2 * Copyright © 2007,2008,2009,2010 Red Hat, Inc.
3 * Copyright © 2012 Google, Inc.
5 * This is part of HarfBuzz, a text shaping library.
7 * Permission is hereby granted, without written agreement and without
8 * license or royalty fees, to use, copy, modify, and distribute this
9 * software and its documentation for any purpose, provided that the
10 * above copyright notice and the following two paragraphs appear in
11 * all copies of this software.
13 * IN NO EVENT SHALL THE COPYRIGHT HOLDER BE LIABLE TO ANY PARTY FOR
14 * DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES
15 * ARISING OUT OF THE USE OF THIS SOFTWARE AND ITS DOCUMENTATION, EVEN
16 * IF THE COPYRIGHT HOLDER HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
19 * THE COPYRIGHT HOLDER SPECIFICALLY DISCLAIMS ANY WARRANTIES, INCLUDING,
20 * BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
21 * FITNESS FOR A PARTICULAR PURPOSE. THE SOFTWARE PROVIDED HEREUNDER IS
22 * ON AN "AS IS" BASIS, AND THE COPYRIGHT HOLDER HAS NO OBLIGATION TO
23 * PROVIDE MAINTENANCE, SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS.
25 * Red Hat Author(s): Behdad Esfahbod
26 * Google Author(s): Behdad Esfahbod
29 #ifndef HB_OPEN_TYPE_PRIVATE_HH
30 #define HB_OPEN_TYPE_PRIVATE_HH
32 #include "hb-private.hh"
42 /* Cast to struct T, reference to reference */
43 template<typename Type, typename TObject>
44 inline const Type& CastR(const TObject &X)
45 { return reinterpret_cast<const Type&> (X); }
46 template<typename Type, typename TObject>
47 inline Type& CastR(TObject &X)
48 { return reinterpret_cast<Type&> (X); }
50 /* Cast to struct T, pointer to pointer */
51 template<typename Type, typename TObject>
52 inline const Type* CastP(const TObject *X)
53 { return reinterpret_cast<const Type*> (X); }
54 template<typename Type, typename TObject>
55 inline Type* CastP(TObject *X)
56 { return reinterpret_cast<Type*> (X); }
58 /* StructAtOffset<T>(P,Ofs) returns the struct T& that is placed at memory
59 * location pointed to by P plus Ofs bytes. */
60 template<typename Type>
61 inline const Type& StructAtOffset(const void *P, unsigned int offset)
62 { return * reinterpret_cast<const Type*> ((const char *) P + offset); }
63 template<typename Type>
64 inline Type& StructAtOffset(void *P, unsigned int offset)
65 { return * reinterpret_cast<Type*> ((char *) P + offset); }
67 /* StructAfter<T>(X) returns the struct T& that is placed after X.
68 * Works with X of variable size also. X must implement get_size() */
69 template<typename Type, typename TObject>
70 inline const Type& StructAfter(const TObject &X)
71 { return StructAtOffset<Type>(&X, X.get_size()); }
72 template<typename Type, typename TObject>
73 inline Type& StructAfter(TObject &X)
74 { return StructAtOffset<Type>(&X, X.get_size()); }
82 /* Check _assertion in a method environment */
83 #define _DEFINE_INSTANCE_ASSERTION1(_line, _assertion) \
84 inline void _instance_assertion_on_line_##_line (void) const \
86 ASSERT_STATIC (_assertion); \
87 ASSERT_INSTANCE_POD (*this); /* Make sure it's POD. */ \
89 # define _DEFINE_INSTANCE_ASSERTION0(_line, _assertion) _DEFINE_INSTANCE_ASSERTION1 (_line, _assertion)
90 # define DEFINE_INSTANCE_ASSERTION(_assertion) _DEFINE_INSTANCE_ASSERTION0 (__LINE__, _assertion)
92 /* Check that _code compiles in a method environment */
93 #define _DEFINE_COMPILES_ASSERTION1(_line, _code) \
94 inline void _compiles_assertion_on_line_##_line (void) const \
96 # define _DEFINE_COMPILES_ASSERTION0(_line, _code) _DEFINE_COMPILES_ASSERTION1 (_line, _code)
97 # define DEFINE_COMPILES_ASSERTION(_code) _DEFINE_COMPILES_ASSERTION0 (__LINE__, _code)
100 #define DEFINE_SIZE_STATIC(size) \
101 DEFINE_INSTANCE_ASSERTION (sizeof (*this) == (size)); \
102 static const unsigned int static_size = (size); \
103 static const unsigned int min_size = (size)
105 /* Size signifying variable-sized array */
108 #define DEFINE_SIZE_UNION(size, _member) \
109 DEFINE_INSTANCE_ASSERTION (this->u._member.static_size == (size)); \
110 static const unsigned int min_size = (size)
112 #define DEFINE_SIZE_MIN(size) \
113 DEFINE_INSTANCE_ASSERTION (sizeof (*this) >= (size)); \
114 static const unsigned int min_size = (size)
116 #define DEFINE_SIZE_ARRAY(size, array) \
117 DEFINE_INSTANCE_ASSERTION (sizeof (*this) == (size) + sizeof (array[0])); \
118 DEFINE_COMPILES_ASSERTION ((void) array[0].static_size) \
119 static const unsigned int min_size = (size)
121 #define DEFINE_SIZE_ARRAY2(size, array1, array2) \
122 DEFINE_INSTANCE_ASSERTION (sizeof (*this) == (size) + sizeof (this->array1[0]) + sizeof (this->array2[0])); \
123 DEFINE_COMPILES_ASSERTION ((void) array1[0].static_size; (void) array2[0].static_size) \
124 static const unsigned int min_size = (size)
132 /* Global nul-content Null pool. Enlarge as necessary. */
133 static const void *_NullPool[64 / sizeof (void *)];
135 /* Generic nul-content Null objects. */
136 template <typename Type>
137 static inline const Type& Null (void) {
138 ASSERT_STATIC (Type::min_size <= sizeof (_NullPool));
139 return *CastP<Type> (_NullPool);
142 /* Specializaiton for arbitrary-content arbitrary-sized Null objects. */
143 #define DEFINE_NULL_DATA(Type, data) \
144 static const char _Null##Type[Type::min_size + 1] = data; /* +1 is for nul-termination in data */ \
146 inline const Type& Null<Type> (void) { \
147 return *CastP<Type> (_Null##Type); \
148 } /* The following line really exists such that we end in a place needing semicolon */ \
149 ASSERT_STATIC (Type::min_size + 1 <= sizeof (_Null##Type))
151 /* Accessor macro. */
152 #define Null(Type) Null<Type>()
160 #ifndef HB_DEBUG_SANITIZE
161 #define HB_DEBUG_SANITIZE (HB_DEBUG+0)
165 #define TRACE_SANITIZE() \
166 hb_auto_trace_t<HB_DEBUG_SANITIZE> trace (&c->debug_depth, "SANITIZE", this, HB_FUNC, "");
169 struct hb_sanitize_context_t
171 inline void init (hb_blob_t *b)
173 this->blob = hb_blob_reference (b);
174 this->writable = false;
177 inline void start_processing (void)
179 this->start = hb_blob_get_data (this->blob, NULL);
180 this->end = this->start + hb_blob_get_length (this->blob);
181 this->edit_count = 0;
182 this->debug_depth = 0;
184 DEBUG_MSG_LEVEL (SANITIZE, this->blob, 0, +1,
185 "start [%p..%p] (%lu bytes)",
186 this->start, this->end,
187 (unsigned long) (this->end - this->start));
190 inline void end_processing (void)
192 DEBUG_MSG_LEVEL (SANITIZE, this->blob, 0, -1,
193 "end [%p..%p] %u edit requests",
194 this->start, this->end, this->edit_count);
196 hb_blob_destroy (this->blob);
198 this->start = this->end = NULL;
201 inline bool check_range (const void *base, unsigned int len) const
203 const char *p = (const char *) base;
205 hb_auto_trace_t<HB_DEBUG_SANITIZE> trace (&this->debug_depth, "SANITIZE", this->blob, NULL,
206 "check_range [%p..%p] (%d bytes) in [%p..%p]",
208 this->start, this->end);
210 return TRACE_RETURN (likely (this->start <= p && p <= this->end && (unsigned int) (this->end - p) >= len));
213 inline bool check_array (const void *base, unsigned int record_size, unsigned int len) const
215 const char *p = (const char *) base;
216 bool overflows = _hb_unsigned_int_mul_overflows (len, record_size);
218 hb_auto_trace_t<HB_DEBUG_SANITIZE> trace (&this->debug_depth, "SANITIZE", this->blob, NULL,
219 "check_array [%p..%p] (%d*%d=%ld bytes) in [%p..%p]",
220 p, p + (record_size * len), record_size, len, (unsigned long) record_size * len,
221 this->start, this->end);
223 return TRACE_RETURN (likely (!overflows && this->check_range (base, record_size * len)));
226 template <typename Type>
227 inline bool check_struct (const Type *obj) const
229 return likely (this->check_range (obj, obj->min_size));
232 inline bool may_edit (const void *base HB_UNUSED, unsigned int len HB_UNUSED)
234 const char *p = (const char *) base;
237 hb_auto_trace_t<HB_DEBUG_SANITIZE> trace (&this->debug_depth, "SANITIZE", this->blob, NULL,
238 "may_edit(%u) [%p..%p] (%d bytes) in [%p..%p] -> %s",
241 this->start, this->end);
243 return TRACE_RETURN (this->writable);
246 mutable unsigned int debug_depth;
247 const char *start, *end;
249 unsigned int edit_count;
255 /* Template to sanitize an object. */
256 template <typename Type>
259 static hb_blob_t *sanitize (hb_blob_t *blob) {
260 hb_sanitize_context_t c[1] = {{0}};
263 /* TODO is_sane() stuff */
268 DEBUG_MSG_FUNC (SANITIZE, blob, "start");
270 c->start_processing ();
272 if (unlikely (!c->start)) {
273 c->end_processing ();
277 Type *t = CastP<Type> (const_cast<char *> (c->start));
279 sane = t->sanitize (c);
282 DEBUG_MSG_FUNC (SANITIZE, blob, "passed first round with %d edits; going for second round", c->edit_count);
284 /* sanitize again to ensure no toe-stepping */
286 sane = t->sanitize (c);
288 DEBUG_MSG_FUNC (SANITIZE, blob, "requested %d edits in second round; FAILLING", c->edit_count);
293 unsigned int edit_count = c->edit_count;
294 if (edit_count && !c->writable) {
295 c->start = hb_blob_get_data_writable (blob, NULL);
296 c->end = c->start + hb_blob_get_length (blob);
300 /* ok, we made it writable by relocating. try again */
301 DEBUG_MSG_FUNC (SANITIZE, blob, "retry");
307 c->end_processing ();
309 DEBUG_MSG_FUNC (SANITIZE, blob, sane ? "PASSED" : "FAILED");
313 hb_blob_destroy (blob);
314 return hb_blob_get_empty ();
318 static const Type* lock_instance (hb_blob_t *blob) {
319 hb_blob_make_immutable (blob);
320 const char *base = hb_blob_get_data (blob, NULL);
321 return unlikely (!base) ? &Null(Type) : CastP<Type> (base);
330 * The OpenType Font File: Data Types
334 /* "The following data types are used in the OpenType font file.
335 * All OpenType fonts use Motorola-style byte ordering (Big Endian):" */
342 template <typename Type, int Bytes> struct BEInt;
344 /* LONGTERMTODO: On machines allowing unaligned access, we can make the
345 * following tighter by using byteswap instructions on ints directly. */
346 template <typename Type>
347 struct BEInt<Type, 2>
350 inline void set (Type i) { hb_be_uint16_put (v,i); }
351 inline operator Type (void) const { return hb_be_uint16_get (v); }
352 inline bool operator == (const BEInt<Type, 2>& o) const { return hb_be_uint16_eq (v, o.v); }
353 inline bool operator != (const BEInt<Type, 2>& o) const { return !(*this == o); }
354 private: uint8_t v[2];
356 template <typename Type>
357 struct BEInt<Type, 4>
360 inline void set (Type i) { hb_be_uint32_put (v,i); }
361 inline operator Type (void) const { return hb_be_uint32_get (v); }
362 inline bool operator == (const BEInt<Type, 4>& o) const { return hb_be_uint32_eq (v, o.v); }
363 inline bool operator != (const BEInt<Type, 4>& o) const { return !(*this == o); }
364 private: uint8_t v[4];
367 /* Integer types in big-endian order and no alignment requirement */
368 template <typename Type>
371 inline void set (Type i) { v.set (i); }
372 inline operator Type(void) const { return v; }
373 inline bool operator == (const IntType<Type> &o) const { return v == o.v; }
374 inline bool operator != (const IntType<Type> &o) const { return v != o.v; }
375 inline int cmp (Type a) const { Type b = v; return a < b ? -1 : a == b ? 0 : +1; }
376 inline bool sanitize (hb_sanitize_context_t *c) {
378 return TRACE_RETURN (likely (c->check_struct (this)));
381 BEInt<Type, sizeof (Type)> v;
383 DEFINE_SIZE_STATIC (sizeof (Type));
386 /* Typedef these to avoid clash with windows.h */
387 #define USHORT HB_USHORT
388 #define SHORT HB_SHORT
389 #define ULONG HB_ULONG
391 typedef IntType<uint16_t> USHORT; /* 16-bit unsigned integer. */
392 typedef IntType<int16_t> SHORT; /* 16-bit signed integer. */
393 typedef IntType<uint32_t> ULONG; /* 32-bit unsigned integer. */
394 typedef IntType<int32_t> LONG; /* 32-bit signed integer. */
396 /* 16-bit signed integer (SHORT) that describes a quantity in FUnits. */
399 /* 16-bit unsigned integer (USHORT) that describes a quantity in FUnits. */
400 typedef USHORT UFWORD;
402 /* Date represented in number of seconds since 12:00 midnight, January 1,
403 * 1904. The value is represented as a signed 64-bit integer. */
406 inline bool sanitize (hb_sanitize_context_t *c) {
408 return TRACE_RETURN (likely (c->check_struct (this)));
414 DEFINE_SIZE_STATIC (8);
417 /* Array of four uint8s (length = 32 bits) used to identify a script, language
418 * system, feature, or baseline */
421 /* What the char* converters return is NOT nul-terminated. Print using "%.4s" */
422 inline operator const char* (void) const { return reinterpret_cast<const char *> (&this->v); }
423 inline operator char* (void) { return reinterpret_cast<char *> (&this->v); }
425 DEFINE_SIZE_STATIC (4);
427 DEFINE_NULL_DATA (Tag, " ");
429 /* Glyph index number, same as uint16 (length = 16 bits) */
430 typedef USHORT GlyphID;
432 /* Script/language-system/feature index */
433 struct Index : USHORT {
434 static const unsigned int NOT_FOUND_INDEX = 0xFFFF;
436 DEFINE_NULL_DATA (Index, "\xff\xff");
438 /* Offset to a table, same as uint16 (length = 16 bits), Null offset = 0x0000 */
439 typedef USHORT Offset;
441 /* LongOffset to a table, same as uint32 (length = 32 bits), Null offset = 0x00000000 */
442 typedef ULONG LongOffset;
446 struct CheckSum : ULONG
448 static uint32_t CalcTableChecksum (ULONG *Table, uint32_t Length)
451 ULONG *EndPtr = Table+((Length+3) & ~3) / ULONG::static_size;
453 while (Table < EndPtr)
458 DEFINE_SIZE_STATIC (4);
468 inline uint32_t to_int (void) const { return (major << 16) + minor; }
470 inline bool sanitize (hb_sanitize_context_t *c) {
472 return TRACE_RETURN (c->check_struct (this));
478 DEFINE_SIZE_STATIC (4);
484 * Template subclasses of Offset and LongOffset that do the dereferencing.
488 template <typename OffsetType, typename Type>
489 struct GenericOffsetTo : OffsetType
491 inline const Type& operator () (const void *base) const
493 unsigned int offset = *this;
494 if (unlikely (!offset)) return Null(Type);
495 return StructAtOffset<Type> (base, offset);
498 inline bool sanitize (hb_sanitize_context_t *c, void *base) {
500 if (unlikely (!c->check_struct (this))) return TRACE_RETURN (false);
501 unsigned int offset = *this;
502 if (unlikely (!offset)) return TRACE_RETURN (true);
503 Type &obj = StructAtOffset<Type> (base, offset);
504 return TRACE_RETURN (likely (obj.sanitize (c)) || neuter (c));
506 template <typename T>
507 inline bool sanitize (hb_sanitize_context_t *c, void *base, T user_data) {
509 if (unlikely (!c->check_struct (this))) return TRACE_RETURN (false);
510 unsigned int offset = *this;
511 if (unlikely (!offset)) return TRACE_RETURN (true);
512 Type &obj = StructAtOffset<Type> (base, offset);
513 return TRACE_RETURN (likely (obj.sanitize (c, user_data)) || neuter (c));
517 /* Set the offset to Null */
518 inline bool neuter (hb_sanitize_context_t *c) {
519 if (c->may_edit (this, this->static_size)) {
520 this->set (0); /* 0 is Null offset */
526 template <typename Base, typename OffsetType, typename Type>
527 inline const Type& operator + (const Base &base, GenericOffsetTo<OffsetType, Type> offset) { return offset (base); }
529 template <typename Type>
530 struct OffsetTo : GenericOffsetTo<Offset, Type> {};
532 template <typename Type>
533 struct LongOffsetTo : GenericOffsetTo<LongOffset, Type> {};
540 template <typename LenType, typename Type>
541 struct GenericArrayOf
543 const Type *sub_array (unsigned int start_offset, unsigned int *pcount /* IN/OUT */) const
545 unsigned int count = len;
546 if (unlikely (start_offset > count))
549 count -= start_offset;
550 count = MIN (count, *pcount);
552 return array + start_offset;
555 inline const Type& operator [] (unsigned int i) const
557 if (unlikely (i >= len)) return Null(Type);
560 inline unsigned int get_size (void) const
561 { return len.static_size + len * Type::static_size; }
563 inline bool sanitize (hb_sanitize_context_t *c) {
565 if (unlikely (!sanitize_shallow (c))) return TRACE_RETURN (false);
567 /* Note: for structs that do not reference other structs,
568 * we do not need to call their sanitize() as we already did
569 * a bound check on the aggregate array size. We just include
570 * a small unreachable expression to make sure the structs
571 * pointed to do have a simple sanitize(), ie. they do not
572 * reference other structs via offsets.
574 (void) (false && array[0].sanitize (c));
576 return TRACE_RETURN (true);
578 inline bool sanitize (hb_sanitize_context_t *c, void *base) {
580 if (unlikely (!sanitize_shallow (c))) return TRACE_RETURN (false);
581 unsigned int count = len;
582 for (unsigned int i = 0; i < count; i++)
583 if (unlikely (!array[i].sanitize (c, base)))
584 return TRACE_RETURN (false);
585 return TRACE_RETURN (true);
587 template <typename T>
588 inline bool sanitize (hb_sanitize_context_t *c, void *base, T user_data) {
590 if (unlikely (!sanitize_shallow (c))) return TRACE_RETURN (false);
591 unsigned int count = len;
592 for (unsigned int i = 0; i < count; i++)
593 if (unlikely (!array[i].sanitize (c, base, user_data)))
594 return TRACE_RETURN (false);
595 return TRACE_RETURN (true);
599 inline bool sanitize_shallow (hb_sanitize_context_t *c) {
601 return TRACE_RETURN (c->check_struct (this) && c->check_array (this, Type::static_size, len));
608 DEFINE_SIZE_ARRAY (sizeof (LenType), array);
611 /* An array with a USHORT number of elements. */
612 template <typename Type>
613 struct ArrayOf : GenericArrayOf<USHORT, Type> {};
615 /* An array with a ULONG number of elements. */
616 template <typename Type>
617 struct LongArrayOf : GenericArrayOf<ULONG, Type> {};
619 /* Array of Offset's */
620 template <typename Type>
621 struct OffsetArrayOf : ArrayOf<OffsetTo<Type> > {};
623 /* Array of LongOffset's */
624 template <typename Type>
625 struct LongOffsetArrayOf : ArrayOf<LongOffsetTo<Type> > {};
627 /* LongArray of LongOffset's */
628 template <typename Type>
629 struct LongOffsetLongArrayOf : LongArrayOf<LongOffsetTo<Type> > {};
631 /* Array of offsets relative to the beginning of the array itself. */
632 template <typename Type>
633 struct OffsetListOf : OffsetArrayOf<Type>
635 inline const Type& operator [] (unsigned int i) const
637 if (unlikely (i >= this->len)) return Null(Type);
638 return this+this->array[i];
641 inline bool sanitize (hb_sanitize_context_t *c) {
643 return TRACE_RETURN (OffsetArrayOf<Type>::sanitize (c, this));
645 template <typename T>
646 inline bool sanitize (hb_sanitize_context_t *c, T user_data) {
648 return TRACE_RETURN (OffsetArrayOf<Type>::sanitize (c, this, user_data));
653 /* An array with a USHORT number of elements,
654 * starting at second element. */
655 template <typename Type>
656 struct HeadlessArrayOf
658 inline const Type& operator [] (unsigned int i) const
660 if (unlikely (i >= len || !i)) return Null(Type);
663 inline unsigned int get_size (void) const
664 { return len.static_size + (len ? len - 1 : 0) * Type::static_size; }
666 inline bool sanitize_shallow (hb_sanitize_context_t *c) {
667 return c->check_struct (this)
668 && c->check_array (this, Type::static_size, len);
671 inline bool sanitize (hb_sanitize_context_t *c) {
673 if (unlikely (!sanitize_shallow (c))) return TRACE_RETURN (false);
675 /* Note: for structs that do not reference other structs,
676 * we do not need to call their sanitize() as we already did
677 * a bound check on the aggregate array size. We just include
678 * a small unreachable expression to make sure the structs
679 * pointed to do have a simple sanitize(), ie. they do not
680 * reference other structs via offsets.
682 (void) (false && array[0].sanitize (c));
684 return TRACE_RETURN (true);
690 DEFINE_SIZE_ARRAY (sizeof (USHORT), array);
694 /* An array with sorted elements. Supports binary searching. */
695 template <typename Type>
696 struct SortedArrayOf : ArrayOf<Type> {
698 template <typename SearchType>
699 inline int search (const SearchType &x) const {
701 static int cmp (const SearchType *a, const Type *b) { return b->cmp (*a); }
703 const Type *p = (const Type *) bsearch (&x, this->array, this->len, sizeof (this->array[0]), (hb_compare_func_t) Cmp::cmp);
704 return p ? p - this->array : -1;
710 #endif /* HB_OPEN_TYPE_PRIVATE_HH */
projects / framework / uifw / harfbuzz.git / blob