#651: M1761233 M1687303 M1633019 M1797336 M1799748 M1801102
This commit is contained in:
Cameron Kaiser
parent
28b4c08821
commit
fb91afbb46
|
|
@ -281,7 +281,7 @@ nsHTMLContentSerializer::AppendElementStart(Element* aElement,
|
||||||
if (ns == kNameSpaceID_XHTML &&
|
if (ns == kNameSpaceID_XHTML &&
|
||||||
(name == nsGkAtoms::script ||
|
(name == nsGkAtoms::script ||
|
||||||
name == nsGkAtoms::style ||
|
name == nsGkAtoms::style ||
|
||||||
name == nsGkAtoms::noscript ||
|
(name == nsGkAtoms::noscript && aElement->OwnerDoc()->IsScriptEnabled()) ||
|
||||||
name == nsGkAtoms::noframes)) {
|
name == nsGkAtoms::noframes)) {
|
||||||
++mDisableEntityEncoding;
|
++mDisableEntityEncoding;
|
||||||
}
|
}
|
||||||
|
|
@ -310,7 +310,7 @@ nsHTMLContentSerializer::AppendElementEnd(Element* aElement,
|
||||||
if (ns == kNameSpaceID_XHTML &&
|
if (ns == kNameSpaceID_XHTML &&
|
||||||
(name == nsGkAtoms::script ||
|
(name == nsGkAtoms::script ||
|
||||||
name == nsGkAtoms::style ||
|
name == nsGkAtoms::style ||
|
||||||
name == nsGkAtoms::noscript ||
|
(name == nsGkAtoms::noscript && aElement->OwnerDoc()->IsScriptEnabled()) ||
|
||||||
name == nsGkAtoms::noframes)) {
|
name == nsGkAtoms::noframes)) {
|
||||||
--mDisableEntityEncoding;
|
--mDisableEntityEncoding;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -74,7 +74,7 @@ pixman_sample_floor_y (pixman_fixed_t y,
|
||||||
|
|
||||||
if (f < Y_FRAC_FIRST (n))
|
if (f < Y_FRAC_FIRST (n))
|
||||||
{
|
{
|
||||||
if (pixman_fixed_to_int (i) == 0x8000)
|
if (pixman_fixed_to_int (i) == 0xffff8000)
|
||||||
{
|
{
|
||||||
f = 0; /* saturate */
|
f = 0; /* saturate */
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -4,18 +4,23 @@
|
||||||
|
|
||||||
#include "vdmx.h"
|
#include "vdmx.h"
|
||||||
|
|
||||||
|
#include <set>
|
||||||
|
|
||||||
// VDMX - Vertical Device Metrics
|
// VDMX - Vertical Device Metrics
|
||||||
// http://www.microsoft.com/typography/otspec/vdmx.htm
|
// http://www.microsoft.com/typography/otspec/vdmx.htm
|
||||||
|
|
||||||
namespace ots {
|
namespace ots {
|
||||||
|
|
||||||
|
#define TABLE_NAME "VDMX"
|
||||||
|
|
||||||
bool OpenTypeVDMX::Parse(const uint8_t *data, size_t length) {
|
bool OpenTypeVDMX::Parse(const uint8_t *data, size_t length) {
|
||||||
Buffer table(data, length);
|
Buffer table(data, length);
|
||||||
|
ots::Font* font = this->GetFont();
|
||||||
|
|
||||||
if (!table.ReadU16(&this->version) ||
|
if (!table.ReadU16(&this->version) ||
|
||||||
!table.ReadU16(&this->num_recs) ||
|
!table.ReadU16(&this->num_recs) ||
|
||||||
!table.ReadU16(&this->num_ratios)) {
|
!table.ReadU16(&this->num_ratios)) {
|
||||||
return Error("Failed to read table header");
|
return Drop("Failed to read table header");
|
||||||
}
|
}
|
||||||
|
|
||||||
if (this->version > 1) {
|
if (this->version > 1) {
|
||||||
|
|
@ -30,7 +35,7 @@ bool OpenTypeVDMX::Parse(const uint8_t *data, size_t length) {
|
||||||
!table.ReadU8(&rec.x_ratio) ||
|
!table.ReadU8(&rec.x_ratio) ||
|
||||||
!table.ReadU8(&rec.y_start_ratio) ||
|
!table.ReadU8(&rec.y_start_ratio) ||
|
||||||
!table.ReadU8(&rec.y_end_ratio)) {
|
!table.ReadU8(&rec.y_end_ratio)) {
|
||||||
return Error("Failed to read RatioRange record %d", i);
|
return Drop("Failed to read RatioRange record %d", i);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (rec.charset > 1) {
|
if (rec.charset > 1) {
|
||||||
|
|
@ -56,17 +61,28 @@ bool OpenTypeVDMX::Parse(const uint8_t *data, size_t length) {
|
||||||
|
|
||||||
this->offsets.reserve(this->num_ratios);
|
this->offsets.reserve(this->num_ratios);
|
||||||
const size_t current_offset = table.offset();
|
const size_t current_offset = table.offset();
|
||||||
|
std::set<uint16_t> unique_offsets;
|
||||||
// current_offset is less than (2 bytes * 3) + (4 bytes * USHRT_MAX) = 256k.
|
// current_offset is less than (2 bytes * 3) + (4 bytes * USHRT_MAX) = 256k.
|
||||||
for (unsigned i = 0; i < this->num_ratios; ++i) {
|
for (unsigned i = 0; i < this->num_ratios; ++i) {
|
||||||
uint16_t offset;
|
uint16_t offset;
|
||||||
if (!table.ReadU16(&offset)) {
|
if (!table.ReadU16(&offset)) {
|
||||||
return Error("Failed to read ratio offset %d", i);
|
return Drop("Failed to read ratio offset %d", i);
|
||||||
}
|
}
|
||||||
if (current_offset + offset >= length) { // thus doesn't overflow.
|
if (current_offset + offset >= length) { // thus doesn't overflow.
|
||||||
return Error("Bad ratio offset %d for ration %d", offset, i);
|
return Drop("Bad ratio offset %d for ration %d", offset, i);
|
||||||
}
|
}
|
||||||
|
|
||||||
this->offsets.push_back(offset);
|
this->offsets.push_back(offset);
|
||||||
|
unique_offsets.insert(offset);
|
||||||
|
}
|
||||||
|
|
||||||
|
// Check that num_recs is sufficient to provide as many VDMXGroup records
|
||||||
|
// as there are unique offsets; if not, update it (we'll return an error
|
||||||
|
// below if they're not actually present).
|
||||||
|
if (unique_offsets.size() > this->num_recs) {
|
||||||
|
OTS_WARNING("increasing num_recs (%u is too small for %u unique offsets)",
|
||||||
|
this->num_recs, unique_offsets.size());
|
||||||
|
this->num_recs = unique_offsets.size();
|
||||||
}
|
}
|
||||||
|
|
||||||
this->groups.reserve(this->num_recs);
|
this->groups.reserve(this->num_recs);
|
||||||
|
|
@ -75,7 +91,7 @@ bool OpenTypeVDMX::Parse(const uint8_t *data, size_t length) {
|
||||||
if (!table.ReadU16(&group.recs) ||
|
if (!table.ReadU16(&group.recs) ||
|
||||||
!table.ReadU8(&group.startsz) ||
|
!table.ReadU8(&group.startsz) ||
|
||||||
!table.ReadU8(&group.endsz)) {
|
!table.ReadU8(&group.endsz)) {
|
||||||
return Error("Failed to read record header %d", i);
|
return Drop("Failed to read record header %d", i);
|
||||||
}
|
}
|
||||||
group.entries.reserve(group.recs);
|
group.entries.reserve(group.recs);
|
||||||
for (unsigned j = 0; j < group.recs; ++j) {
|
for (unsigned j = 0; j < group.recs; ++j) {
|
||||||
|
|
@ -83,7 +99,7 @@ bool OpenTypeVDMX::Parse(const uint8_t *data, size_t length) {
|
||||||
if (!table.ReadU16(&vt.y_pel_height) ||
|
if (!table.ReadU16(&vt.y_pel_height) ||
|
||||||
!table.ReadS16(&vt.y_max) ||
|
!table.ReadS16(&vt.y_max) ||
|
||||||
!table.ReadS16(&vt.y_min)) {
|
!table.ReadS16(&vt.y_min)) {
|
||||||
return Error("Failed to read reacord %d group %d", i, j);
|
return Drop("Failed to read record %d group %d", i, j);
|
||||||
}
|
}
|
||||||
if (vt.y_max < vt.y_min) {
|
if (vt.y_max < vt.y_min) {
|
||||||
return Drop("bad y min/max");
|
return Drop("bad y min/max");
|
||||||
|
|
@ -152,4 +168,6 @@ bool OpenTypeVDMX::Serialize(OTSStream *out) {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#undef TABLE_NAME
|
||||||
|
|
||||||
} // namespace ots
|
} // namespace ots
|
||||||
|
|
|
||||||
|
|
@ -6598,7 +6598,11 @@ PresShell::RecordMouseLocation(WidgetGUIEvent* aEvent)
|
||||||
|
|
||||||
nsIFrame* GetNearestFrameContainingPresShell(nsIPresShell* aPresShell)
|
nsIFrame* GetNearestFrameContainingPresShell(nsIPresShell* aPresShell)
|
||||||
{
|
{
|
||||||
nsView* view = aPresShell->GetViewManager()->GetRootView();
|
nsViewManager* vm = aPresShell->GetViewManager();
|
||||||
|
if (!vm) {
|
||||||
|
return nullptr;
|
||||||
|
}
|
||||||
|
nsView* view = vm->GetRootView();
|
||||||
while (view && !view->GetFrame()) {
|
while (view && !view->GetFrame()) {
|
||||||
view = view->GetParent();
|
view = view->GetParent();
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -826,6 +826,11 @@ MOZ_WIN_MEM_TRY_BEGIN
|
||||||
uint32_t offset = aItem->LocalOffset();
|
uint32_t offset = aItem->LocalOffset();
|
||||||
if (len < ZIPLOCAL_SIZE || offset > len - ZIPLOCAL_SIZE)
|
if (len < ZIPLOCAL_SIZE || offset > len - ZIPLOCAL_SIZE)
|
||||||
return 0;
|
return 0;
|
||||||
|
// Check there's enough space for the signature
|
||||||
|
if (offset > mFd->mLen) {
|
||||||
|
NS_WARNING("Corrupt local offset in JAR file");
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
// -- check signature before using the structure, in case the zip file is corrupt
|
// -- check signature before using the structure, in case the zip file is corrupt
|
||||||
ZipLocal* Local = (ZipLocal*)(data + offset);
|
ZipLocal* Local = (ZipLocal*)(data + offset);
|
||||||
|
|
@ -838,6 +843,11 @@ MOZ_WIN_MEM_TRY_BEGIN
|
||||||
offset += ZIPLOCAL_SIZE +
|
offset += ZIPLOCAL_SIZE +
|
||||||
xtoint(Local->filename_len) +
|
xtoint(Local->filename_len) +
|
||||||
xtoint(Local->extrafield_len);
|
xtoint(Local->extrafield_len);
|
||||||
|
// Check data points inside the file.
|
||||||
|
if (offset > mFd->mLen) {
|
||||||
|
NS_WARNING("Corrupt local offset in JAR file");
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
return offset;
|
return offset;
|
||||||
MOZ_WIN_MEM_TRY_CATCH(return 0)
|
MOZ_WIN_MEM_TRY_CATCH(return 0)
|
||||||
|
|
|
||||||
|
|
@ -786,6 +786,14 @@ parserCreate(const XML_Char *encodingName,
|
||||||
parserInit(parser, encodingName);
|
parserInit(parser, encodingName);
|
||||||
|
|
||||||
if (encodingName && !protocolEncodingName) {
|
if (encodingName && !protocolEncodingName) {
|
||||||
|
if (dtd) {
|
||||||
|
// We need to stop the upcoming call to XML_ParserFree from happily
|
||||||
|
// destroying parser->m_dtd because the DTD is shared with the parent
|
||||||
|
// parser and the only guard that keeps XML_ParserFree from destroying
|
||||||
|
// parser->m_dtd is parser->m_isParamEntity but it will be set to
|
||||||
|
// XML_TRUE only later in XML_ExternalEntityParserCreate (or not at all).
|
||||||
|
parser->m_dtd = NULL;
|
||||||
|
}
|
||||||
XML_ParserFree(parser);
|
XML_ParserFree(parser);
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue