read_fonts/tables/
sbix.rs

1//! The [sbix (Standard Bitmap Graphics)](https://docs.microsoft.com/en-us/typography/opentype/spec/sbix) table
2
3include!("../../generated/generated_sbix.rs");
4
5impl<'a> Strike<'a> {
6    pub fn glyph_data(&self, glyph_id: GlyphId) -> Result<Option<GlyphData<'a>>, ReadError> {
7        let offsets = self.glyph_data_offsets();
8        let start_ix = glyph_id.to_u32() as usize;
9        let start = offsets.get(start_ix).ok_or(ReadError::OutOfBounds)?.get() as usize;
10        let end = offsets
11            .get(start_ix + 1)
12            .ok_or(ReadError::OutOfBounds)?
13            .get() as usize;
14        if start == end {
15            // Empty glyphs are okay
16            return Ok(None);
17        }
18        let data = self
19            .offset_data()
20            .slice(start..end)
21            .ok_or(ReadError::OutOfBounds)?;
22        Ok(Some(GlyphData::read(data)?))
23    }
24}
25
26#[cfg(test)]
27mod tests {
28    use font_test_data::bebuffer::BeBuffer;
29
30    use crate::tables::sbix::Sbix;
31
32    #[test]
33    fn sbix_strikes_count_overflow_table() {
34        // Contains an invalid `num_strikes` values which would move the cursor outside the able.
35        // See https://issues.chromium.org/issues/347835680 for the ClusterFuzz report.
36        // Failure only reproduces on 32-bit, for example, run with:
37        // cargo test --target=i686-unknown-linux-gnu "sbix_strikes_count_overflow_table"
38        let sbix = BeBuffer::new()
39            .push(1u16) // version
40            .push(0u16) // flags
41            .push(u32::MAX); // num_strikes
42
43        let table = Sbix::read(sbix.data().into(), 5);
44        // Must not panic with "attempt to multiply with overflow".
45        assert!(table.is_err());
46    }
47}
read_fonts/tables/sbix.rs

read_fonts/tables/
sbix.rs
