
     const void *p = (const void *) (((const char *) base) + (mid * size));
     int c = compar (key, p, arg);
     if (c < 0)
diff --git a/src/hb-open-type.hh b/src/hb-open-type.hh
index 2b1b432b..8b7ea093 100644
--- a/src/hb-open-type.hh
+++ b/src/hb-open-type.hh
@@ -702,7 +702,7 @@ struct SortedArrayOf : ArrayOf<Type, LenType>
     int min = 0, max = (int) this->len - 1;
     while (min <= max)
     {
-      int mid = (min + max) / 2;
+      int mid = ((unsigned int) min + (unsigned int) max) / 2;
       int c = arr[mid].cmp (x);
       if (c < 0)
         max = mid - 1;
@@ -825,7 +825,7 @@ struct VarSizedBinSearchArrayOf
     int min = 0, max = (int) header.nUnits - 1;
     while (min <= max)
     {
-      int mid = (min + max) / 2;
+      int mid = ((unsigned int) min + (unsigned int) max) / 2;
       const Type *p = (const Type *) (((const char *) &bytesZ) + (mid * size));
       int c = p->cmp (key);
       if (c < 0)
diff --git a/src/hb-ot-cmap-table.hh b/src/hb-ot-cmap-table.hh
index e5793c38..9978d1b0 100644
--- a/src/hb-ot-cmap-table.hh
+++ b/src/hb-ot-cmap-table.hh
@@ -249,7 +249,7 @@ struct CmapSubtableFormat4
       unsigned int i;
       while (min <= max)
       {
-	int mid = (min + max) / 2;
+        int mid = ((unsigned int) min + (unsigned int) max) / 2;
 	if (codepoint < startCount[mid])
 	  max = mid - 1;
 	else if (codepoint > endCount[mid])
diff --git a/src/hb-ot-layout-gpos-table.hh b/src/hb-ot-layout-gpos-table.hh
index dad6c4ea..dd4e6279 100644
--- a/src/hb-ot-layout-gpos-table.hh
+++ b/src/hb-ot-layout-gpos-table.hh
@@ -663,7 +663,7 @@ struct PairSet
     int min = 0, max = (int) count - 1;
     while (min <= max)
     {
-      int mid = (min + max) / 2;
+      int mid = ((unsigned int) min + (unsigned int) max) / 2;
       const PairValueRecord *record = &StructAtOffset<PairValueRecord> (&firstPairValueRecord, record_size * mid);
       hb_codepoint_t mid_x = record->secondGlyph;
       if (x < mid_x)
diff --git a/src/hb-vector.hh b/src/hb-vector.hh
index 766e5fb8..eed4507f 100644
--- a/src/hb-vector.hh
+++ b/src/hb-vector.hh
@@ -232,7 +232,7 @@ struct hb_vector_t
     const Type *array = this->arrayZ();
     while (min <= max)
     {
-      int mid = (min + max) / 2;
+      int mid = ((unsigned int) min + (unsigned int) max) / 2;
       int c = array[mid].cmp (&x);
       if (c < 0)
         max = mid - 1;
commit 94e421abbfc7ede9aaf3c8d86bb0ff9992ea3123
Author: Ben Wagner <bungeman at chromium.org>
Date:   Thu Oct 25 13:44:27 2018 -0400

    Remove some use of Crap in hb-set.
    
    When hb_set_t::page_for_insert needs to insert at the end of the page_map
    it ends up evaluating '&page_map[i + 1]' which has hb_vector return an
    lvalue of a Crap so that nothing can be moved to its address. This turns
    into issues with ThreadSanitizer on Crap when two threads modify different
    hb_set_t instances. This can be avoided by using '&page_map[i] + 1'
    instead.

diff --git a/src/hb-set.hh b/src/hb-set.hh
index 7ca32976..5fdad2b7 100644
--- a/src/hb-set.hh
+++ b/src/hb-set.hh
@@ -669,7 +669,7 @@ struct hb_set_t
 	return nullptr;
 
       pages[map.index].init0 ();
-      memmove (&page_map[i + 1], &page_map[i], (page_map.len - 1 - i) * sizeof (page_map[0]));
+      memmove (&page_map[i] + 1, &page_map[i], (page_map.len - 1 - i) * sizeof (page_map[0]));
       page_map[i] = map;
     }
     return &pages[page_map[i].index];
commit 2798ac1c28edc4ba6f2283784d1027393f588f8c
Author: azure-pipelines[bot] <azure-pipelines[bot]@users.noreply.github.com>
Date:   Thu Oct 25 15:22:54 2018 +0000

    Set up CI with Azure Pipelines

diff --git a/azure-pipelines.yml b/azure-pipelines.yml
new file mode 100644
index 00000000..88c0a984
--- /dev/null
+++ b/azure-pipelines.yml
@@ -0,0 +1,21 @@
+pool:
+  vmImage: 'VS2017-Win2016'
+
+variables:
+  buildPlatform: 'x86'
+  buildConfiguration: 'Debug'
+  triplet: 'x86-windows'
+
+steps:
+- script: |
+    git clone https://github.com/Microsoft/vcpkg
+    cd vcpkg
+    .\bootstrap-vcpkg.bat
+    .\vcpkg integrate install
+    .\vcpkg install glib:x86-windows freetype:x86-windows cairo:x86-windows
+    cd ..
+    cmake -Bbuild -H. -DHB_HAVE_UNISCRIBE=ON -DHB_HAVE_DIRECTWRITE=ON -DHB_HAVE_GLIB=ON -DHB_HAVE_FREETYPE=ON -DHB_BUILD_UTILS=ON -G "%generator%" -DCMAKE_TOOLCHAIN_FILE=vcpkg/scripts/buildsystems/vcpkg.cmake ../
+    msbuild harfbuzz.sln /p:Configuration=Debug /p:Platform=Win32
+    cd build
+    ctest --output-on-failure -C Debug
+  displayName: Build and test


More information about the HarfBuzz mailing list