/*
* Copyright (C) 2007,2008,2009,2010 Red Hat, Inc.
*
- * This is part of HarfBuzz, an OpenType Layout engine library.
+ * This is part of HarfBuzz, a text shaping library.
*
* Permission is hereby granted, without written agreement and without
* license or royalty fees, to use, copy, modify, and distribute this
#include "hb-blob.h"
-#define NO_INDEX ((unsigned int) 0xFFFF)
-
/*
* Casts
*/
-template <typename Type> const char * ConstCharP (const Type X) { return reinterpret_cast<const char *>(X); }
-template <typename Type> char * CharP (Type X) { return reinterpret_cast<char *>(X); }
-template <typename Type> char * DeConstCharP (const Type X) { return (char *) reinterpret_cast<const char *>(X); }
-
-#define CONST_CAST(T,X,Ofs) (*(reinterpret_cast<const T *>(ConstCharP(&(X)) + Ofs)))
-#define DECONST_CAST(T,X,Ofs) (*(reinterpret_cast<T *>((char *)ConstCharP(&(X)) + Ofs)))
-#define CAST(T,X,Ofs) (*(reinterpret_cast<T *>(CharP(&(X)) + Ofs)))
+/* Cast to struct T, reference to reference */
+template<typename Type, typename TObject>
+inline const Type& CastR(const TObject &X)
+{ return reinterpret_cast<const Type&> (X); }
+template<typename Type, typename TObject>
+inline Type& CastR(TObject &X)
+{ return reinterpret_cast<Type&> (X); }
+
+/* Cast to struct T, pointer to pointer */
+template<typename Type, typename TObject>
+inline const Type* CastP(const TObject *X)
+{ return reinterpret_cast<const Type*> (X); }
+template<typename Type, typename TObject>
+inline Type* CastP(TObject *X)
+{ return reinterpret_cast<Type*> (X); }
+
+/* StructAtOffset<T>(P,Ofs) returns the struct T& that is placed at memory
+ * location pointed to by P plus Ofs bytes. */
+template<typename Type>
+inline const Type& StructAtOffset(const void *P, unsigned int offset)
+{ return * reinterpret_cast<const Type*> ((const char *) P + offset); }
+template<typename Type>
+inline Type& StructAtOffset(void *P, unsigned int offset)
+{ return * reinterpret_cast<Type*> ((char *) P + offset); }
+
+/* StructAfter<T>(X) returns the struct T& that is placed after X.
+ * Works with X of variable size also. X must implement get_size() */
+template<typename Type, typename TObject>
+inline const Type& StructAfter(const TObject &X)
+{ return StructAtOffset<Type>(&X, X.get_size()); }
+template<typename Type, typename TObject>
+inline Type& StructAfter(TObject &X)
+{ return StructAtOffset<Type>(&X, X.get_size()); }
-#define CONST_NEXT(T,X) (*(reinterpret_cast<const T *>(ConstCharP(&(X)) + (X).get_size ())))
-#define NEXT(T,X) (*(reinterpret_cast<T *>(CharP(&(X)) + (X).get_size ())))
-#define CONST_ARRAY_AFTER(T,X) ((reinterpret_cast<const T *>(ConstCharP(&(X)) + X.get_size ())))
-#define ARRAY_AFTER(T,X) ((reinterpret_cast<T *>(CharP(&(X)) + X.get_size ())))
/*
- * Class features
+ * Size checking
*/
+#define _DEFINE_SIZE_ASSERTION(_assertion) \
+ inline void _size_assertion (void) const \
+ { ASSERT_STATIC (_assertion); }
+
+
+#define DEFINE_SIZE_STATIC(size) \
+ _DEFINE_SIZE_ASSERTION (sizeof (*this) == (size)); \
+ static const unsigned int static_size = (size); \
+ static const unsigned int min_size = (size)
+
+/* Size signifying variable-sized array */
+#define VAR 1
+
+#define DEFINE_SIZE_UNION(size, _member) \
+ _DEFINE_SIZE_ASSERTION (this->u._member.static_size == (size)); \
+ static const unsigned int min_size = (size)
+
+#define DEFINE_SIZE_MIN(size) \
+ _DEFINE_SIZE_ASSERTION (sizeof (*this) >= (size)); \
+ static const unsigned int min_size = (size)
-/* Null objects */
+#define DEFINE_SIZE_ARRAY(size, array) \
+ _DEFINE_SIZE_ASSERTION (sizeof (*this) == (size) + array[0].static_size); \
+ static const unsigned int min_size = (size)
+
+#define DEFINE_SIZE_ARRAY2(size, array1, array2) \
+ _DEFINE_SIZE_ASSERTION (sizeof (*this) == (size) + this->array1[0].static_size + this->array2[0].static_size); \
+ static const unsigned int min_size = (size)
+
+
+
+/*
+ * Null objects
+ */
/* Global nul-content Null pool. Enlarge as necessary. */
static const void *_NullPool[32 / sizeof (void *)];
-/* Generic template for nul-content sizeof-sized Null objects. */
+/* Generic nul-content Null objects. */
template <typename Type>
static inline const Type& Null () {
- ASSERT_STATIC (sizeof (Type) <= sizeof (_NullPool));
- return CONST_CAST (Type, *_NullPool, 0);
+ ASSERT_STATIC (Type::min_size <= sizeof (_NullPool));
+ return *CastP<Type> (_NullPool);
}
/* Specializaiton for arbitrary-content arbitrary-sized Null objects. */
-#define DEFINE_NULL_DATA(Type, size, data) \
-static const char _Null##Type[size + 1] = data; \
+#define DEFINE_NULL_DATA(Type, data) \
+static const char _Null##Type[Type::min_size + 1] = data; /* +1 is for nul-termination in data */ \
template <> \
inline const Type& Null<Type> () { \
- return CONST_CAST (Type, *_Null##Type, 0); \
-}
+ return *CastP<Type> (_Null##Type); \
+} /* The following line really exists such that we end in a place needing semicolon */ \
+ASSERT_STATIC (Type::min_size + 1 <= sizeof (_Null##Type))
/* Accessor macro. */
#define Null(Type) Null<Type>()
-/* get_for_data() is a static class method returning a reference to an
- * instance of Type located at the input data location. It's just a
- * fancy, NULL-safe, cast! */
-#define STATIC_DEFINE_GET_FOR_DATA(Type) \
- static inline const Type& get_for_data (const char *data) \
- { \
- if (HB_UNLIKELY (data == NULL)) return Null(Type); \
- return CONST_CAST (Type, *data, 0); \
- }
-/* Like get_for_data(), but checks major version first. */
-#define STATIC_DEFINE_GET_FOR_DATA_CHECK_MAJOR_VERSION(Type, MajorMin, MajorMax) \
- static inline const Type& get_for_data (const char *data) \
- { \
- if (HB_UNLIKELY (data == NULL)) return Null(Type); \
- const Type& t = CONST_CAST (Type, *data, 0); \
- if (HB_UNLIKELY (t.version.major < MajorMin || t.version.major > MajorMax)) return Null(Type); \
- return t; \
- }
-
-
/*
- * Sanitize
+ * Trace
*/
-#ifndef HB_DEBUG_SANITIZE
-#define HB_DEBUG_SANITIZE HB_DEBUG
-#endif
-
-#if HB_DEBUG_SANITIZE
-#include <stdio.h>
-#define TRACE_SANITIZE_ARG_DEF , unsigned int sanitize_depth HB_GNUC_UNUSED
-#define TRACE_SANITIZE_ARG , sanitize_depth + 1
-#define TRACE_SANITIZE_ARG_INIT , 1
-#define TRACE_SANITIZE() \
- HB_STMT_START { \
- if (sanitize_depth < HB_DEBUG_SANITIZE) \
- fprintf (stderr, "SANITIZE(%p) %-*d-> %s\n", \
- (ConstCharP (this) == ConstCharP (&NullPool)) ? 0 : this, \
- sanitize_depth, sanitize_depth, \
- __PRETTY_FUNCTION__); \
- } HB_STMT_END
-#else
-#define TRACE_SANITIZE_ARG_DEF
-#define TRACE_SANITIZE_ARG
-#define TRACE_SANITIZE_ARG_INIT
-#define TRACE_SANITIZE() HB_STMT_START {} HB_STMT_END
-#endif
-#define SANITIZE_ARG_DEF \
- hb_sanitize_context_t *context TRACE_SANITIZE_ARG_DEF
-#define SANITIZE_ARG \
- context TRACE_SANITIZE_ARG
-#define SANITIZE_ARG_INIT \
- &context TRACE_SANITIZE_ARG_INIT
+template <int max_depth>
+struct hb_trace_t {
+ explicit hb_trace_t (unsigned int *pdepth, const char *what, const char *function, const void *obj) : pdepth(pdepth) {
+ if (*pdepth < max_depth)
+ fprintf (stderr, "%s(%p) %-*d-> %s\n", what, obj, *pdepth, *pdepth, function);
+ if (max_depth) ++*pdepth;
+ }
+ ~hb_trace_t (void) { if (max_depth) --*pdepth; }
-typedef struct _hb_sanitize_context_t hb_sanitize_context_t;
-struct _hb_sanitize_context_t
-{
- const char *start, *end;
- int edit_count;
- hb_blob_t *blob;
+ private:
+ unsigned int *pdepth;
+};
+template <> /* Optimize when tracing is disabled */
+struct hb_trace_t<0> {
+ explicit hb_trace_t (unsigned int *pdepth, const char *what, const char *function, const void *obj) {}
};
-static HB_GNUC_UNUSED void
-_hb_sanitize_init (hb_sanitize_context_t *context,
- hb_blob_t *blob)
-{
- context->blob = blob;
- context->start = hb_blob_lock (blob);
- context->end = context->start + hb_blob_get_length (blob);
- context->edit_count = 0;
-
-#if HB_DEBUG_SANITIZE
- fprintf (stderr, "sanitize %p init [%p..%p] (%u bytes)\n",
- context->blob, context->start, context->end, context->end - context->start);
-#endif
-}
-static HB_GNUC_UNUSED void
-_hb_sanitize_fini (hb_sanitize_context_t *context,
- bool unlock)
-{
-#if HB_DEBUG_SANITIZE
- fprintf (stderr, "sanitize %p fini [%p..%p] %u edit requests\n",
- context->blob, context->start, context->end, context->edit_count);
-#endif
- if (unlock)
- hb_blob_unlock (context->blob);
-}
+/*
+ * Sanitize
+ */
-static HB_GNUC_UNUSED inline bool
-_hb_sanitize_check (SANITIZE_ARG_DEF,
- const char *base,
- unsigned int len)
-{
- bool ret = context->start <= base &&
- base <= context->end &&
- (unsigned int) (context->end - base) >= len;
-
-#if HB_DEBUG_SANITIZE
- if (sanitize_depth < HB_DEBUG_SANITIZE) \
- fprintf (stderr, "SANITIZE(%p) %-*d-> check [%p..%p] (%d bytes) in [%p..%p] -> %s\n", \
- base,
- sanitize_depth, sanitize_depth,
- base, base+len, len,
- context->start, context->end,
- ret ? "pass" : "FAIL");
+#ifndef HB_DEBUG_SANITIZE
+#define HB_DEBUG_SANITIZE HB_DEBUG+0
#endif
- return ret;
-}
-static HB_GNUC_UNUSED inline bool
-_hb_sanitize_array (SANITIZE_ARG_DEF,
- const char *base,
- unsigned int record_size,
- unsigned int len)
-{
- bool overflows = len >= ((unsigned int) -1) / record_size;
-
-#if HB_DEBUG_SANITIZE
- if (sanitize_depth < HB_DEBUG_SANITIZE) \
- fprintf (stderr, "SANITIZE(%p) %-*d-> array [%p..%p] (%d*%d=%ld bytes) in [%p..%p] -> %s\n", \
- base,
- sanitize_depth, sanitize_depth,
- base, base + (record_size * len), record_size, len, (unsigned long) record_size * len,
- context->start, context->end,
- !overflows ? "does not overflow" : "OVERFLOWS FAIL");
-#endif
- return HB_LIKELY (!overflows) && _hb_sanitize_check (SANITIZE_ARG, base, record_size * len);
-}
-static HB_GNUC_UNUSED inline bool
-_hb_sanitize_edit (SANITIZE_ARG_DEF,
- const char *base HB_GNUC_UNUSED,
- unsigned int len HB_GNUC_UNUSED)
+#define TRACE_SANITIZE() \
+ hb_trace_t<HB_DEBUG_SANITIZE> trace (&context->debug_depth, "SANITIZE", HB_FUNC, this); \
+
+
+struct hb_sanitize_context_t
{
- bool perm = hb_blob_try_writable_inplace (context->blob);
- context->edit_count++;
-
-#if HB_DEBUG_SANITIZE
- fprintf (stderr, "SANITIZE(%p) %-*d-> edit(%u) [%p..%p] (%d bytes) in [%p..%p] -> %s\n", \
- base,
- sanitize_depth, sanitize_depth,
- context->edit_count,
- base, base+len, len,
- context->start, context->end,
- perm ? "granted" : "REJECTED");
-#endif
- return perm;
-}
+ inline void init (hb_blob_t *blob)
+ {
+ this->blob = hb_blob_reference (blob);
+ this->start = hb_blob_lock (blob);
+ this->end = this->start + hb_blob_get_length (blob);
+ this->writable = hb_blob_is_writable (blob);
+ this->edit_count = 0;
+ this->debug_depth = 0;
+
+ if (HB_DEBUG_SANITIZE)
+ fprintf (stderr, "sanitize %p init [%p..%p] (%u bytes)\n",
+ this->blob, this->start, this->end, this->end - this->start);
+ }
-#define SANITIZE(X) HB_LIKELY ((X).sanitize (SANITIZE_ARG))
-#define SANITIZE2(X,Y) (SANITIZE (X) && SANITIZE (Y))
+ inline void finish (void)
+ {
+ if (HB_DEBUG_SANITIZE)
+ fprintf (stderr, "sanitize %p fini [%p..%p] %u edit requests\n",
+ this->blob, this->start, this->end, this->edit_count);
+
+ hb_blob_unlock (this->blob);
+ hb_blob_destroy (this->blob);
+ this->blob = NULL;
+ this->start = this->end = NULL;
+ }
-#define SANITIZE_THIS(X) HB_LIKELY ((X).sanitize (SANITIZE_ARG, ConstCharP(this)))
-#define SANITIZE_THIS2(X,Y) (SANITIZE_THIS (X) && SANITIZE_THIS (Y))
-#define SANITIZE_THIS3(X,Y,Z) (SANITIZE_THIS (X) && SANITIZE_THIS (Y) && SANITIZE_THIS(Z))
+ inline bool check_range (const void *base, unsigned int len) const
+ {
+ const char *p = (const char *) base;
+ bool ret = this->start <= p &&
+ p <= this->end &&
+ (unsigned int) (this->end - p) >= len;
+
+ if (HB_DEBUG_SANITIZE && (int) this->debug_depth < (int) HB_DEBUG_SANITIZE) \
+ fprintf (stderr, "SANITIZE(%p) %-*d-> range [%p..%p] (%d bytes) in [%p..%p] -> %s\n", \
+ p,
+ this->debug_depth, this->debug_depth,
+ p, p + len, len,
+ this->start, this->end,
+ ret ? "pass" : "FAIL");
+
+ return likely (ret);
+ }
-#define SANITIZE_BASE(X,B) HB_LIKELY ((X).sanitize (SANITIZE_ARG, B))
-#define SANITIZE_BASE2(X,Y,B) (SANITIZE_BASE (X,B) && SANITIZE_BASE (Y,B))
+ inline bool check_array (const void *base, unsigned int record_size, unsigned int len) const
+ {
+ const char *p = (const char *) base;
+ bool overflows = len >= ((unsigned int) -1) / record_size;
+
+ if (HB_DEBUG_SANITIZE && (int) this->debug_depth < (int) HB_DEBUG_SANITIZE)
+ fprintf (stderr, "SANITIZE(%p) %-*d-> array [%p..%p] (%d*%d=%ld bytes) in [%p..%p] -> %s\n", \
+ p,
+ this->debug_depth, this->debug_depth,
+ p, p + (record_size * len), record_size, len, (unsigned long) record_size * len,
+ this->start, this->end,
+ !overflows ? "does not overflow" : "OVERFLOWS FAIL");
+
+ return likely (!overflows && this->check_range (base, record_size * len));
+ }
-#define SANITIZE_SELF() SANITIZE_OBJ (*this)
-#define SANITIZE_OBJ(X) SANITIZE_MEM(&(X), sizeof (X))
-#define SANITIZE_GET_SIZE() SANITIZE_SELF() && SANITIZE_MEM (this, this->get_size ())
+ template <typename Type>
+ inline bool check_struct (const Type *obj) const
+ {
+ return likely (this->check_range (obj, obj->min_size));
+ }
-#define SANITIZE_MEM(B,L) HB_LIKELY (_hb_sanitize_check (SANITIZE_ARG, ConstCharP(B), (L)))
+ inline bool can_edit (const void *base HB_UNUSED, unsigned int len HB_UNUSED)
+ {
+ const char *p = (const char *) base;
+ this->edit_count++;
+
+ if (HB_DEBUG_SANITIZE && (int) this->debug_depth < (int) HB_DEBUG_SANITIZE)
+ fprintf (stderr, "SANITIZE(%p) %-*d-> edit(%u) [%p..%p] (%d bytes) in [%p..%p] -> %s\n", \
+ p,
+ this->debug_depth, this->debug_depth,
+ this->edit_count,
+ p, p + len, len,
+ this->start, this->end,
+ this->writable ? "granted" : "REJECTED");
+
+ return this->writable;
+ }
-#define SANITIZE_ARRAY(A,S,L) HB_LIKELY (_hb_sanitize_array (SANITIZE_ARG, ConstCharP(A), S, L))
+ unsigned int debug_depth;
+ const char *start, *end;
+ bool writable;
+ unsigned int edit_count;
+ hb_blob_t *blob;
+};
-#define NEUTER(Var, Val) \
- (SANITIZE_OBJ (Var) && \
- _hb_sanitize_edit (SANITIZE_ARG, ConstCharP(&(Var)), sizeof (Var)) && \
- ((Var).set (Val), true))
/* Template to sanitize an object. */
struct Sanitizer
{
static hb_blob_t *sanitize (hb_blob_t *blob) {
- hb_sanitize_context_t context;
+ hb_sanitize_context_t context[1] = {{0}};
bool sane;
/* TODO is_sane() stuff */
retry:
-#if HB_DEBUG_SANITIZE
- fprintf (stderr, "Sanitizer %p start %s\n", blob, __PRETTY_FUNCTION__);
-#endif
+ if (HB_DEBUG_SANITIZE)
+ fprintf (stderr, "Sanitizer %p start %s\n", blob, HB_FUNC);
+
+ context->init (blob);
- _hb_sanitize_init (&context, blob);
+ if (unlikely (!context->start)) {
+ context->finish ();
+ return blob;
+ }
- Type *t = &CAST (Type, *DeConstCharP(context.start), 0);
+ Type *t = CastP<Type> (const_cast<char *> (context->start));
- sane = t->sanitize (SANITIZE_ARG_INIT);
+ sane = t->sanitize (context);
if (sane) {
- if (context.edit_count) {
-#if HB_DEBUG_SANITIZE
- fprintf (stderr, "Sanitizer %p passed first round with %d edits; going a second round %s\n",
- blob, context.edit_count, __PRETTY_FUNCTION__);
-#endif
+ if (context->edit_count) {
+ if (HB_DEBUG_SANITIZE)
+ fprintf (stderr, "Sanitizer %p passed first round with %d edits; doing a second round %s\n",
+ blob, context->edit_count, HB_FUNC);
+
/* sanitize again to ensure no toe-stepping */
- context.edit_count = 0;
- sane = t->sanitize (SANITIZE_ARG_INIT);
- if (context.edit_count) {
-#if HB_DEBUG_SANITIZE
- fprintf (stderr, "Sanitizer %p requested %d edits in second round; FAILLING %s\n",
- blob, context.edit_count, __PRETTY_FUNCTION__);
-#endif
+ context->edit_count = 0;
+ sane = t->sanitize (context);
+ if (context->edit_count) {
+ if (HB_DEBUG_SANITIZE)
+ fprintf (stderr, "Sanitizer %p requested %d edits in second round; FAILLING %s\n",
+ blob, context->edit_count, HB_FUNC);
sane = false;
}
}
- _hb_sanitize_fini (&context, true);
+ context->finish ();
} else {
- unsigned int edit_count = context.edit_count;
- _hb_sanitize_fini (&context, true);
+ unsigned int edit_count = context->edit_count;
+ context->finish ();
if (edit_count && !hb_blob_is_writable (blob) && hb_blob_try_writable (blob)) {
/* ok, we made it writable by relocating. try again */
-#if HB_DEBUG_SANITIZE
- fprintf (stderr, "Sanitizer %p retry %s\n", blob, __PRETTY_FUNCTION__);
-#endif
+ if (HB_DEBUG_SANITIZE)
+ fprintf (stderr, "Sanitizer %p retry %s\n", blob, HB_FUNC);
goto retry;
}
}
-#if HB_DEBUG_SANITIZE
- fprintf (stderr, "Sanitizer %p %s %s\n", blob, sane ? "passed" : "FAILED", __PRETTY_FUNCTION__);
-#endif
+ if (HB_DEBUG_SANITIZE)
+ fprintf (stderr, "Sanitizer %p %s %s\n", blob, sane ? "passed" : "FAILED", HB_FUNC);
if (sane)
return blob;
else {
}
}
- static const Type& lock_instance (hb_blob_t *blob) {
- return Type::get_for_data (hb_blob_lock (blob));
+ static const Type* lock_instance (hb_blob_t *blob) {
+ const char *base = hb_blob_lock (blob);
+ return unlikely (!base) ? &Null(Type) : CastP<Type> (base);
}
};
+
+
/*
*
* The OpenType Font File: Data Types
template <typename Type, int Bytes> class BEInt;
+/* LONGTERMTODO: On machines allowing unaligned access, we can make the
+ * following tighter by using byteswap instructions on ints directly. */
template <typename Type>
class BEInt<Type, 2>
{
public:
- inline void put (Type i) { hb_be_uint16_put (v,i); }
- inline Type get () const { return hb_be_uint16_get (v); }
- inline bool cmp (const BEInt<Type, 2> o) const { return hb_be_uint16_cmp (v, o.v); }
+ inline class BEInt<Type,2>& operator = (Type i) { hb_be_uint16_put (v,i); return *this; }
+ inline operator Type () const { return hb_be_uint16_get (v); }
+ inline bool operator == (const BEInt<Type, 2>& o) const { return hb_be_uint16_cmp (v, o.v); }
+ inline bool operator != (const BEInt<Type, 2>& o) const { return !(*this == o); }
private: uint8_t v[2];
};
template <typename Type>
class BEInt<Type, 4>
{
public:
- inline void put (Type i) { hb_be_uint32_put (v,i); }
- inline Type get () const { return hb_be_uint32_get (v); }
- inline bool cmp (const BEInt<Type, 4> o) const { return hb_be_uint32_cmp (v, o.v); }
+ inline class BEInt<Type,4>& operator = (Type i) { hb_be_uint32_put (v,i); return *this; }
+ inline operator Type () const { return hb_be_uint32_get (v); }
+ inline bool operator == (const BEInt<Type, 4>& o) const { return hb_be_uint32_cmp (v, o.v); }
+ inline bool operator != (const BEInt<Type, 4>& o) const { return !(*this == o); }
private: uint8_t v[4];
};
+/* Integer types in big-endian order and no alignment requirement */
template <typename Type>
struct IntType
{
- static inline unsigned int get_size () { return sizeof (Type); }
- inline void set (Type i) { v.put (i); }
- inline operator Type(void) const { return v.get (); }
- inline bool operator == (const IntType<Type> &o) const { return v.cmp (o.v); }
- inline bool sanitize (SANITIZE_ARG_DEF) {
+ inline void set (Type i) { v = i; }
+ inline operator Type(void) const { return v; }
+ inline bool operator == (const IntType<Type> &o) const { return v == o.v; }
+ inline bool operator != (const IntType<Type> &o) const { return v != o.v; }
+ inline bool sanitize (hb_sanitize_context_t *context) {
TRACE_SANITIZE ();
- return SANITIZE_SELF ();
+ return context->check_struct (this);
}
- private: BEInt<Type, sizeof (Type)> v;
+ protected:
+ BEInt<Type, sizeof (Type)> v;
+ public:
+ DEFINE_SIZE_STATIC (sizeof (Type));
};
typedef IntType<uint16_t> USHORT; /* 16-bit unsigned integer. */
typedef IntType<uint32_t> ULONG; /* 32-bit unsigned integer. */
typedef IntType<int32_t> LONG; /* 32-bit signed integer. */
-ASSERT_SIZE (USHORT, 2);
-ASSERT_SIZE (SHORT, 2);
-ASSERT_SIZE (ULONG, 4);
-ASSERT_SIZE (LONG, 4);
-
/* Array of four uint8s (length = 32 bits) used to identify a script, language
* system, feature, or baseline */
struct Tag : ULONG
{
/* What the char* converters return is NOT nul-terminated. Print using "%.4s" */
- inline operator const char* (void) const { return ConstCharP(this); }
- inline operator char* (void) { return CharP(this); }
-
- inline bool sanitize (SANITIZE_ARG_DEF) {
- TRACE_SANITIZE ();
- /* Note: Only accept ASCII-visible tags (mind DEL)
- * This is one of the few places (only place?) that we check
- * for data integrity, as opposed to just boundary checks.
- */
- return SANITIZE_SELF () && (((uint32_t) *this) & 0x80808080) == 0;
- }
+ inline operator const char* (void) const { return reinterpret_cast<const char *> (&this->v); }
+ inline operator char* (void) { return reinterpret_cast<char *> (&this->v); }
+ public:
+ DEFINE_SIZE_STATIC (4);
};
-ASSERT_SIZE (Tag, 4);
-DEFINE_NULL_DATA (Tag, 4, " ");
+DEFINE_NULL_DATA (Tag, " ");
/* Glyph index number, same as uint16 (length = 16 bits) */
typedef USHORT GlyphID;
+/* Script/language-system/feature index */
+struct Index : USHORT {
+ static const unsigned int NOT_FOUND_INDEX = 0xFFFF;
+};
+DEFINE_NULL_DATA (Index, "\xff\xff");
+
/* Offset to a table, same as uint16 (length = 16 bits), Null offset = 0x0000 */
typedef USHORT Offset;
static uint32_t CalcTableChecksum (ULONG *Table, uint32_t Length)
{
uint32_t Sum = 0L;
- ULONG *EndPtr = Table+((Length+3) & ~3) / ULONG::get_size ();
+ ULONG *EndPtr = Table+((Length+3) & ~3) / ULONG::static_size;
while (Table < EndPtr)
Sum += *Table++;
return Sum;
}
+ public:
+ DEFINE_SIZE_STATIC (4);
};
-ASSERT_SIZE (CheckSum, 4);
/*
{
inline operator uint32_t (void) const { return (major << 16) + minor; }
- inline bool sanitize (SANITIZE_ARG_DEF) {
+ inline bool sanitize (hb_sanitize_context_t *context) {
TRACE_SANITIZE ();
- return SANITIZE_SELF ();
+ return context->check_struct (this);
}
USHORT major;
USHORT minor;
+ public:
+ DEFINE_SIZE_STATIC (4);
};
-ASSERT_SIZE (FixedVersion, 4);
/*
* Template subclasses of Offset and LongOffset that do the dereferencing.
- * Use: (this+memberName)
+ * Use: (base+offset)
*/
template <typename OffsetType, typename Type>
inline const Type& operator () (const void *base) const
{
unsigned int offset = *this;
- if (HB_UNLIKELY (!offset)) return Null(Type);
- return CONST_CAST(Type, *ConstCharP(base), offset);
+ if (unlikely (!offset)) return Null(Type);
+ return StructAtOffset<Type> (base, offset);
}
- inline bool sanitize (SANITIZE_ARG_DEF, const void *base) {
+ inline bool sanitize (hb_sanitize_context_t *context, void *base) {
TRACE_SANITIZE ();
- if (!SANITIZE_SELF ()) return false;
+ if (!context->check_struct (this)) return false;
unsigned int offset = *this;
- if (HB_UNLIKELY (!offset)) return true;
- return SANITIZE (CAST(Type, *DeConstCharP(base), offset)) || NEUTER (DECONST_CAST(OffsetType,*this,0), 0);
+ if (unlikely (!offset)) return true;
+ Type &obj = StructAtOffset<Type> (base, offset);
+ return likely (obj.sanitize (context)) || neuter (context);
}
- inline bool sanitize (SANITIZE_ARG_DEF, const void *base, const void *base2) {
+ template <typename T>
+ inline bool sanitize (hb_sanitize_context_t *context, void *base, T user_data) {
TRACE_SANITIZE ();
- if (!SANITIZE_SELF ()) return false;
+ if (!context->check_struct (this)) return false;
unsigned int offset = *this;
- if (HB_UNLIKELY (!offset)) return true;
- return SANITIZE_BASE (CAST(Type, *DeConstCharP(base), offset), base2) || NEUTER (DECONST_CAST(OffsetType,*this,0), 0);
+ if (unlikely (!offset)) return true;
+ Type &obj = StructAtOffset<Type> (base, offset);
+ return likely (obj.sanitize (context, user_data)) || neuter (context);
}
- inline bool sanitize (SANITIZE_ARG_DEF, const void *base, unsigned int user_data) {
- TRACE_SANITIZE ();
- if (!SANITIZE_SELF ()) return false;
- unsigned int offset = *this;
- if (HB_UNLIKELY (!offset)) return true;
- return SANITIZE_BASE (CAST(Type, *DeConstCharP(base), offset), user_data) || NEUTER (DECONST_CAST(OffsetType,*this,0), 0);
+
+ private:
+ /* Set the offset to Null */
+ inline bool neuter (hb_sanitize_context_t *context) {
+ if (context->can_edit (this, this->static_size)) {
+ this->set (0); /* 0 is Null offset */
+ return true;
+ }
+ return false;
}
};
template <typename Base, typename OffsetType, typename Type>
template <typename LenType, typename Type>
struct GenericArrayOf
{
- const Type *const_array(void) const { return CONST_ARRAY_AFTER (Type, len); }
- Type *array(void) { return ARRAY_AFTER (Type, len); }
-
- const Type *const_sub_array (unsigned int start_offset, unsigned int *pcount /* IN/OUT */) const
+ const Type *sub_array (unsigned int start_offset, unsigned int *pcount /* IN/OUT */) const
{
unsigned int count = len;
- if (HB_UNLIKELY (start_offset > count))
+ if (unlikely (start_offset > count))
count = 0;
else
count -= start_offset;
count = MIN (count, *pcount);
*pcount = count;
- return const_array() + start_offset;
+ return array + start_offset;
}
inline const Type& operator [] (unsigned int i) const
{
- if (HB_UNLIKELY (i >= len)) return Null(Type);
- return const_array()[i];
+ if (unlikely (i >= len)) return Null(Type);
+ return array[i];
}
inline unsigned int get_size () const
- { return len.get_size () + len * Type::get_size (); }
+ { return len.static_size + len * Type::static_size; }
- inline bool sanitize (SANITIZE_ARG_DEF) {
+ inline bool sanitize (hb_sanitize_context_t *context) {
TRACE_SANITIZE ();
- if (!SANITIZE_GET_SIZE()) return false;
+ if (!likely (sanitize_shallow (context))) return false;
/* Note: for structs that do not reference other structs,
* we do not need to call their sanitize() as we already did
* a bound check on the aggregate array size, hence the return.
* other structs. */
unsigned int count = len;
for (unsigned int i = 0; i < count; i++)
- if (!SANITIZE (array()[i]))
+ if (array[i].sanitize (context))
return false;
return true;
}
- inline bool sanitize (SANITIZE_ARG_DEF, const void *base) {
+ inline bool sanitize (hb_sanitize_context_t *context, void *base) {
TRACE_SANITIZE ();
- if (!SANITIZE_GET_SIZE()) return false;
+ if (!likely (sanitize_shallow (context))) return false;
unsigned int count = len;
for (unsigned int i = 0; i < count; i++)
- if (!array()[i].sanitize (SANITIZE_ARG, base))
+ if (!array[i].sanitize (context, base))
return false;
return true;
}
- inline bool sanitize (SANITIZE_ARG_DEF, const void *base, const void *base2) {
+ template <typename T>
+ inline bool sanitize (hb_sanitize_context_t *context, void *base, T user_data) {
TRACE_SANITIZE ();
- if (!SANITIZE_GET_SIZE()) return false;
+ if (!likely (sanitize_shallow (context))) return false;
unsigned int count = len;
for (unsigned int i = 0; i < count; i++)
- if (!array()[i].sanitize (SANITIZE_ARG, base, base2))
+ if (!array[i].sanitize (context, base, user_data))
return false;
return true;
}
- inline bool sanitize (SANITIZE_ARG_DEF, const void *base, unsigned int user_data) {
+
+ private:
+ inline bool sanitize_shallow (hb_sanitize_context_t *context) {
TRACE_SANITIZE ();
- if (!SANITIZE_GET_SIZE()) return false;
- unsigned int count = len;
- for (unsigned int i = 0; i < count; i++)
- if (!array()[i].sanitize (SANITIZE_ARG, base, user_data))
- return false;
- return true;
+ return context->check_struct (this)
+ && context->check_array (this, Type::static_size, len);
}
+ public:
LenType len;
-/*Type array[VAR];*/
+ Type array[VAR];
+ public:
+ DEFINE_SIZE_ARRAY (sizeof (LenType), array);
};
/* An array with a USHORT number of elements. */
{
inline const Type& operator [] (unsigned int i) const
{
- if (HB_UNLIKELY (i >= this->len)) return Null(Type);
- return this+this->const_array()[i];
+ if (unlikely (i >= this->len)) return Null(Type);
+ return this+this->array[i];
}
- inline bool sanitize (SANITIZE_ARG_DEF) {
+ inline bool sanitize (hb_sanitize_context_t *context) {
TRACE_SANITIZE ();
- return OffsetArrayOf<Type>::sanitize (SANITIZE_ARG, ConstCharP(this));
+ return OffsetArrayOf<Type>::sanitize (context, this);
}
- inline bool sanitize (SANITIZE_ARG_DEF, unsigned int user_data) {
+ template <typename T>
+ inline bool sanitize (hb_sanitize_context_t *context, T user_data) {
TRACE_SANITIZE ();
- return OffsetArrayOf<Type>::sanitize (SANITIZE_ARG, ConstCharP(this), user_data);
+ return OffsetArrayOf<Type>::sanitize (context, this, user_data);
}
};
template <typename Type>
struct HeadlessArrayOf
{
- const Type *const_array(void) const { return CONST_ARRAY_AFTER (Type, len); }
- Type *array(void) { return ARRAY_AFTER (Type, len); }
-
inline const Type& operator [] (unsigned int i) const
{
- if (HB_UNLIKELY (i >= len || !i)) return Null(Type);
- return const_array()[i-1];
+ if (unlikely (i >= len || !i)) return Null(Type);
+ return array[i-1];
}
inline unsigned int get_size () const
- { return len.get_size () + (len ? len - 1 : 0) * Type::get_size (); }
+ { return len.static_size + (len ? len - 1 : 0) * Type::static_size; }
- inline bool sanitize (SANITIZE_ARG_DEF) {
+ inline bool sanitize_shallow (hb_sanitize_context_t *context) {
+ return context->check_struct (this)
+ && context->check_array (this, Type::static_size, len);
+ }
+
+ inline bool sanitize (hb_sanitize_context_t *context) {
TRACE_SANITIZE ();
- if (!SANITIZE_GET_SIZE()) return false;
+ if (!likely (sanitize_shallow (context))) return false;
/* Note: for structs that do not reference other structs,
* we do not need to call their sanitize() as we already did
* a bound check on the aggregate array size, hence the return.
* to do have a simple sanitize(), ie. they do not reference
* other structs. */
unsigned int count = len ? len - 1 : 0;
- Type *a = array();
+ Type *a = array;
for (unsigned int i = 0; i < count; i++)
- if (!SANITIZE (a[i]))
+ if (!a[i].sanitize (context))
return false;
return true;
}
USHORT len;
-/*Type array[VAR];*/
+ Type array[VAR];
+ public:
+ DEFINE_SIZE_ARRAY (sizeof (USHORT), array);
};