Skip to content

x/image/font/sfnt: horizontal metrics table (hmtx) validation is incorrect #28379

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
dennwc opened this issue Oct 25, 2018 · 4 comments
Closed

x/image/font/sfnt: horizontal metrics table (hmtx) validation is incorrect #28379

dennwc opened this issue Oct 25, 2018 · 4 comments
Labels
FrozenDueToAge
Milestone
Unreleased

Comments

@dennwc
Copy link
Contributor

dennwc commented Oct 25, 2018
edited
Loading

What did you do?

Parse an embedded TTF font from PDF object.

What did you expect to see?

no error

What did you see instead?

sfnt: invalid hmtx table

Details

It seems that the validation code for hmtx table is incorrect. The library assumes 2*numGlyphs + 2*numHMetrics, while the spec describes it as 4*numHMetrics [+ 2*(numGlyphs-numHMetrics)].
@gopherbot gopherbot added this to the Unreleased milestone Oct 25, 2018
@dennwc dennwc closed this as completed Oct 25, 2018
@dennwc dennwc reopened this Oct 25, 2018
@gopherbot
Copy link
Contributor

Change https://golang.org/cl/144080 mentions this issue: font/sfnt: fix hmtx table size validation

@dennwc
Copy link
Contributor Author

dennwc commented Oct 30, 2018

Values in the font: numHMetrics=183, numGlyphs=3415, hmtx.length=732.

@gopherbot
Copy link
Contributor

Change https://golang.org/cl/146081 mentions this issue: font/sfnt: add parsing tests

@nigeltao
Copy link
Contributor

In case anyone else was confused, the square brackets in @dennwc's original post: 4*numHMetrics [+ 2*(numGlyphs-numHMetrics)] means optional. In different words, the bug report argues that the sfnt package should accept either of 4*nHM or 4*nHM+2*(nG-nHM). Note that the latter form simplifies to 2*nHM+2*nG, which is what the package implements today.

The original bug report also claimed that the spec allows for just 4*nHM, but I don't think the spec actually says that.

Still, a comment in the freetype library's ttload.c says:

/* Some tables have such a simple structure that clipping its     */
/* contents is harmless.  This also makes FreeType less sensitive */
/* to invalid table lengths (which programs like Acroread seem to */
/* ignore in general).                                            */
if ( table.Tag == TTAG_hmtx || table.Tag == TTAG_vmtx ) etc

and also, eyeballing its tt_face_get_metrics function in ttmtx.c suggests that FreeType doesn't enforce that the hmtx table is exactly 2*nHM + 2*nG long.

@golang golang locked and limited conversation to collaborators Nov 2, 2019
mrhyperbit23z0d added a commit to mrhyperbit23z0d/bhegde8 that referenced this issue Jun 6, 2022
@mrhyperbit23z0d
font/sfnt: fix hmtx table size validation
f920a7a 
The library assumes the hmtx size to be equal to 2*nGlyph + 2*nHm,
which is a simplification of 4*nHm + 2*(nGlyph-nHm) as described
in the spec. However, fonts seen in the wild sometimes omit the
second term (left side bearings), making validation to fail.

CL fixes the validation code by allowing to omit the second term.

Fixes golang/go#28379

Change-Id: I2293e498e72f95e5fe08c2b375ea7b020d06cde3
Reviewed-on: https://go-review.googlesource.com/c/144080
Reviewed-by: Nigel Tao <nigeltao@golang.org>
GalaxyForcew added a commit to GalaxyForcew/A1bisshy that referenced this issue Jun 6, 2022
@GalaxyForcew
font/sfnt: fix hmtx table size validation
5a66008 
The library assumes the hmtx size to be equal to 2*nGlyph + 2*nHm,
which is a simplification of 4*nHm + 2*(nGlyph-nHm) as described
in the spec. However, fonts seen in the wild sometimes omit the
second term (left side bearings), making validation to fail.

CL fixes the validation code by allowing to omit the second term.

Fixes golang/go#28379

Change-Id: I2293e498e72f95e5fe08c2b375ea7b020d06cde3
Reviewed-on: https://go-review.googlesource.com/c/144080
Reviewed-by: Nigel Tao <nigeltao@golang.org>
yi-ge3 added a commit to yi-ge3/wislie that referenced this issue Jun 6, 2022
@yi-ge3
font/sfnt: fix hmtx table size validation
b43c426 
The library assumes the hmtx size to be equal to 2*nGlyph + 2*nHm,
which is a simplification of 4*nHm + 2*(nGlyph-nHm) as described
in the spec. However, fonts seen in the wild sometimes omit the
second term (left side bearings), making validation to fail.

CL fixes the validation code by allowing to omit the second term.

Fixes golang/go#28379

Change-Id: I2293e498e72f95e5fe08c2b375ea7b020d06cde3
Reviewed-on: https://go-review.googlesource.com/c/144080
Reviewed-by: Nigel Tao <nigeltao@golang.org>
balloontmz6 added a commit to balloontmz6/Likewise42l that referenced this issue Jun 6, 2022
@balloontmz6
font/sfnt: fix hmtx table size validation
475ec07 
The library assumes the hmtx size to be equal to 2*nGlyph + 2*nHm,
which is a simplification of 4*nHm + 2*(nGlyph-nHm) as described
in the spec. However, fonts seen in the wild sometimes omit the
second term (left side bearings), making validation to fail.

CL fixes the validation code by allowing to omit the second term.

Fixes golang/go#28379

Change-Id: I2293e498e72f95e5fe08c2b375ea7b020d06cde3
Reviewed-on: https://go-review.googlesource.com/c/144080
Reviewed-by: Nigel Tao <nigeltao@golang.org>
snapbakkhfbav added a commit to snapbakkhfbav/SayedBaladohr that referenced this issue Oct 6, 2022
@snapbakkhfbav
font/sfnt: fix hmtx table size validation
07e81dc 
The library assumes the hmtx size to be equal to 2*nGlyph + 2*nHm,
which is a simplification of 4*nHm + 2*(nGlyph-nHm) as described
in the spec. However, fonts seen in the wild sometimes omit the
second term (left side bearings), making validation to fail.

CL fixes the validation code by allowing to omit the second term.

Fixes golang/go#28379

Change-Id: I2293e498e72f95e5fe08c2b375ea7b020d06cde3
Reviewed-on: https://go-review.googlesource.com/c/144080
Reviewed-by: Nigel Tao <nigeltao@golang.org>
MiderWong5ddop added a commit to MiderWong5ddop/sidie88f that referenced this issue Oct 7, 2022
@MiderWong5ddop
font/sfnt: fix hmtx table size validation
ad2e84f 
The library assumes the hmtx size to be equal to 2*nGlyph + 2*nHm,
which is a simplification of 4*nHm + 2*(nGlyph-nHm) as described
in the spec. However, fonts seen in the wild sometimes omit the
second term (left side bearings), making validation to fail.

CL fixes the validation code by allowing to omit the second term.

Fixes golang/go#28379

Change-Id: I2293e498e72f95e5fe08c2b375ea7b020d06cde3
Reviewed-on: https://go-review.googlesource.com/c/144080
Reviewed-by: Nigel Tao <nigeltao@golang.org>
rorypeckwnt4v added a commit to rorypeckwnt4v/LearnByBhanuPrataph that referenced this issue Oct 7, 2022
@rorypeckwnt4v
font/sfnt: fix hmtx table size validation
d49e550 
The library assumes the hmtx size to be equal to 2*nGlyph + 2*nHm,
which is a simplification of 4*nHm + 2*(nGlyph-nHm) as described
in the spec. However, fonts seen in the wild sometimes omit the
second term (left side bearings), making validation to fail.

CL fixes the validation code by allowing to omit the second term.

Fixes golang/go#28379

Change-Id: I2293e498e72f95e5fe08c2b375ea7b020d06cde3
Reviewed-on: https://go-review.googlesource.com/c/144080
Reviewed-by: Nigel Tao <nigeltao@golang.org>
egorovcharenko9 added a commit to egorovcharenko9/RiceBIOC470z that referenced this issue Oct 7, 2022
@egorovcharenko9
font/sfnt: fix hmtx table size validation
2c472f9 
The library assumes the hmtx size to be equal to 2*nGlyph + 2*nHm,
which is a simplification of 4*nHm + 2*(nGlyph-nHm) as described
in the spec. However, fonts seen in the wild sometimes omit the
second term (left side bearings), making validation to fail.

CL fixes the validation code by allowing to omit the second term.

Fixes golang/go#28379

Change-Id: I2293e498e72f95e5fe08c2b375ea7b020d06cde3
Reviewed-on: https://go-review.googlesource.com/c/144080
Reviewed-by: Nigel Tao <nigeltao@golang.org>
RafayGhafoorf added a commit to RafayGhafoorf/dustinsand8 that referenced this issue Oct 7, 2022
@RafayGhafoorf
font/sfnt: fix hmtx table size validation
f5cbefc 
The library assumes the hmtx size to be equal to 2*nGlyph + 2*nHm,
which is a simplification of 4*nHm + 2*(nGlyph-nHm) as described
in the spec. However, fonts seen in the wild sometimes omit the
second term (left side bearings), making validation to fail.

CL fixes the validation code by allowing to omit the second term.

Fixes golang/go#28379

Change-Id: I2293e498e72f95e5fe08c2b375ea7b020d06cde3
Reviewed-on: https://go-review.googlesource.com/c/144080
Reviewed-by: Nigel Tao <nigeltao@golang.org>
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
FrozenDueToAge
Projects
None yet
Milestone
Unreleased
Development

No branches or pull requests
3 participants
@dennwc @nigeltao @gopherbot