Intravision/reactos
1
0
Fork 0
mirror of https://github.com/reactos/reactos.git synced 2025-08-02 17:56:06 +00:00
Code Issues Projects Releases Packages Wiki Activity

[0.4.9][NTGDI] Check if face->charmap is not zero before accessing its encoding (#4390)

Browse source 
Prevents a BSOD 0x1E upon dereference.
CORE-18091 CORE-18558

By partially porting back:
0.4.15-dev-5587-ga999c43 a999c43746
and take also some cosmetic changes from master head, like EOL-whitespace-removal.
This commit is contained in:
Joachim Henze 2023-01-21 15:01:29 +01:00
parent 8a9c4b374e
commit 96db0cd726
1 changed files with 13 additions and 24 deletions
Download patch file Download diff file Expand all files Collapse all files

37
win32ss/gdi/ntgdi/freetype.c
View file

@ -377,7 +377,7 @@ IntLoadFontSubstList(PLIST_ENTRY pHead)
} }
/* query value */ /* query value */
Status = ZwQueryValueKey(KeyHandle, &FromW, KeyValueFullInformation, Status = ZwQueryValueKey(KeyHandle, &FromW, KeyValueFullInformation,
InfoBuffer, sizeof(InfoBuffer), &Length); InfoBuffer, sizeof(InfoBuffer), &Length);
pInfo = (PKEY_VALUE_FULL_INFORMATION)InfoBuffer; pInfo = (PKEY_VALUE_FULL_INFORMATION)InfoBuffer;
if (!NT_SUCCESS(Status) || !pInfo->DataLength) if (!NT_SUCCESS(Status) || !pInfo->DataLength)
@ -1132,7 +1132,7 @@ IntGdiAddFontResource(PUNICODE_STRING FileName, DWORD Characteristics)
SIZE_T ViewSize = 0; SIZE_T ViewSize = 0;
LARGE_INTEGER SectionSize; LARGE_INTEGER SectionSize;
OBJECT_ATTRIBUTES ObjectAttributes; OBJECT_ATTRIBUTES ObjectAttributes;
GDI_LOAD_FONT LoadFont; GDI_LOAD_FONT LoadFont;
INT FontCount; INT FontCount;
HANDLE KeyHandle; HANDLE KeyHandle;
static const UNICODE_STRING TrueTypePostfix = RTL_CONSTANT_STRING(L" (TrueType)"); static const UNICODE_STRING TrueTypePostfix = RTL_CONSTANT_STRING(L" (TrueType)");
@ -1242,7 +1242,6 @@ IntGdiAddFontMemResource(PVOID Buffer, DWORD dwSize, PDWORD pNumAdded)
HANDLE Ret = 0; HANDLE Ret = 0;
PVOID BufferCopy = ExAllocatePoolWithTag(PagedPool, dwSize, TAG_FONT); PVOID BufferCopy = ExAllocatePoolWithTag(PagedPool, dwSize, TAG_FONT);
if (!BufferCopy) if (!BufferCopy)
{ {
*pNumAdded = 0; *pNumAdded = 0;
@ -1552,7 +1551,6 @@ static BOOL face_has_symbol_charmap(FT_Face ft_face)
return FALSE; return FALSE;
} }
static void FASTCALL static void FASTCALL
FillTMEx(TEXTMETRICW *TM, PFONTGDI FontGDI, FillTMEx(TEXTMETRICW *TM, PFONTGDI FontGDI,
TT_OS2 *pOS2, TT_HoriHeader *pHori, TT_OS2 *pOS2, TT_HoriHeader *pHori,
@ -1633,9 +1631,7 @@ FillTMEx(TEXTMETRICW *TM, PFONTGDI FontGDI,
TM->tmAveCharWidth = (FT_MulFix(pOS2->xAvgCharWidth, XScale) + 32) >> 6; TM->tmAveCharWidth = (FT_MulFix(pOS2->xAvgCharWidth, XScale) + 32) >> 6;
if (TM->tmAveCharWidth == 0) if (TM->tmAveCharWidth == 0)
{
TM->tmAveCharWidth = 1; TM->tmAveCharWidth = 1;
}
/* Correct forumla to get the maxcharwidth from unicode and ansi font */ /* Correct forumla to get the maxcharwidth from unicode and ansi font */
TM->tmMaxCharWidth = (FT_MulFix(Face->max_advance_width, XScale) + 32) >> 6; TM->tmMaxCharWidth = (FT_MulFix(Face->max_advance_width, XScale) + 32) >> 6;
@ -2319,7 +2315,7 @@ FontFamilyFillInfo(PFONTFAMILYINFO Info, LPCWSTR FaceName,
/* full name */ /* full name */
if (!FullName) if (!FullName)
FullName = (WCHAR*)((ULONG_PTR) Otm + (ULONG_PTR)Otm->otmpFaceName); FullName = (WCHAR*)((ULONG_PTR) Otm + (ULONG_PTR)Otm->otmpFaceName);
RtlStringCbCopyW(Info->EnumLogFontEx.elfFullName, RtlStringCbCopyW(Info->EnumLogFontEx.elfFullName,
sizeof(Info->EnumLogFontEx.elfFullName), sizeof(Info->EnumLogFontEx.elfFullName),
FullName); FullName);
@ -3173,7 +3169,6 @@ ftGdiGetGlyphOutline(
FT_Matrix ftmatrix; FT_Matrix ftmatrix;
FLOATOBJ efTemp; FLOATOBJ efTemp;
PMATRIX pmx = DC_pmxWorldToDevice(dc); PMATRIX pmx = DC_pmxWorldToDevice(dc);
/* Create a freetype matrix, by converting to 16.16 fixpoint format */ /* Create a freetype matrix, by converting to 16.16 fixpoint format */
@ -3770,6 +3765,9 @@ ftGetFontUnicodeRanges(PFONTGDI Font, PGLYPHSET glyphset)
DWORD num_ranges = 0; DWORD num_ranges = 0;
FT_Face face = Font->SharedFace->Face; FT_Face face = Font->SharedFace->Face;
if (face->charmap == NULL)
return 0;
if (face->charmap->encoding == FT_ENCODING_UNICODE) if (face->charmap->encoding == FT_ENCODING_UNICODE)
{ {
FT_UInt glyph_code = 0; FT_UInt glyph_code = 0;
@ -4246,7 +4244,7 @@ GetFontPenalty(const LOGFONTW * LogFont,
if (Long != TM->tmWeight) if (Long != TM->tmWeight)
{ {
/* Weight Penalty 3 */ /* Weight Penalty 3 */
/* The candidate's weight does not match the requested weight. /* The candidate's weight does not match the requested weight.
Penalty * (weight difference/10) */ Penalty * (weight difference/10) */
Penalty += 3 * (labs(Long - TM->tmWeight) / 10); Penalty += 3 * (labs(Long - TM->tmWeight) / 10);
} }
@ -4481,9 +4479,6 @@ TextIntRealizeFont(HFONT FontHandle, PTEXTOBJ pTextObj)
FontGdi->RequestWeight = FW_NORMAL; FontGdi->RequestWeight = FW_NORMAL;
Face = FontGdi->SharedFace->Face; Face = FontGdi->SharedFace->Face;
//FontGdi->OriginalWeight = WeightFromStyle(Face->style_name);
if (!FontGdi->OriginalItalic) if (!FontGdi->OriginalItalic)
FontGdi->OriginalItalic = ItalicFromStyle(Face->style_name); FontGdi->OriginalItalic = ItalicFromStyle(Face->style_name);
@ -5519,7 +5514,7 @@ GreExtTextOutW(
FLOATOBJ_Set1(&Scale); FLOATOBJ_Set1(&Scale);
/* do the shift before multiplying to preserve precision */ /* do the shift before multiplying to preserve precision */
FLOATOBJ_MulLong(&Scale, Dx[i<<DxShift] << 6); FLOATOBJ_MulLong(&Scale, Dx[i<<DxShift] << 6);
TextLeft += FLOATOBJ_GetLong(&Scale); TextLeft += FLOATOBJ_GetLong(&Scale);
DPRINT("New TextLeft2: %I64d\n", TextLeft); DPRINT("New TextLeft2: %I64d\n", TextLeft);
} }
@ -5664,15 +5659,14 @@ GreExtTextOutW(
HSourceGlyph = EngCreateBitmap(bitSize, realglyph->bitmap.pitch, HSourceGlyph = EngCreateBitmap(bitSize, realglyph->bitmap.pitch,
BMF_8BPP, BMF_TOPDOWN, BMF_8BPP, BMF_TOPDOWN,
realglyph->bitmap.buffer); realglyph->bitmap.buffer);
if ( !HSourceGlyph ) if (!HSourceGlyph)
{ {
DPRINT1("WARNING: EngCreateBitmap() failed!\n"); DPRINT1("WARNING: EngCreateBitmap() failed!\n");
// FT_Done_Glyph(realglyph);
bResult = FALSE; bResult = FALSE;
break; break;
} }
SourceGlyphSurf = EngLockSurface((HSURF)HSourceGlyph); SourceGlyphSurf = EngLockSurface((HSURF)HSourceGlyph);
if ( !SourceGlyphSurf ) if (!SourceGlyphSurf)
{ {
EngDeleteSurface((HSURF)HSourceGlyph); EngDeleteSurface((HSURF)HSourceGlyph);
DPRINT1("WARNING: EngLockSurface() failed!\n"); DPRINT1("WARNING: EngLockSurface() failed!\n");
@ -5783,7 +5777,7 @@ GreExtTextOutW(
FLOATOBJ_Set1(&Scale); FLOATOBJ_Set1(&Scale);
/* do the shift before multiplying to preserve precision */ /* do the shift before multiplying to preserve precision */
FLOATOBJ_MulLong(&Scale, Dx[i<<DxShift] << 6); FLOATOBJ_MulLong(&Scale, Dx[i<<DxShift] << 6);
TextLeft += FLOATOBJ_GetLong(&Scale); TextLeft += FLOATOBJ_GetLong(&Scale);
DPRINT("New TextLeft2: %I64d\n", TextLeft); DPRINT("New TextLeft2: %I64d\n", TextLeft);
} }
@ -5812,7 +5806,6 @@ GreExtTextOutW(
EXLATEOBJ_vCleanup(&exloDst2RGB); EXLATEOBJ_vCleanup(&exloDst2RGB);
Cleanup: Cleanup:
DC_vFinishBlit(dc, NULL); DC_vFinishBlit(dc, NULL);
if (TextObj != NULL) if (TextObj != NULL)
@ -6146,7 +6139,7 @@ NtGdiGetCharABCWidthsW(
if(Safepwch) if(Safepwch)
ExFreePoolWithTag(Safepwch , GDITAG_TEXT); ExFreePoolWithTag(Safepwch , GDITAG_TEXT);
if (! NT_SUCCESS(Status)) if (!NT_SUCCESS(Status))
{ {
SetLastNtError(Status); SetLastNtError(Status);
return FALSE; return FALSE;
@ -6355,7 +6348,7 @@ NtGdiGetGlyphIndicesW(
LPWORD UnSafepgi = pgi; LPWORD UnSafepgi = pgi;
/* Check for integer overflow */ /* Check for integer overflow */
if (cwc & 0x80000000) // (INT_MAX + 1) == INT_MIN if (cwc & 0x80000000) // (INT_MAX + 1) == INT_MIN
return GDI_ERROR; return GDI_ERROR;
if (!UnSafepwc && !UnSafepgi) if (!UnSafepwc && !UnSafepgi)
@ -6394,7 +6387,6 @@ NtGdiGetGlyphIndicesW(
{ {
return GDI_ERROR; return GDI_ERROR;
} }
FontGDI = ObjToGDI(TextObj->Font, FONT); FontGDI = ObjToGDI(TextObj->Font, FONT);
TEXTOBJ_UnlockText(TextObj); TEXTOBJ_UnlockText(TextObj);
@ -6434,7 +6426,6 @@ NtGdiGetGlyphIndicesW(
pwcSize = cwc * sizeof(WCHAR); pwcSize = cwc * sizeof(WCHAR);
Safepwc = ExAllocatePoolWithTag(PagedPool, pwcSize, GDITAG_TEXT); Safepwc = ExAllocatePoolWithTag(PagedPool, pwcSize, GDITAG_TEXT);
if (!Safepwc) if (!Safepwc)
{ {
Status = STATUS_NO_MEMORY; Status = STATUS_NO_MEMORY;
@ -6455,7 +6446,6 @@ NtGdiGetGlyphIndicesW(
if (!NT_SUCCESS(Status)) goto ErrorRet; if (!NT_SUCCESS(Status)) goto ErrorRet;
IntLockFreeType; IntLockFreeType;
for (i = 0; i < cwc; i++) for (i = 0; i < cwc; i++)
{ {
Buffer[i] = FT_Get_Char_Index(FontGDI->SharedFace->Face, Safepwc[i]); Buffer[i] = FT_Get_Char_Index(FontGDI->SharedFace->Face, Safepwc[i]);
@ -6464,7 +6454,6 @@ NtGdiGetGlyphIndicesW(
Buffer[i] = DefChar; Buffer[i] = DefChar;
} }
} }
IntUnLockFreeType; IntUnLockFreeType;
_SEH2_TRY _SEH2_TRY