Browse Source

Fix wild access to font structures when rendering non-ascii unicode characters.

tickets/22/22/1
rarified 3 years ago
parent
commit
7499f2f037
  1. 48
      Sources/Plasma/PubUtilLib/plGImage/plFont.cpp

48
Sources/Plasma/PubUtilLib/plGImage/plFont.cpp

@ -288,7 +288,16 @@ void plFont::IRenderString( plMipmap *mip, UInt16 x, UInt16 y, const wchar_t *st
if( justCalc ) if( justCalc )
{ {
plCharacter &ch = fCharacters[ (UInt16)string[ 0 ] - fFirstChar ]; UInt16 ixFC = (UInt16)L' ' - fFirstChar;
if (fCharacters.Count() <= ((UInt16)string[0] - fFirstChar)) {
UInt16 w = wctob((UInt16)string[0]);
if ((w != EOF) && (fCharacters.Count() > (w - fFirstChar)))
ixFC = w - fFirstChar;
} else {
ixFC = (UInt16)string[0] - fFirstChar;
}
plCharacter &ch = fCharacters[ixFC];
fRenderInfo.fX = fRenderInfo.fFarthestX = x - (Int16)ch.fLeftKern; fRenderInfo.fX = fRenderInfo.fFarthestX = x - (Int16)ch.fLeftKern;
if( fRenderInfo.fX < 0 ) if( fRenderInfo.fX < 0 )
fRenderInfo.fX = 0; fRenderInfo.fX = 0;
@ -387,7 +396,16 @@ void plFont::IRenderString( plMipmap *mip, UInt16 x, UInt16 y, const wchar_t *st
// Just calculating, no wrapping, so the max is as far as we can go // Just calculating, no wrapping, so the max is as far as we can go
// Note: 32767 isn't quite right, since we'll be adding the left kern in before we // Note: 32767 isn't quite right, since we'll be adding the left kern in before we
// calc the first character, so adjust so we make sure we don't underflow // calc the first character, so adjust so we make sure we don't underflow
plCharacter &ch = fCharacters[ (UInt16)(UInt8)string[ 0 ] - fFirstChar ]; UInt16 ixFC = (UInt16)L' ' - fFirstChar;
if (fCharacters.Count() <= ((UInt16)string[0] - fFirstChar)) {
UInt16 w = wctob((UInt16)string[0]);
if ((w != EOF) && (fCharacters.Count() > (w - fFirstChar)))
ixFC = w - fFirstChar;
} else {
ixFC = (UInt16)string[0] - fFirstChar;
}
plCharacter &ch = fCharacters[ixFC];
fRenderInfo.fMaxHeight = (Int16)fMaxCharHeight; fRenderInfo.fMaxHeight = (Int16)fMaxCharHeight;
fRenderInfo.fMaxWidth = (Int16)32767 + (Int16)ch.fLeftKern; fRenderInfo.fMaxWidth = (Int16)32767 + (Int16)ch.fLeftKern;
@ -451,11 +469,16 @@ void plFont::IRenderString( plMipmap *mip, UInt16 x, UInt16 y, const wchar_t *st
} }
// handle invalid chars discretely // handle invalid chars discretely
plCharacter* charToDraw = NULL; UInt16 ixFC = (UInt16)L' ' - fFirstChar;
if (fCharacters.Count() <= ((UInt16)string[i] - fFirstChar)) if (fCharacters.Count() <= ((UInt16)string[i] - fFirstChar)) {
charToDraw = &(fCharacters[(UInt16)L' ' - fFirstChar]); UInt16 w = wctob((UInt16)string[i]);
else if ((w != EOF) && (fCharacters.Count() > (w - fFirstChar)))
charToDraw = &(fCharacters[(UInt16)string[i] - fFirstChar]); ixFC = w - fFirstChar;
} else {
ixFC = (UInt16)string[i] - fFirstChar;
}
plCharacter* charToDraw = &(fCharacters[ixFC]);
Int16 leftKern = (Int16)charToDraw->fLeftKern; Int16 leftKern = (Int16)charToDraw->fLeftKern;
if( fRenderInfo.fFlags & kRenderScaleAA ) if( fRenderInfo.fFlags & kRenderScaleAA )
@ -585,7 +608,16 @@ void plFont::IRenderString( plMipmap *mip, UInt16 x, UInt16 y, const wchar_t *st
{ {
Int16 baseX = fRenderInfo.fX; Int16 baseX = fRenderInfo.fX;
plCharacter &ch = fCharacters[ (UInt16)string[ 0 ] - fFirstChar ]; UInt16 ixFC = (UInt16)L' ' - fFirstChar;
if (fCharacters.Count() <= ((UInt16)string[0] - fFirstChar)) {
UInt16 w = wctob((UInt16)string[0]);
if ((w != EOF) && (fCharacters.Count() > (w - fFirstChar)))
ixFC = w - fFirstChar;
} else {
ixFC = (UInt16)string[0] - fFirstChar;
}
plCharacter &ch = fCharacters[ixFC];
fRenderInfo.fX -= (Int16)ch.fLeftKern; fRenderInfo.fX -= (Int16)ch.fLeftKern;
fRenderInfo.fDestPtr -= (Int16)ch.fLeftKern * fRenderInfo.fDestBPP; fRenderInfo.fDestPtr -= (Int16)ch.fLeftKern * fRenderInfo.fDestBPP;

Loading…
Cancel
Save