Skip to content

Prevent glyph program state from persisting

Ben Wagner requested to merge bungeman/freetype:isolate_glyf_program into master

FDEF instructions are specified as allowed only in 'prep' or 'fpgm'. FreeType has attempted to prevent their use in the glyph program, but they were still allowed in glyph program if defined in a function defined in 'prep' or 'fpgm' and called from the glyph program.

Similarly, IDEF instructions are specified not the be able to modify any existing instruction. FreeType has attempted to prevents their use in the glyph program, but they can still be used like FDEF.

This change stores the initial bytecode range type and disallows the use of FDEF and IDEF while running the glyph program.

Most other state is copied from the TT_Size into the execution context. However, it is possible for a glyph program to use WS to write to the storage area or WCVTP, WCVTF, and DELTAC1-3 to write to the control value table.

Allowing any change to the global state from the glyph program is problematic as the outlines of any given glyph may change based on the order the glyphs are loaded or even how many times they are loaded. There already exist fonts which write to the storage area or the control value table glyph program, so making their use an error is problematic.

Possible solutions to using these in the glyph program are

  • ignore the writes.
  • value level copy on write, discard modified values when finished.
  • array level copy on write, discard the copy when finished.
  • copy array up front.

Ignoring the writes may break otherwise good uses. A full copy up front was implemented, but was quite heavy as even well behaved fonts required a full copy and the memory management that goes along with it. Value level copy on write could use less memory but requires a great deal more record keeping an complexity. This change implements array level copy on write. If any attempt is made to write to the control value table or the storage area when the initial bytecode range was in a glyph program then the relevant array will be copied to a designated storage area and the copy used for the rest of the glyph program's execution.

Merge request reports