From cda326cc113050a4bf184fe2fc0342ec4402acd9 Mon Sep 17 00:00:00 2001 From: prr Date: Fri, 26 Apr 2013 15:06:51 -0700 Subject: 8012617: ArrayIndexOutOfBoundsException with some fonts using LineBreakMeasurer Reviewed-by: bae, srl --- .../native/sun/font/layout/ContextualSubstSubtables.cpp | 12 ++++++++++++ .../sun/font/layout/CursiveAttachmentSubtables.cpp | 2 +- src/share/native/sun/font/layout/ExtensionSubtables.cpp | 6 +++--- src/share/native/sun/font/layout/ExtensionSubtables.h | 3 ++- .../native/sun/font/layout/GlyphPosnLookupProc.cpp | 2 +- .../native/sun/font/layout/GlyphSubstLookupProc.cpp | 2 +- .../native/sun/font/layout/LigatureSubstSubtables.cpp | 4 ++++ .../native/sun/font/layout/MarkToBasePosnSubtables.cpp | 4 ++++ .../sun/font/layout/MarkToLigaturePosnSubtables.cpp | 4 ++++ .../native/sun/font/layout/MarkToMarkPosnSubtables.cpp | 4 ++++ .../native/sun/font/layout/MultipleSubstSubtables.cpp | 4 ++++ .../native/sun/font/layout/PairPositioningSubtables.cpp | 5 +++++ .../sun/font/layout/SinglePositioningSubtables.cpp | 6 ++++++ .../sun/font/layout/SingleSubstitutionSubtables.cpp | 6 ++++++ src/share/native/sun/font/layout/SunLayoutEngine.cpp | 17 ++++++++++------- 15 files changed, 67 insertions(+), 14 deletions(-) (limited to 'src/share/native/sun') diff --git a/src/share/native/sun/font/layout/ContextualSubstSubtables.cpp b/src/share/native/sun/font/layout/ContextualSubstSubtables.cpp index 5446f9beb..8711f6348 100644 --- a/src/share/native/sun/font/layout/ContextualSubstSubtables.cpp +++ b/src/share/native/sun/font/layout/ContextualSubstSubtables.cpp @@ -218,6 +218,9 @@ le_uint32 ContextualSubstitutionFormat1Subtable::process(const LookupProcessor * LEGlyphID glyph = glyphIterator->getCurrGlyphID(); le_int32 coverageIndex = getGlyphCoverage(lookupProcessor->getReference(), glyph, success); + if (LE_FAILURE(success)) { + return 0; + } if (coverageIndex >= 0) { le_uint16 srSetCount = SWAPW(subRuleSetCount); @@ -267,6 +270,9 @@ le_uint32 ContextualSubstitutionFormat2Subtable::process(const LookupProcessor * LEGlyphID glyph = glyphIterator->getCurrGlyphID(); le_int32 coverageIndex = getGlyphCoverage(lookupProcessor->getReference(), glyph, success); + if (LE_FAILURE(success)) { + return 0; + } if (coverageIndex >= 0) { const ClassDefinitionTable *classDefinitionTable = @@ -395,6 +401,9 @@ le_uint32 ChainingContextualSubstitutionFormat1Subtable::process(const LookupPro LEGlyphID glyph = glyphIterator->getCurrGlyphID(); le_int32 coverageIndex = getGlyphCoverage(lookupProcessor->getReference(), glyph, success); + if (LE_FAILURE(success)) { + return 0; + } if (coverageIndex >= 0) { le_uint16 srSetCount = SWAPW(chainSubRuleSetCount); @@ -466,6 +475,9 @@ le_uint32 ChainingContextualSubstitutionFormat2Subtable::process(const LookupPro LEGlyphID glyph = glyphIterator->getCurrGlyphID(); le_int32 coverageIndex = getGlyphCoverage(lookupProcessor->getReference(), glyph, success); + if (LE_FAILURE(success)) { + return 0; + } if (coverageIndex >= 0) { const ClassDefinitionTable *backtrackClassDefinitionTable = diff --git a/src/share/native/sun/font/layout/CursiveAttachmentSubtables.cpp b/src/share/native/sun/font/layout/CursiveAttachmentSubtables.cpp index ff8ac3bed..5d338e85f 100644 --- a/src/share/native/sun/font/layout/CursiveAttachmentSubtables.cpp +++ b/src/share/native/sun/font/layout/CursiveAttachmentSubtables.cpp @@ -45,7 +45,7 @@ le_uint32 CursiveAttachmentSubtable::process(const LEReferenceTo= eeCount) { + if (coverageIndex < 0 || coverageIndex >= eeCount || LE_FAILURE(success)) { glyphIterator->setCursiveGlyph(); return 0; } diff --git a/src/share/native/sun/font/layout/ExtensionSubtables.cpp b/src/share/native/sun/font/layout/ExtensionSubtables.cpp index 76d945d02..81056db9c 100644 --- a/src/share/native/sun/font/layout/ExtensionSubtables.cpp +++ b/src/share/native/sun/font/layout/ExtensionSubtables.cpp @@ -44,10 +44,10 @@ U_NAMESPACE_BEGIN #define READ_LONG(code) (le_uint32)((SWAPW(*(le_uint16*)&code) << 16) + SWAPW(*(((le_uint16*)&code) + 1))) // FIXME: should look at the format too... maybe have a sub-class for it? -le_uint32 ExtensionSubtable::process(const LookupProcessor *lookupProcessor, le_uint16 lookupType, +le_uint32 ExtensionSubtable::process(const LEReferenceTo &thisRef, + const LookupProcessor *lookupProcessor, le_uint16 lookupType, GlyphIterator *glyphIterator, const LEFontInstance *fontInstance, LEErrorCode& success) const { - const LEReferenceTo thisRef(lookupProcessor->getReference(), success); // create a reference to this if (LE_FAILURE(success)) { return 0; @@ -57,7 +57,7 @@ le_uint32 ExtensionSubtable::process(const LookupProcessor *lookupProcessor, le_ if (elt != lookupType) { le_uint32 extOffset = READ_LONG(extensionOffset); - LEReferenceTo subtable(thisRef, success, extOffset); + LEReferenceTo subtable(thisRef, success, extOffset); if(LE_SUCCESS(success)) { return lookupProcessor->applySubtable(subtable, elt, glyphIterator, fontInstance, success); diff --git a/src/share/native/sun/font/layout/ExtensionSubtables.h b/src/share/native/sun/font/layout/ExtensionSubtables.h index 47476fc98..d629ade7a 100644 --- a/src/share/native/sun/font/layout/ExtensionSubtables.h +++ b/src/share/native/sun/font/layout/ExtensionSubtables.h @@ -52,7 +52,8 @@ struct ExtensionSubtable //: GlyphSubstitutionSubtable le_uint16 extensionLookupType; le_uint32 extensionOffset; - le_uint32 process(const LookupProcessor *lookupProcessor, le_uint16 lookupType, + le_uint32 process(const LEReferenceTo &extRef, + const LookupProcessor *lookupProcessor, le_uint16 lookupType, GlyphIterator *glyphIterator, const LEFontInstance *fontInstance, LEErrorCode& success) const; }; diff --git a/src/share/native/sun/font/layout/GlyphPosnLookupProc.cpp b/src/share/native/sun/font/layout/GlyphPosnLookupProc.cpp index 08b6c048e..9c6666d47 100644 --- a/src/share/native/sun/font/layout/GlyphPosnLookupProc.cpp +++ b/src/share/native/sun/font/layout/GlyphPosnLookupProc.cpp @@ -168,7 +168,7 @@ le_uint32 GlyphPositioningLookupProcessor::applySubtable(const LEReferenceTo subtable(lookupSubtable, success); - delta = subtable->process(this, lookupType, glyphIterator, fontInstance, success); + delta = subtable->process(subtable, this, lookupType, glyphIterator, fontInstance, success); break; } diff --git a/src/share/native/sun/font/layout/GlyphSubstLookupProc.cpp b/src/share/native/sun/font/layout/GlyphSubstLookupProc.cpp index d7b65aa86..d4fe59075 100644 --- a/src/share/native/sun/font/layout/GlyphSubstLookupProc.cpp +++ b/src/share/native/sun/font/layout/GlyphSubstLookupProc.cpp @@ -139,7 +139,7 @@ le_uint32 GlyphSubstitutionLookupProcessor::applySubtable(const LEReferenceTo subtable(lookupSubtable, success); - delta = subtable->process(this, lookupType, glyphIterator, fontInstance, success); + delta = subtable->process(subtable, this, lookupType, glyphIterator, fontInstance, success); break; } diff --git a/src/share/native/sun/font/layout/LigatureSubstSubtables.cpp b/src/share/native/sun/font/layout/LigatureSubstSubtables.cpp index 46e808f2b..3a036c507 100644 --- a/src/share/native/sun/font/layout/LigatureSubstSubtables.cpp +++ b/src/share/native/sun/font/layout/LigatureSubstSubtables.cpp @@ -45,6 +45,10 @@ le_uint32 LigatureSubstitutionSubtable::process(const LETableReference &base, Gl LEGlyphID glyph = glyphIterator->getCurrGlyphID(); le_int32 coverageIndex = getGlyphCoverage(base, glyph, success); + if (LE_FAILURE(success)) { + return 0; + } + if (coverageIndex >= 0) { Offset ligSetTableOffset = SWAPW(ligSetTableOffsetArray[coverageIndex]); const LigatureSetTable *ligSetTable = (const LigatureSetTable *) ((char *) this + ligSetTableOffset); diff --git a/src/share/native/sun/font/layout/MarkToBasePosnSubtables.cpp b/src/share/native/sun/font/layout/MarkToBasePosnSubtables.cpp index 2878981b6..50df2704a 100644 --- a/src/share/native/sun/font/layout/MarkToBasePosnSubtables.cpp +++ b/src/share/native/sun/font/layout/MarkToBasePosnSubtables.cpp @@ -56,6 +56,10 @@ le_int32 MarkToBasePositioningSubtable::process(const LETableReference &base, Gl LEGlyphID markGlyph = glyphIterator->getCurrGlyphID(); le_int32 markCoverage = getGlyphCoverage(base, (LEGlyphID) markGlyph, success); + if (LE_FAILURE(success)) { + return 0; + } + if (markCoverage < 0) { // markGlyph isn't a covered mark glyph return 0; diff --git a/src/share/native/sun/font/layout/MarkToLigaturePosnSubtables.cpp b/src/share/native/sun/font/layout/MarkToLigaturePosnSubtables.cpp index 8e93e079a..ab21f86d1 100644 --- a/src/share/native/sun/font/layout/MarkToLigaturePosnSubtables.cpp +++ b/src/share/native/sun/font/layout/MarkToLigaturePosnSubtables.cpp @@ -55,6 +55,10 @@ le_int32 MarkToLigaturePositioningSubtable::process(const LETableReference &base LEGlyphID markGlyph = glyphIterator->getCurrGlyphID(); le_int32 markCoverage = getGlyphCoverage(base, (LEGlyphID) markGlyph, success); + if (LE_FAILURE(success)) { + return 0; + } + if (markCoverage < 0) { // markGlyph isn't a covered mark glyph return 0; diff --git a/src/share/native/sun/font/layout/MarkToMarkPosnSubtables.cpp b/src/share/native/sun/font/layout/MarkToMarkPosnSubtables.cpp index aa0bcd43c..b06a287e5 100644 --- a/src/share/native/sun/font/layout/MarkToMarkPosnSubtables.cpp +++ b/src/share/native/sun/font/layout/MarkToMarkPosnSubtables.cpp @@ -56,6 +56,10 @@ le_int32 MarkToMarkPositioningSubtable::process(const LETableReference &base, Gl LEGlyphID markGlyph = glyphIterator->getCurrGlyphID(); le_int32 markCoverage = getGlyphCoverage(base, (LEGlyphID) markGlyph, success); + if (LE_FAILURE(success)) { + return 0; + } + if (markCoverage < 0) { // markGlyph isn't a covered mark glyph return 0; diff --git a/src/share/native/sun/font/layout/MultipleSubstSubtables.cpp b/src/share/native/sun/font/layout/MultipleSubstSubtables.cpp index 9d72ca8a1..af94e623b 100644 --- a/src/share/native/sun/font/layout/MultipleSubstSubtables.cpp +++ b/src/share/native/sun/font/layout/MultipleSubstSubtables.cpp @@ -61,6 +61,10 @@ le_uint32 MultipleSubstitutionSubtable::process(const LETableReference &base, Gl le_int32 coverageIndex = getGlyphCoverage(base, glyph, success); le_uint16 seqCount = SWAPW(sequenceCount); + if (LE_FAILURE(success)) { + return 0; + } + if (coverageIndex >= 0 && coverageIndex < seqCount) { Offset sequenceTableOffset = SWAPW(sequenceTableOffsetArray[coverageIndex]); const SequenceTable *sequenceTable = (const SequenceTable *) ((char *) this + sequenceTableOffset); diff --git a/src/share/native/sun/font/layout/PairPositioningSubtables.cpp b/src/share/native/sun/font/layout/PairPositioningSubtables.cpp index e54004692..bba2b8707 100644 --- a/src/share/native/sun/font/layout/PairPositioningSubtables.cpp +++ b/src/share/native/sun/font/layout/PairPositioningSubtables.cpp @@ -126,6 +126,11 @@ le_uint32 PairPositioningFormat2Subtable::process(const LEReferenceTogetCurrGlyphID(); le_int32 coverageIndex = getGlyphCoverage(base, firstGlyph, success); + + if (LE_FAILURE(success)) { + return 0; + } + GlyphIterator tempIterator(*glyphIterator); if (coverageIndex >= 0 && glyphIterator->next()) { diff --git a/src/share/native/sun/font/layout/SinglePositioningSubtables.cpp b/src/share/native/sun/font/layout/SinglePositioningSubtables.cpp index 1e2d257a6..2d2fe342c 100644 --- a/src/share/native/sun/font/layout/SinglePositioningSubtables.cpp +++ b/src/share/native/sun/font/layout/SinglePositioningSubtables.cpp @@ -70,6 +70,9 @@ le_uint32 SinglePositioningFormat1Subtable::process(const LEReferenceTogetCurrGlyphID(); le_int32 coverageIndex = getGlyphCoverage(base, glyph, success); + if (LE_FAILURE(success)) { + return 0; + } if (coverageIndex >= 0) { valueRecord.adjustPosition(SWAPW(valueFormat), (const char *) this, *glyphIterator, fontInstance); @@ -84,6 +87,9 @@ le_uint32 SinglePositioningFormat2Subtable::process(const LEReferenceTogetCurrGlyphID(); le_int16 coverageIndex = (le_int16) getGlyphCoverage(base, glyph, success); + if (LE_FAILURE(success)) { + return 0; + } if (coverageIndex >= 0) { valueRecordArray[0].adjustPosition(coverageIndex, SWAPW(valueFormat), (const char *) this, *glyphIterator, fontInstance); diff --git a/src/share/native/sun/font/layout/SingleSubstitutionSubtables.cpp b/src/share/native/sun/font/layout/SingleSubstitutionSubtables.cpp index 681958cf5..c32377d50 100644 --- a/src/share/native/sun/font/layout/SingleSubstitutionSubtables.cpp +++ b/src/share/native/sun/font/layout/SingleSubstitutionSubtables.cpp @@ -69,6 +69,9 @@ le_uint32 SingleSubstitutionFormat1Subtable::process(const LEReferenceTogetCurrGlyphID(); le_int32 coverageIndex = getGlyphCoverage(base, glyph, success); + if (LE_FAILURE(success)) { + return 0; + } if (coverageIndex >= 0) { TTGlyphID substitute = ((TTGlyphID) LE_GET_GLYPH(glyph)) + SWAPW(deltaGlyphID); @@ -87,6 +90,9 @@ le_uint32 SingleSubstitutionFormat2Subtable::process(const LEReferenceTogetCurrGlyphID(); le_int32 coverageIndex = getGlyphCoverage(base, glyph, success); + if (LE_FAILURE(success)) { + return 0; + } if (coverageIndex >= 0) { TTGlyphID substitute = SWAPW(substituteArray[coverageIndex]); diff --git a/src/share/native/sun/font/layout/SunLayoutEngine.cpp b/src/share/native/sun/font/layout/SunLayoutEngine.cpp index c7db94829..b32f2601b 100644 --- a/src/share/native/sun/font/layout/SunLayoutEngine.cpp +++ b/src/share/native/sun/font/layout/SunLayoutEngine.cpp @@ -203,16 +203,19 @@ JNIEXPORT void JNICALL Java_sun_font_SunLayoutEngine_nativeLayout getFloat(env, pt, x, y); jboolean rtl = (typo_flags & TYPO_RTL) != 0; int glyphCount = engine->layoutChars(chars, start - min, limit - start, len, rtl, x, y, success); - // fprintf(stderr, "sle nl len %d -> gc: %d\n", len, glyphCount); fflush(stderr); + // fprintf(stderr, "sle nl len %d -> gc: %d\n", len, glyphCount); fflush(stderr); engine->getGlyphPosition(glyphCount, x, y, success); - // fprintf(stderr, "layout glyphs: %d x: %g y: %g\n", glyphCount, x, y); fflush(stderr); - - if (putGV(env, gmask, baseIndex, gvdata, engine, glyphCount)) { - // !!! hmmm, could use current value in positions array of GVData... - putFloat(env, pt, x, y); - } + // fprintf(stderr, "layout glyphs: %d x: %g y: %g\n", glyphCount, x, y); fflush(stderr); + if (LE_FAILURE(success)) { + env->SetIntField(gvdata, gvdCountFID, -1); // flag failure + } else { + if (putGV(env, gmask, baseIndex, gvdata, engine, glyphCount)) { + // !!! hmmm, could use current value in positions array of GVData... + putFloat(env, pt, x, y); + } + } if (chars != buffer) { free(chars); -- cgit v1.2.3