review.tizen.org Git - framework/uifw/harfbuzz.git/commit

author	Behdad Esfahbod <behdad@behdad.org>
	Tue, 16 Mar 2010 07:46:17 +0000 (03:46 -0400)
committer	Behdad Esfahbod <behdad@behdad.org>
	Wed, 21 Apr 2010 05:41:29 +0000 (01:41 -0400)
commit	4b8487d83e0c10076a6c573cb3487790ce366607
tree	d4f5452c7a79b93a701b3a587d6a63782227f977	tree \| snapshot
parent	9b39755d104603d1163738f77637cc1923d4055b	commit \| diff

Fix the mystery bug!

A couple bugs joined forces to exhibit the mystery behavior of
crashes / infinite loops on OS X / wrong kerning / invalid memory
access.  Pooh!

The bugs were involved:

  - Wrong pointer math with ValueRecord in PairPosFormat1

  - Fallout from avoiding flex arrays, code not correctly updated
    to remove sizeof() usage.

We strictly never use sizeof() directly now.  And the PairPos code
is cleaned up.  Should fix them all.  Bugs are:

  Bug 605655 - Pango 1.26.2 introduces kerning bug
  Bug 611229 - Pango reads from uninitialized memory
  Bug 593240 - (pangoosx) Crash / infinite loop with Mac OS X

We were also doing wrong math converting Device adjustments to
hb_position_t.  Fallout from FreeType days.  Should shift 16, not
6.  Fixed that too.

There's still another bug: we don't sanitize Device records
referenced from value records.  Fixing that also.

src/hb-open-file-private.hh		diff \| blob \| history
src/hb-open-type-private.hh		diff \| blob \| history
src/hb-ot-layout-common-private.hh		diff \| blob \| history
src/hb-ot-layout-gpos-private.hh		diff \| blob \| history
src/hb-ot-layout-gsubgpos-private.hh		diff \| blob \| history