[ft-devel] b70 - Re: those OVERFLOW_* macros and Fontval b69 (Re: Freetype-devel Digest, Vol 149, Issue 5

[Hin-Tak Leung]

Thanks for the tips about the gcc builtins. So this is what I am doing - and it 
is working great against the google fuzz'ed fonts which triggers those code 
paths:

===
#undef ADD_LONG
...
static FT_Long check_ADD_LONG( TT_ExecContext exec, FT_ULong a, FT_ULong b )
{
  int tmp;
  if ( __builtin_sadd_overflow( a, b, &tmp) )
    DIAGNOSTICS( "_rast_E_MATH_OVERFLOW", exec );
  return a + b;
}
...
#define ADD_LONG(a, b) check_ADD_LONG(exc, (a), (b))
===

That's b69 done. There is only one last thing which the older proprietary 
fontval backend does which the new one does not: warning about manipulating 
non-twilight points in preprograms.

I didn't add it because it is a bit broad in scope and perhaps checks at a lot 
of different places needed to be added. But a year on, I think it is perhaps 
not too hard: since there is no instruction which move points between the 
zones, all I need to do is to place a check where new points are created, which 
is only about 5 instructions, the M*P instructions. Not all of the M*P 
instructions are capable of creating new points, some only move existing points.

So I think FontVal 2.1 will be b70 - i.e. can emit a warning message for 
everything that the old backend sees, and a bit more. Hurray!

OTOH, the gcc macros requires gcc 5.x onwards - this is a bit unfortunate since 
the mac os x backend I built uses a gcc 4.2.x based cross-compiler... I am a 
bit reluctant to switch compiler and/or build elsewhere :-(. I'll think about 
this some more...

There are also a few things I wanted to include in 2.1 - e.g. some DSIG 
enhancements...

--------------------------------------------
On Mon, 5/6/17, Markus Trippelsdorf <address@hidden> wrote:
 
> BTW are you aware of gcc's
> and clang's built-in functions that perform
> arithmetic with overflow checking? Maybe they
> could help.
> https://gcc.gnu.org/onlinedocs/gcc/Integer-Overflow-Builtins.html