Closed
Bug 1341088
Opened 8 years ago
Closed 7 years ago
Support validation of OpenType Variation font tables
Categories
(Core :: Graphics: Text, defect, P3)
Core
Graphics: Text
Tracking
()
RESOLVED
FIXED
mozilla61
| Tracking | Status | |
|---|---|---|
| firefox61 | --- | fixed |
People
(Reporter: jfkthame, Assigned: jfkthame)
References
(Depends on 1 open bug, Blocks 1 open bug)
Details
(Whiteboard: [gfx-noted])
Attachments
(2 files)
|
88.02 KB,
patch
|
jrmuizel
:
review+
|
Details | Diff | Splinter Review |
|
6.55 KB,
patch
|
jrmuizel
:
review+
|
Details | Diff | Splinter Review |
Currently, the version of OTS we're using doesn't know about OpenType Variations tables.[1]
We should fix that, so that we don't risk passing corrupt/malicious tables to the font rasterizers.
[1] https://www.microsoft.com/typography/otspec/otvaroverview.htm
|
||
Updated•8 years ago
|
Whiteboard: [gfx-noted]
|
|
||
Updated•8 years ago
|
Priority: -- → P3
|
Assignee | |
Comment 1•7 years ago
|
||
I've submitted a PR to upstream OTS with an initial effort at validation of the Variations tables: https://github.com/khaledhosny/ots/pull/164.
Presumably once this lands, the keep_variation_tables preference being flipped in bug 1447163 would need to be... removed?
|
|
Assignee | |
Comment 3•7 years ago
|
||
Right, that will be redundant once OTS handles them.
|
|
Assignee | |
Comment 4•7 years ago
|
||
Support for validating these tables has now landed upstream, so let's pull it into gecko as well.
Attachment #8964121 -
Flags: review?(jmuizelaar)
|
|
Assignee | |
Updated•7 years ago
|
Assignee: nobody → jfkthame
Status: NEW → ASSIGNED
|
|
Assignee | |
Comment 5•7 years ago
|
||
Attachment #8964122 -
Flags: review?(jmuizelaar)
|
|
Assignee | |
Comment 6•7 years ago
|
||
Rather than just removing the pref, I've replaced it with one that can be used to bypass validation for these tables (just like we can for the OpenType Layout tables), which may be useful for testing purposes (particularly if we run into flaws in the validator). But my assumption is that validation will stay turned on by default, so that we have some protection against exposing the various rasterizers to random bad data in these font tables.
|
|
Assignee | |
Comment 7•7 years ago
|
||
|
|
Assignee | |
Comment 8•7 years ago
|
||
Note that as the variation-font support only just landed upstream, there are likely to be minor fixes over the next few days as it gets a fuzzing workout, etc. At this point there are three small fixes pending in https://github.com/khaledhosny/ots/pull/165, and I fully expect there will be a few more of a similar nature.
So I intend to update the patch here with these fixes in the new code, as and when they get found/fixed/tested upstream.
|
||
Updated•7 years ago
|
Attachment #8964121 -
Flags: review?(jmuizelaar) → review+
|
|
||
Updated•7 years ago
|
Attachment #8964122 -
Flags: review?(jmuizelaar) → review+
Pushed by jkew@mozilla.com:
https://hg.mozilla.org/integration/mozilla-inbound/rev/c033871a13d0
Update OTS to upstream rev. 63ff19f4a8, which includes support for variation tables. r=jrmuizel
https://hg.mozilla.org/integration/mozilla-inbound/rev/d85e4be1d787
Enable validation of opentype variation tables in downloadable fonts, and replace the keep_variation_tables pref with validate_variation_tables (default=true). r=jrmuizel
|
||
Comment 10•7 years ago
|
||
| bugherder | ||
https://hg.mozilla.org/mozilla-central/rev/c033871a13d0
https://hg.mozilla.org/mozilla-central/rev/d85e4be1d787
Status: ASSIGNED → RESOLVED
Closed: 7 years ago
status-firefox61:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → mozilla61
You need to log in
before you can comment on or make changes to this bug.
Description
•