2 * Copyright © 2007,2008,2009,2010 Red Hat, Inc.
4 * This is part of HarfBuzz, a text shaping library.
6 * Permission is hereby granted, without written agreement and without
7 * license or royalty fees, to use, copy, modify, and distribute this
8 * software and its documentation for any purpose, provided that the
9 * above copyright notice and the following two paragraphs appear in
10 * all copies of this software.
12 * IN NO EVENT SHALL THE COPYRIGHT HOLDER BE LIABLE TO ANY PARTY FOR
13 * DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES
14 * ARISING OUT OF THE USE OF THIS SOFTWARE AND ITS DOCUMENTATION, EVEN
15 * IF THE COPYRIGHT HOLDER HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
18 * THE COPYRIGHT HOLDER SPECIFICALLY DISCLAIMS ANY WARRANTIES, INCLUDING,
19 * BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
20 * FITNESS FOR A PARTICULAR PURPOSE. THE SOFTWARE PROVIDED HEREUNDER IS
21 * ON AN "AS IS" BASIS, AND THE COPYRIGHT HOLDER HAS NO OBLIGATION TO
22 * PROVIDE MAINTENANCE, SUPPORT, UPDATES, ENHANCEMENTS, OR MODIFICATIONS.
24 * Red Hat Author(s): Behdad Esfahbod
27 #ifndef HB_OPEN_TYPE_PRIVATE_HH
28 #define HB_OPEN_TYPE_PRIVATE_HH
30 #include "hb-private.hh"
42 /* Cast to struct T, reference to reference */
43 template<typename Type, typename TObject>
44 inline const Type& CastR(const TObject &X)
45 { return reinterpret_cast<const Type&> (X); }
46 template<typename Type, typename TObject>
47 inline Type& CastR(TObject &X)
48 { return reinterpret_cast<Type&> (X); }
50 /* Cast to struct T, pointer to pointer */
51 template<typename Type, typename TObject>
52 inline const Type* CastP(const TObject *X)
53 { return reinterpret_cast<const Type*> (X); }
54 template<typename Type, typename TObject>
55 inline Type* CastP(TObject *X)
56 { return reinterpret_cast<Type*> (X); }
58 /* StructAtOffset<T>(P,Ofs) returns the struct T& that is placed at memory
59 * location pointed to by P plus Ofs bytes. */
60 template<typename Type>
61 inline const Type& StructAtOffset(const void *P, unsigned int offset)
62 { return * reinterpret_cast<const Type*> ((const char *) P + offset); }
63 template<typename Type>
64 inline Type& StructAtOffset(void *P, unsigned int offset)
65 { return * reinterpret_cast<Type*> ((char *) P + offset); }
67 /* StructAfter<T>(X) returns the struct T& that is placed after X.
68 * Works with X of variable size also. X must implement get_size() */
69 template<typename Type, typename TObject>
70 inline const Type& StructAfter(const TObject &X)
71 { return StructAtOffset<Type>(&X, X.get_size()); }
72 template<typename Type, typename TObject>
73 inline Type& StructAfter(TObject &X)
74 { return StructAtOffset<Type>(&X, X.get_size()); }
82 /* Check _assertion in a method environment */
83 #define _DEFINE_SIZE_ASSERTION(_assertion) \
84 inline void _size_assertion (void) const \
85 { ASSERT_STATIC (_assertion); }
86 /* Check that _code compiles in a method environment */
87 #define _DEFINE_COMPILES_ASSERTION(_code) \
88 inline void _compiles_assertion (void) const \
92 #define DEFINE_SIZE_STATIC(size) \
93 _DEFINE_SIZE_ASSERTION (sizeof (*this) == (size)); \
94 static const unsigned int static_size = (size); \
95 static const unsigned int min_size = (size)
97 /* Size signifying variable-sized array */
100 #define DEFINE_SIZE_UNION(size, _member) \
101 _DEFINE_SIZE_ASSERTION (this->u._member.static_size == (size)); \
102 static const unsigned int min_size = (size)
104 #define DEFINE_SIZE_MIN(size) \
105 _DEFINE_SIZE_ASSERTION (sizeof (*this) >= (size)); \
106 static const unsigned int min_size = (size)
108 #define DEFINE_SIZE_ARRAY(size, array) \
109 _DEFINE_SIZE_ASSERTION (sizeof (*this) == (size) + sizeof (array[0])); \
110 _DEFINE_COMPILES_ASSERTION ((void) array[0].static_size) \
111 static const unsigned int min_size = (size)
113 #define DEFINE_SIZE_ARRAY2(size, array1, array2) \
114 _DEFINE_SIZE_ASSERTION (sizeof (*this) == (size) + sizeof (this->array1[0]) + sizeof (this->array2[0])); \
115 _DEFINE_COMPILES_ASSERTION ((void) array1[0].static_size; (void) array2[0].static_size) \
116 static const unsigned int min_size = (size)
124 /* Global nul-content Null pool. Enlarge as necessary. */
125 static const void *_NullPool[64 / sizeof (void *)];
127 /* Generic nul-content Null objects. */
128 template <typename Type>
129 static inline const Type& Null (void) {
130 ASSERT_STATIC (Type::min_size <= sizeof (_NullPool));
131 return *CastP<Type> (_NullPool);
134 /* Specializaiton for arbitrary-content arbitrary-sized Null objects. */
135 #define DEFINE_NULL_DATA(Type, data) \
136 static const char _Null##Type[Type::min_size + 1] = data; /* +1 is for nul-termination in data */ \
138 inline const Type& Null<Type> (void) { \
139 return *CastP<Type> (_Null##Type); \
140 } /* The following line really exists such that we end in a place needing semicolon */ \
141 ASSERT_STATIC (Type::min_size + 1 <= sizeof (_Null##Type))
143 /* Accessor macro. */
144 #define Null(Type) Null<Type>()
152 template <int max_depth>
154 explicit hb_trace_t (unsigned int *pdepth_, const char *what, const char *function, const void *obj) : pdepth(pdepth_) {
155 (void) (*pdepth < max_depth &&
156 fprintf (stderr, "%s(%p) %-*d-> %s\n", what, obj, *pdepth, *pdepth, function));
157 if (max_depth) ++*pdepth;
159 ~hb_trace_t (void) { if (max_depth) --*pdepth; }
162 unsigned int *pdepth;
164 template <> /* Optimize when tracing is disabled */
165 struct hb_trace_t<0> {
166 explicit hb_trace_t (unsigned int *pdepth HB_UNUSED, const char *what HB_UNUSED, const char *function HB_UNUSED, const void *obj HB_UNUSED) {}
175 #ifndef HB_DEBUG_SANITIZE
176 #define HB_DEBUG_SANITIZE (HB_DEBUG+0)
180 #define TRACE_SANITIZE() \
181 hb_trace_t<HB_DEBUG_SANITIZE> trace (&c->debug_depth, "SANITIZE", HB_FUNC, this); \
184 struct hb_sanitize_context_t
186 inline void init (hb_blob_t *b)
188 this->blob = hb_blob_reference (b);
189 this->writable = false;
192 inline void setup (void)
194 this->start = hb_blob_get_data (this->blob, NULL);
195 this->end = this->start + hb_blob_get_length (this->blob);
196 this->edit_count = 0;
197 this->debug_depth = 0;
199 (void) (HB_DEBUG_SANITIZE &&
200 fprintf (stderr, "sanitize %p init [%p..%p] (%lu bytes)\n",
201 (void *) this->blob, this->start, this->end,
202 (unsigned long) (this->end - this->start)));
205 inline void finish (void)
207 (void) (HB_DEBUG_SANITIZE &&
208 fprintf (stderr, "sanitize %p fini [%p..%p] %u edit requests\n",
209 (void *) this->blob, this->start, this->end, this->edit_count));
211 hb_blob_destroy (this->blob);
213 this->start = this->end = NULL;
216 inline bool check_range (const void *base, unsigned int len) const
218 const char *p = (const char *) base;
219 bool ret = this->start <= p &&
221 (unsigned int) (this->end - p) >= len;
223 (void) (HB_DEBUG_SANITIZE && (int) this->debug_depth < (int) HB_DEBUG_SANITIZE &&
224 fprintf (stderr, "SANITIZE(%p) %-*d-> range [%p..%p] (%d bytes) in [%p..%p] -> %s\n",
226 this->debug_depth, this->debug_depth,
228 this->start, this->end,
229 ret ? "pass" : "FAIL"));
234 inline bool check_array (const void *base, unsigned int record_size, unsigned int len) const
236 const char *p = (const char *) base;
237 bool overflows = _hb_unsigned_int_mul_overflows (len, record_size);
239 (void) (HB_DEBUG_SANITIZE && (int) this->debug_depth < (int) HB_DEBUG_SANITIZE &&
240 fprintf (stderr, "SANITIZE(%p) %-*d-> array [%p..%p] (%d*%d=%ld bytes) in [%p..%p] -> %s\n",
242 this->debug_depth, this->debug_depth,
243 p, p + (record_size * len), record_size, len, (unsigned long) record_size * len,
244 this->start, this->end,
245 !overflows ? "does not overflow" : "OVERFLOWS FAIL"));
247 return likely (!overflows && this->check_range (base, record_size * len));
250 template <typename Type>
251 inline bool check_struct (const Type *obj) const
253 return likely (this->check_range (obj, obj->min_size));
256 inline bool can_edit (const void *base HB_UNUSED, unsigned int len HB_UNUSED)
258 const char *p = (const char *) base;
261 (void) (HB_DEBUG_SANITIZE && (int) this->debug_depth < (int) HB_DEBUG_SANITIZE &&
262 fprintf (stderr, "SANITIZE(%p) %-*d-> edit(%u) [%p..%p] (%d bytes) in [%p..%p] -> %s\n",
264 this->debug_depth, this->debug_depth,
267 this->start, this->end,
268 this->writable ? "granted" : "REJECTED"));
270 return this->writable;
273 unsigned int debug_depth;
274 const char *start, *end;
276 unsigned int edit_count;
282 /* Template to sanitize an object. */
283 template <typename Type>
286 static hb_blob_t *sanitize (hb_blob_t *blob) {
287 hb_sanitize_context_t c[1] = {{0}};
290 /* TODO is_sane() stuff */
295 (void) (HB_DEBUG_SANITIZE &&
296 fprintf (stderr, "Sanitizer %p start %s\n", (void *) blob, HB_FUNC));
300 if (unlikely (!c->start)) {
305 Type *t = CastP<Type> (const_cast<char *> (c->start));
307 sane = t->sanitize (c);
310 (void) (HB_DEBUG_SANITIZE &&
311 fprintf (stderr, "Sanitizer %p passed first round with %d edits; doing a second round %s\n",
312 (void *) blob, c->edit_count, HB_FUNC));
314 /* sanitize again to ensure no toe-stepping */
316 sane = t->sanitize (c);
318 (void) (HB_DEBUG_SANITIZE &&
319 fprintf (stderr, "Sanitizer %p requested %d edits in second round; FAILLING %s\n",
320 (void *) blob, c->edit_count, HB_FUNC));
325 unsigned int edit_count = c->edit_count;
326 if (edit_count && !c->writable) {
327 c->start = hb_blob_get_data_writable (blob, NULL);
328 c->end = c->start + hb_blob_get_length (blob);
332 /* ok, we made it writable by relocating. try again */
333 (void) (HB_DEBUG_SANITIZE &&
334 fprintf (stderr, "Sanitizer %p retry %s\n", (void *) blob, HB_FUNC));
342 (void) (HB_DEBUG_SANITIZE &&
343 fprintf (stderr, "Sanitizer %p %s %s\n", (void *) blob, sane ? "passed" : "FAILED", HB_FUNC));
347 hb_blob_destroy (blob);
348 return hb_blob_get_empty ();
352 static const Type* lock_instance (hb_blob_t *blob) {
353 hb_blob_make_immutable (blob);
354 const char *base = hb_blob_get_data (blob, NULL);
355 return unlikely (!base) ? &Null(Type) : CastP<Type> (base);
364 * The OpenType Font File: Data Types
368 /* "The following data types are used in the OpenType font file.
369 * All OpenType fonts use Motorola-style byte ordering (Big Endian):" */
376 template <typename Type, int Bytes> class BEInt;
378 /* LONGTERMTODO: On machines allowing unaligned access, we can make the
379 * following tighter by using byteswap instructions on ints directly. */
380 template <typename Type>
384 inline void set (Type i) { hb_be_uint16_put (v,i); }
385 inline operator Type (void) const { return hb_be_uint16_get (v); }
386 inline bool operator == (const BEInt<Type, 2>& o) const { return hb_be_uint16_eq (v, o.v); }
387 inline bool operator != (const BEInt<Type, 2>& o) const { return !(*this == o); }
388 private: uint8_t v[2];
390 template <typename Type>
394 inline void set (Type i) { hb_be_uint32_put (v,i); }
395 inline operator Type (void) const { return hb_be_uint32_get (v); }
396 inline bool operator == (const BEInt<Type, 4>& o) const { return hb_be_uint32_eq (v, o.v); }
397 inline bool operator != (const BEInt<Type, 4>& o) const { return !(*this == o); }
398 private: uint8_t v[4];
401 /* Integer types in big-endian order and no alignment requirement */
402 template <typename Type>
405 inline void set (Type i) { v.set (i); }
406 inline operator Type(void) const { return v; }
407 inline bool operator == (const IntType<Type> &o) const { return v == o.v; }
408 inline bool operator != (const IntType<Type> &o) const { return v != o.v; }
409 inline int cmp (Type a) const { Type b = v; return a < b ? -1 : a == b ? 0 : +1; }
410 inline bool sanitize (hb_sanitize_context_t *c) {
412 return likely (c->check_struct (this));
415 BEInt<Type, sizeof (Type)> v;
417 DEFINE_SIZE_STATIC (sizeof (Type));
420 typedef IntType<uint16_t> USHORT; /* 16-bit unsigned integer. */
421 typedef IntType<int16_t> SHORT; /* 16-bit signed integer. */
422 typedef IntType<uint32_t> ULONG; /* 32-bit unsigned integer. */
423 typedef IntType<int32_t> LONG; /* 32-bit signed integer. */
425 /* Date represented in number of seconds since 12:00 midnight, January 1,
426 * 1904. The value is represented as a signed 64-bit integer. */
429 inline bool sanitize (hb_sanitize_context_t *c) {
431 return likely (c->check_struct (this));
437 DEFINE_SIZE_STATIC (8);
440 /* Array of four uint8s (length = 32 bits) used to identify a script, language
441 * system, feature, or baseline */
444 /* What the char* converters return is NOT nul-terminated. Print using "%.4s" */
445 inline operator const char* (void) const { return reinterpret_cast<const char *> (&this->v); }
446 inline operator char* (void) { return reinterpret_cast<char *> (&this->v); }
448 DEFINE_SIZE_STATIC (4);
450 DEFINE_NULL_DATA (Tag, " ");
452 /* Glyph index number, same as uint16 (length = 16 bits) */
453 typedef USHORT GlyphID;
455 /* Script/language-system/feature index */
456 struct Index : USHORT {
457 static const unsigned int NOT_FOUND_INDEX = 0xFFFF;
459 DEFINE_NULL_DATA (Index, "\xff\xff");
461 /* Offset to a table, same as uint16 (length = 16 bits), Null offset = 0x0000 */
462 typedef USHORT Offset;
464 /* LongOffset to a table, same as uint32 (length = 32 bits), Null offset = 0x00000000 */
465 typedef ULONG LongOffset;
469 struct CheckSum : ULONG
471 static uint32_t CalcTableChecksum (ULONG *Table, uint32_t Length)
474 ULONG *EndPtr = Table+((Length+3) & ~3) / ULONG::static_size;
476 while (Table < EndPtr)
481 DEFINE_SIZE_STATIC (4);
491 inline uint32_t to_int (void) const { return (major << 16) + minor; }
493 inline bool sanitize (hb_sanitize_context_t *c) {
495 return c->check_struct (this);
501 DEFINE_SIZE_STATIC (4);
507 * Template subclasses of Offset and LongOffset that do the dereferencing.
511 template <typename OffsetType, typename Type>
512 struct GenericOffsetTo : OffsetType
514 inline const Type& operator () (const void *base) const
516 unsigned int offset = *this;
517 if (unlikely (!offset)) return Null(Type);
518 return StructAtOffset<Type> (base, offset);
521 inline bool sanitize (hb_sanitize_context_t *c, void *base) {
523 if (unlikely (!c->check_struct (this))) return false;
524 unsigned int offset = *this;
525 if (unlikely (!offset)) return true;
526 Type &obj = StructAtOffset<Type> (base, offset);
527 return likely (obj.sanitize (c)) || neuter (c);
529 template <typename T>
530 inline bool sanitize (hb_sanitize_context_t *c, void *base, T user_data) {
532 if (unlikely (!c->check_struct (this))) return false;
533 unsigned int offset = *this;
534 if (unlikely (!offset)) return true;
535 Type &obj = StructAtOffset<Type> (base, offset);
536 return likely (obj.sanitize (c, user_data)) || neuter (c);
540 /* Set the offset to Null */
541 inline bool neuter (hb_sanitize_context_t *c) {
542 if (c->can_edit (this, this->static_size)) {
543 this->set (0); /* 0 is Null offset */
549 template <typename Base, typename OffsetType, typename Type>
550 inline const Type& operator + (const Base &base, GenericOffsetTo<OffsetType, Type> offset) { return offset (base); }
552 template <typename Type>
553 struct OffsetTo : GenericOffsetTo<Offset, Type> {};
555 template <typename Type>
556 struct LongOffsetTo : GenericOffsetTo<LongOffset, Type> {};
563 template <typename LenType, typename Type>
564 struct GenericArrayOf
566 const Type *sub_array (unsigned int start_offset, unsigned int *pcount /* IN/OUT */) const
568 unsigned int count = len;
569 if (unlikely (start_offset > count))
572 count -= start_offset;
573 count = MIN (count, *pcount);
575 return array + start_offset;
578 inline const Type& operator [] (unsigned int i) const
580 if (unlikely (i >= len)) return Null(Type);
583 inline unsigned int get_size (void) const
584 { return len.static_size + len * Type::static_size; }
586 inline bool sanitize (hb_sanitize_context_t *c) {
588 if (unlikely (!sanitize_shallow (c))) return false;
590 /* Note: for structs that do not reference other structs,
591 * we do not need to call their sanitize() as we already did
592 * a bound check on the aggregate array size. We just include
593 * a small unreachable expression to make sure the structs
594 * pointed to do have a simple sanitize(), ie. they do not
595 * reference other structs via offsets.
597 (void) (false && array[0].sanitize (c));
601 inline bool sanitize (hb_sanitize_context_t *c, void *base) {
603 if (unlikely (!sanitize_shallow (c))) return false;
604 unsigned int count = len;
605 for (unsigned int i = 0; i < count; i++)
606 if (unlikely (!array[i].sanitize (c, base)))
610 template <typename T>
611 inline bool sanitize (hb_sanitize_context_t *c, void *base, T user_data) {
613 if (unlikely (!sanitize_shallow (c))) return false;
614 unsigned int count = len;
615 for (unsigned int i = 0; i < count; i++)
616 if (unlikely (!array[i].sanitize (c, base, user_data)))
622 inline bool sanitize_shallow (hb_sanitize_context_t *c) {
624 return c->check_struct (this)
625 && c->check_array (this, Type::static_size, len);
632 DEFINE_SIZE_ARRAY (sizeof (LenType), array);
635 /* An array with a USHORT number of elements. */
636 template <typename Type>
637 struct ArrayOf : GenericArrayOf<USHORT, Type> {};
639 /* An array with a ULONG number of elements. */
640 template <typename Type>
641 struct LongArrayOf : GenericArrayOf<ULONG, Type> {};
643 /* Array of Offset's */
644 template <typename Type>
645 struct OffsetArrayOf : ArrayOf<OffsetTo<Type> > {};
647 /* Array of LongOffset's */
648 template <typename Type>
649 struct LongOffsetArrayOf : ArrayOf<LongOffsetTo<Type> > {};
651 /* LongArray of LongOffset's */
652 template <typename Type>
653 struct LongOffsetLongArrayOf : LongArrayOf<LongOffsetTo<Type> > {};
655 /* Array of offsets relative to the beginning of the array itself. */
656 template <typename Type>
657 struct OffsetListOf : OffsetArrayOf<Type>
659 inline const Type& operator [] (unsigned int i) const
661 if (unlikely (i >= this->len)) return Null(Type);
662 return this+this->array[i];
665 inline bool sanitize (hb_sanitize_context_t *c) {
667 return OffsetArrayOf<Type>::sanitize (c, this);
669 template <typename T>
670 inline bool sanitize (hb_sanitize_context_t *c, T user_data) {
672 return OffsetArrayOf<Type>::sanitize (c, this, user_data);
677 /* An array with a USHORT number of elements,
678 * starting at second element. */
679 template <typename Type>
680 struct HeadlessArrayOf
682 inline const Type& operator [] (unsigned int i) const
684 if (unlikely (i >= len || !i)) return Null(Type);
687 inline unsigned int get_size (void) const
688 { return len.static_size + (len ? len - 1 : 0) * Type::static_size; }
690 inline bool sanitize_shallow (hb_sanitize_context_t *c) {
691 return c->check_struct (this)
692 && c->check_array (this, Type::static_size, len);
695 inline bool sanitize (hb_sanitize_context_t *c) {
697 if (unlikely (!sanitize_shallow (c))) return false;
699 /* Note: for structs that do not reference other structs,
700 * we do not need to call their sanitize() as we already did
701 * a bound check on the aggregate array size. We just include
702 * a small unreachable expression to make sure the structs
703 * pointed to do have a simple sanitize(), ie. they do not
704 * reference other structs via offsets.
706 (void) (false && array[0].sanitize (c));
714 DEFINE_SIZE_ARRAY (sizeof (USHORT), array);
718 /* An array with sorted elements. Supports binary searching. */
719 template <typename Type>
720 struct SortedArrayOf : ArrayOf<Type> {
722 template <typename SearchType>
723 inline int search (const SearchType &x) const {
725 public: static int cmp (const SearchType *a, const Type *b) { return b->cmp (*a); }
727 const Type *p = (const Type *) bsearch (&x, this->array, this->len, sizeof (this->array[0]), (hb_compare_func_t) Cmp::cmp);
728 return p ? p - this->array : -1;
736 #endif /* HB_OPEN_TYPE_PRIVATE_HH */