0ct0pu5/ladybird
1
0
Fork 0
mirror of https://github.com/LadybirdBrowser/ladybird.git synced 2024-12-04 05:20:30 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 7

LibGfx/WOFF2: Tolerate incorrect totalSfntSize in WOFF2 header

Browse source 
The specification says that this value is for reference only, so we
should be able to load a file where this value is incorrect.
This commit is contained in:
Tim Ledbetter 2023-10-24 07:54:20 +01:00 committed by Andreas Kling
parent 0eaf13bae3
commit af633523af
Notes: sideshowbarker 2024-07-16 23:05:02 +09:00 
Author: https://github.com/tcl3
Commit: https://github.com/SerenityOS/serenity/commit/af633523af
Pull-request: https://github.com/SerenityOS/serenity/pull/21567
4 changed files with 26 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
Tests/LibGfx/CMakeLists.txt
View file

@ -10,6 +10,7 @@ set(TEST_SOURCES
TestRect.cpp
TestScalingFunctions.cpp
TestWOFF.cpp
TestWOFF2.cpp
)
foreach(source IN LISTS TEST_SOURCES)

22
Tests/LibGfx/TestWOFF2.cpp Normal file
View file

@ -0,0 +1,22 @@
/*
* Copyright (c) 2023, Tim Ledbetter <timledbetter@gmail.com>
*
* SPDX-License-Identifier: BSD-2-Clause
*/
#include <LibGfx/Font/WOFF2/Font.h>
#include <LibTest/TestCase.h>
#ifdef AK_OS_SERENITY
# define TEST_INPUT(x) ("/usr/Tests/LibGfx/test-inputs/" x)
#else
# define TEST_INPUT(x) ("test-inputs/" x)
#endif
TEST_CASE(tolerate_incorrect_sfnt_size)
{
auto file = MUST(Core::MappedFile::map(TEST_INPUT("woff2/incorrect_sfnt_size.woff2"sv)));
auto font = TRY_OR_FAIL(WOFF2::Font::try_load_from_externally_owned_memory(file->bytes()));
EXPECT_EQ(font->family(), "Test"_string);
EXPECT_EQ(font->glyph_count(), 4u);
}

BIN
Tests/LibGfx/test-inputs/woff2/incorrect_sfnt_size.woff2 Normal file
View file

Binary file not shown.

4
Userland/Libraries/LibGfx/Font/WOFF2/Font.cpp
View file

@ -856,6 +856,7 @@ ErrorOr<NonnullRefPtr<Font>> Font::try_load_from_externally_owned_memory(Seekabl
// The interpretation of the WOFF2 Header is the same as the WOFF Header in [WOFF1], with the addition of one new totalCompressedSize field.
// NOTE: See WOFF/Font.cpp for more comments about this.
static constexpr size_t MAX_BUFFER_SIZE = 10 * MiB;
if (header.length > TRY(stream.size()))
return Error::from_string_literal("Invalid WOFF length");
if (header.meta_length == 0 && header.meta_offset != 0)
@ -869,7 +870,8 @@ ErrorOr<NonnullRefPtr<Font>> Font::try_load_from_externally_owned_memory(Seekabl
// but if the transformed 'glyf' and 'loca' tables are present, the uncompressed size of the reconstructed tables and the total decompressed font size may differ
// substantially from the original total size specified in the WOFF2 Header."
// We use it as an initial size of the font buffer and extend it as necessary.
auto font_buffer = TRY(ByteBuffer::create_zeroed(header.total_sfnt_size));
auto font_buffer_size = clamp(header.total_sfnt_size, sizeof(OpenType::TableDirectory) + header.num_tables * sizeof(TableDirectoryEntry), MAX_BUFFER_SIZE);
auto font_buffer = TRY(ByteBuffer::create_zeroed(font_buffer_size));
u16 search_range = pow_2_less_than_or_equal(header.num_tables);
OpenType::TableDirectory table_directory {