Bug 1315642 - Check that font resource decoded/sanitized by OTS is a usable OpenType format (in particular, we do NOT yet support TrueType Collection resources, even though OTS can decode them). r=jrmuizel
Bug 1315642 - Check that font resource decoded/sanitized by OTS is a usable OpenType format (in particular, we do NOT yet support TrueType Collection resources, even though OTS can decode them). r=jrmuizel
--- a/gfx/thebes/gfxUserFontSet.cpp
+++ b/gfx/thebes/gfxUserFontSet.cpp
@@ -631,16 +631,26 @@ gfxUserFontEntry::LoadPlatformFont(const
// if necessary. The original data in aFontData is left unchanged.
uint32_t saneLen;
uint32_t fontCompressionRatio = 0;
size_t computedSize = 0;
const uint8_t* saneData =
SanitizeOpenTypeData(aFontData, aLength, saneLen, fontType);
if (!saneData) {
mFontSet->LogMessage(this, "rejected by sanitizer");
+ } else {
+ // Check whether saneData is a known OpenType format; it might be
+ // a TrueType Collection, which OTS would accept but we don't yet
+ // know how to handle. If so, discard.
+ if (gfxFontUtils::DetermineFontDataType(saneData, saneLen) !=
+ GFX_USERFONT_OPENTYPE) {
+ mFontSet->LogMessage(this, "not a supported OpenType format");
+ free((void*)saneData);
+ saneData = nullptr;
+ }
}
if (saneData) {
if (saneLen) {
fontCompressionRatio = uint32_t(100.0 * aLength / saneLen + 0.5);
if (fontType == GFX_USERFONT_WOFF ||
fontType == GFX_USERFONT_WOFF2) {
Telemetry::Accumulate(fontType == GFX_USERFONT_WOFF ?
Telemetry::WEBFONT_COMPRESSION_WOFF :