• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /****************************************************************************
2  *
3  * cidload.c
4  *
5  *   CID-keyed Type1 font loader (body).
6  *
7  * Copyright (C) 1996-2022 by
8  * David Turner, Robert Wilhelm, and Werner Lemberg.
9  *
10  * This file is part of the FreeType project, and may only be used,
11  * modified, and distributed under the terms of the FreeType project
12  * license, LICENSE.TXT.  By continuing to use, modify, or distribute
13  * this file you indicate that you have read the license and
14  * understand and accept it fully.
15  *
16  */
17 
18 
19 #include <ft2build.h>
20 #include <freetype/internal/ftdebug.h>
21 #include FT_CONFIG_CONFIG_H
22 #include <freetype/ftmm.h>
23 #include <freetype/internal/t1types.h>
24 #include <freetype/internal/psaux.h>
25 
26 #include "cidload.h"
27 
28 #include "ciderrs.h"
29 
30 
31   /**************************************************************************
32    *
33    * The macro FT_COMPONENT is used in trace mode.  It is an implicit
34    * parameter of the FT_TRACE() and FT_ERROR() macros, used to print/log
35    * messages during execution.
36    */
37 #undef  FT_COMPONENT
38 #define FT_COMPONENT  cidload
39 
40 
41   /* read a single offset */
42   FT_LOCAL_DEF( FT_ULong )
cid_get_offset(FT_Byte ** start,FT_UInt offsize)43   cid_get_offset( FT_Byte*  *start,
44                   FT_UInt    offsize )
45   {
46     FT_ULong  result;
47     FT_Byte*  p = *start;
48 
49 
50     for ( result = 0; offsize > 0; offsize-- )
51     {
52       result <<= 8;
53       result  |= *p++;
54     }
55 
56     *start = p;
57     return result;
58   }
59 
60 
61   /*************************************************************************/
62   /*************************************************************************/
63   /*****                                                               *****/
64   /*****                    TYPE 1 SYMBOL PARSING                      *****/
65   /*****                                                               *****/
66   /*************************************************************************/
67   /*************************************************************************/
68 
69 
70   static FT_Error
cid_load_keyword(CID_Face face,CID_Loader * loader,const T1_Field keyword)71   cid_load_keyword( CID_Face        face,
72                     CID_Loader*     loader,
73                     const T1_Field  keyword )
74   {
75     FT_Error      error;
76     CID_Parser*   parser = &loader->parser;
77     FT_Byte*      object;
78     void*         dummy_object;
79     CID_FaceInfo  cid = &face->cid;
80 
81 
82     /* if the keyword has a dedicated callback, call it */
83     if ( keyword->type == T1_FIELD_TYPE_CALLBACK )
84     {
85       FT_TRACE4(( "  %s", keyword->ident ));
86 
87       keyword->reader( (FT_Face)face, parser );
88       error = parser->root.error;
89       goto Exit;
90     }
91 
92     /* we must now compute the address of our target object */
93     switch ( keyword->location )
94     {
95     case T1_FIELD_LOCATION_CID_INFO:
96       object = (FT_Byte*)cid;
97       break;
98 
99     case T1_FIELD_LOCATION_FONT_INFO:
100       object = (FT_Byte*)&cid->font_info;
101       break;
102 
103     case T1_FIELD_LOCATION_FONT_EXTRA:
104       object = (FT_Byte*)&face->font_extra;
105       break;
106 
107     case T1_FIELD_LOCATION_BBOX:
108       object = (FT_Byte*)&cid->font_bbox;
109       break;
110 
111     default:
112       {
113         CID_FaceDict  dict;
114 
115 
116         if ( parser->num_dict >= cid->num_dicts )
117         {
118           FT_ERROR(( "cid_load_keyword: invalid use of `%s'\n",
119                      keyword->ident ));
120           error = FT_THROW( Syntax_Error );
121           goto Exit;
122         }
123 
124         dict = cid->font_dicts + parser->num_dict;
125         switch ( keyword->location )
126         {
127         case T1_FIELD_LOCATION_PRIVATE:
128           object = (FT_Byte*)&dict->private_dict;
129           break;
130 
131         default:
132           object = (FT_Byte*)dict;
133         }
134       }
135     }
136 
137     FT_TRACE4(( "  %s", keyword->ident ));
138 
139     dummy_object = object;
140 
141     /* now, load the keyword data in the object's field(s) */
142     if ( keyword->type == T1_FIELD_TYPE_INTEGER_ARRAY ||
143          keyword->type == T1_FIELD_TYPE_FIXED_ARRAY   )
144       error = cid_parser_load_field_table( &loader->parser, keyword,
145                                            &dummy_object );
146     else
147       error = cid_parser_load_field( &loader->parser,
148                                      keyword, &dummy_object );
149 
150     FT_TRACE4(( "\n" ));
151 
152   Exit:
153     return error;
154   }
155 
156 
157   FT_CALLBACK_DEF( void )
cid_parse_font_matrix(CID_Face face,CID_Parser * parser)158   cid_parse_font_matrix( CID_Face     face,
159                          CID_Parser*  parser )
160   {
161     CID_FaceDict  dict;
162     FT_Face       root = (FT_Face)&face->root;
163     FT_Fixed      temp[6];
164     FT_Fixed      temp_scale;
165 
166 
167     if ( parser->num_dict < face->cid.num_dicts )
168     {
169       FT_Matrix*  matrix;
170       FT_Vector*  offset;
171       FT_Int      result;
172 
173 
174       dict   = face->cid.font_dicts + parser->num_dict;
175       matrix = &dict->font_matrix;
176       offset = &dict->font_offset;
177 
178       /* input is scaled by 1000 to accommodate default FontMatrix */
179       result = cid_parser_to_fixed_array( parser, 6, temp, 3 );
180 
181       if ( result < 6 )
182       {
183         FT_ERROR(( "cid_parse_font_matrix: not enough matrix elements\n" ));
184         goto Exit;
185       }
186 
187       FT_TRACE4(( " [%f %f %f %f %f %f]\n",
188                   (double)temp[0] / 65536 / 1000,
189                   (double)temp[1] / 65536 / 1000,
190                   (double)temp[2] / 65536 / 1000,
191                   (double)temp[3] / 65536 / 1000,
192                   (double)temp[4] / 65536 / 1000,
193                   (double)temp[5] / 65536 / 1000 ));
194 
195       temp_scale = FT_ABS( temp[3] );
196 
197       if ( temp_scale == 0 )
198       {
199         FT_ERROR(( "cid_parse_font_matrix: invalid font matrix\n" ));
200         goto Exit;
201       }
202 
203       /* atypical case */
204       if ( temp_scale != 0x10000L )
205       {
206         /* set units per EM based on FontMatrix values */
207         root->units_per_EM = (FT_UShort)FT_DivFix( 1000, temp_scale );
208 
209         temp[0] = FT_DivFix( temp[0], temp_scale );
210         temp[1] = FT_DivFix( temp[1], temp_scale );
211         temp[2] = FT_DivFix( temp[2], temp_scale );
212         temp[4] = FT_DivFix( temp[4], temp_scale );
213         temp[5] = FT_DivFix( temp[5], temp_scale );
214         temp[3] = temp[3] < 0 ? -0x10000L : 0x10000L;
215       }
216 
217       matrix->xx = temp[0];
218       matrix->yx = temp[1];
219       matrix->xy = temp[2];
220       matrix->yy = temp[3];
221 
222       if ( !FT_Matrix_Check( matrix ) )
223       {
224         FT_ERROR(( "t1_parse_font_matrix: invalid font matrix\n" ));
225         parser->root.error = FT_THROW( Invalid_File_Format );
226         goto Exit;
227       }
228 
229       /* note that the font offsets are expressed in integer font units */
230       offset->x  = temp[4] >> 16;
231       offset->y  = temp[5] >> 16;
232     }
233 
234   Exit:
235     return;
236   }
237 
238 
239   FT_CALLBACK_DEF( void )
parse_fd_array(CID_Face face,CID_Parser * parser)240   parse_fd_array( CID_Face     face,
241                   CID_Parser*  parser )
242   {
243     CID_FaceInfo  cid    = &face->cid;
244     FT_Memory     memory = face->root.memory;
245     FT_Stream     stream = parser->stream;
246     FT_Error      error  = FT_Err_Ok;
247     FT_Long       num_dicts, max_dicts;
248 
249 
250     num_dicts = cid_parser_to_int( parser );
251     if ( num_dicts < 0 || num_dicts > FT_INT_MAX )
252     {
253       FT_ERROR(( "parse_fd_array: invalid number of dictionaries\n" ));
254       goto Exit;
255     }
256 
257     FT_TRACE4(( " %ld\n", num_dicts ));
258 
259     /*
260      * A single entry in the FDArray must (at least) contain the following
261      * structure elements.
262      *
263      *   %ADOBeginFontDict              18
264      *   X dict begin                   13
265      *     /FontMatrix [X X X X]        22
266      *     /Private X dict begin        22
267      *     end                           4
268      *   end                             4
269      *   %ADOEndFontDict                16
270      *
271      * This needs 18+13+22+22+4+4+16=99 bytes or more.  Normally, you also
272      * need a `dup X' at the very beginning and a `put' at the end, so a
273      * rough guess using 100 bytes as the minimum is justified.
274      */
275     max_dicts = (FT_Long)( stream->size / 100 );
276     if ( num_dicts > max_dicts )
277     {
278       FT_TRACE0(( "parse_fd_array: adjusting FDArray size"
279                   " (from %ld to %ld)\n",
280                   num_dicts, max_dicts ));
281       num_dicts = max_dicts;
282     }
283 
284     if ( !cid->font_dicts )
285     {
286       FT_UInt  n;
287 
288 
289       if ( FT_NEW_ARRAY( cid->font_dicts, num_dicts ) )
290         goto Exit;
291 
292       cid->num_dicts = num_dicts;
293 
294       /* set some default values (the same as for Type 1 fonts) */
295       for ( n = 0; n < cid->num_dicts; n++ )
296       {
297         CID_FaceDict  dict = cid->font_dicts + n;
298 
299 
300         dict->private_dict.blue_shift       = 7;
301         dict->private_dict.blue_fuzz        = 1;
302         dict->private_dict.lenIV            = 4;
303         dict->private_dict.expansion_factor = (FT_Fixed)( 0.06 * 0x10000L );
304         dict->private_dict.blue_scale       = (FT_Fixed)(
305                                                 0.039625 * 0x10000L * 1000 );
306       }
307     }
308 
309   Exit:
310     return;
311   }
312 
313 
314   /* By mistake, `expansion_factor' appears both in PS_PrivateRec */
315   /* and CID_FaceDictRec (both are public header files and can't  */
316   /* changed).  We simply copy the value.                         */
317 
318   FT_CALLBACK_DEF( void )
parse_expansion_factor(CID_Face face,CID_Parser * parser)319   parse_expansion_factor( CID_Face     face,
320                           CID_Parser*  parser )
321   {
322     CID_FaceDict  dict;
323 
324 
325     if ( parser->num_dict < face->cid.num_dicts )
326     {
327       dict = face->cid.font_dicts + parser->num_dict;
328 
329       dict->expansion_factor              = cid_parser_to_fixed( parser, 0 );
330       dict->private_dict.expansion_factor = dict->expansion_factor;
331 
332       FT_TRACE4(( "%ld\n", dict->expansion_factor ));
333     }
334 
335     return;
336   }
337 
338 
339   /* By mistake, `CID_FaceDictRec' doesn't contain a field for the */
340   /* `FontName' keyword.  FreeType doesn't need it, but it is nice */
341   /* to catch it for producing better trace output.                */
342 
343   FT_CALLBACK_DEF( void )
parse_font_name(CID_Face face,CID_Parser * parser)344   parse_font_name( CID_Face     face,
345                    CID_Parser*  parser )
346   {
347 #ifdef FT_DEBUG_LEVEL_TRACE
348     if ( parser->num_dict < face->cid.num_dicts )
349     {
350       T1_TokenRec  token;
351       FT_UInt      len;
352 
353 
354       cid_parser_to_token( parser, &token );
355 
356       len = (FT_UInt)( token.limit - token.start );
357       if ( len )
358         FT_TRACE4(( " %.*s\n", len, token.start ));
359       else
360         FT_TRACE4(( " <no value>\n" ));
361     }
362 #else
363     FT_UNUSED( face );
364     FT_UNUSED( parser );
365 #endif
366 
367     return;
368   }
369 
370 
371   static
372   const T1_FieldRec  cid_field_records[] =
373   {
374 
375 #include "cidtoken.h"
376 
377     T1_FIELD_CALLBACK( "FDArray",         parse_fd_array, 0 )
378     T1_FIELD_CALLBACK( "FontMatrix",      cid_parse_font_matrix, 0 )
379     T1_FIELD_CALLBACK( "ExpansionFactor", parse_expansion_factor, 0 )
380     T1_FIELD_CALLBACK( "FontName",        parse_font_name, 0 )
381 
382     { 0, T1_FIELD_LOCATION_CID_INFO, T1_FIELD_TYPE_NONE, 0, 0, 0, 0, 0, 0 }
383   };
384 
385 
386   static FT_Error
cid_parse_dict(CID_Face face,CID_Loader * loader,FT_Byte * base,FT_ULong size)387   cid_parse_dict( CID_Face     face,
388                   CID_Loader*  loader,
389                   FT_Byte*     base,
390                   FT_ULong     size )
391   {
392     CID_Parser*  parser = &loader->parser;
393 
394 
395     parser->root.cursor = base;
396     parser->root.limit  = base + size;
397     parser->root.error  = FT_Err_Ok;
398 
399     {
400       FT_Byte*  cur   = base;
401       FT_Byte*  limit = cur + size;
402 
403 
404       for (;;)
405       {
406         FT_Byte*  newlimit;
407 
408 
409         parser->root.cursor = cur;
410         cid_parser_skip_spaces( parser );
411 
412         if ( parser->root.cursor >= limit )
413           newlimit = limit - 1 - 17;
414         else
415           newlimit = parser->root.cursor - 17;
416 
417         /* look for `%ADOBeginFontDict' */
418         for ( ; cur < newlimit; cur++ )
419         {
420           if ( *cur == '%'                                            &&
421                ft_strncmp( (char*)cur, "%ADOBeginFontDict", 17 ) == 0 )
422           {
423             /* if /FDArray was found, then cid->num_dicts is > 0, and */
424             /* we can start increasing parser->num_dict               */
425             if ( face->cid.num_dicts > 0 )
426             {
427               parser->num_dict++;
428 
429 #ifdef FT_DEBUG_LEVEL_TRACE
430               FT_TRACE4(( " FontDict %u", parser->num_dict ));
431               if ( parser->num_dict > face->cid.num_dicts )
432                 FT_TRACE4(( " (ignored)" ));
433               FT_TRACE4(( "\n" ));
434 #endif
435             }
436           }
437         }
438 
439         cur = parser->root.cursor;
440         /* no error can occur in cid_parser_skip_spaces */
441         if ( cur >= limit )
442           break;
443 
444         cid_parser_skip_PS_token( parser );
445         if ( parser->root.cursor >= limit || parser->root.error )
446           break;
447 
448         /* look for immediates */
449         if ( *cur == '/' && cur + 2 < limit )
450         {
451           FT_UInt  len;
452 
453 
454           cur++;
455           len = (FT_UInt)( parser->root.cursor - cur );
456 
457           if ( len > 0 && len < 22 )
458           {
459             /* now compare the immediate name to the keyword table */
460             T1_Field  keyword = (T1_Field)cid_field_records;
461 
462 
463             for (;;)
464             {
465               FT_Byte*  name;
466 
467 
468               name = (FT_Byte*)keyword->ident;
469               if ( !name )
470                 break;
471 
472               if ( cur[0] == name[0]                     &&
473                    len == ft_strlen( (const char*)name ) )
474               {
475                 FT_UInt  n;
476 
477 
478                 for ( n = 1; n < len; n++ )
479                   if ( cur[n] != name[n] )
480                     break;
481 
482                 if ( n >= len )
483                 {
484                   /* we found it - run the parsing callback */
485                   parser->root.error = cid_load_keyword( face,
486                                                          loader,
487                                                          keyword );
488                   if ( parser->root.error )
489                     return parser->root.error;
490                   break;
491                 }
492               }
493               keyword++;
494             }
495           }
496         }
497 
498         cur = parser->root.cursor;
499       }
500 
501       if ( !face->cid.num_dicts )
502       {
503         FT_ERROR(( "cid_parse_dict: No font dictionary found\n" ));
504         return FT_THROW( Invalid_File_Format );
505       }
506     }
507 
508     return parser->root.error;
509   }
510 
511 
512   /* read the subrmap and the subrs of each font dict */
513   static FT_Error
cid_read_subrs(CID_Face face)514   cid_read_subrs( CID_Face  face )
515   {
516     CID_FaceInfo   cid    = &face->cid;
517     FT_Memory      memory = face->root.memory;
518     FT_Stream      stream = face->cid_stream;
519     FT_Error       error;
520     FT_UInt        n;
521     CID_Subrs      subr;
522     FT_UInt        max_offsets = 0;
523     FT_ULong*      offsets = NULL;
524     PSAux_Service  psaux = (PSAux_Service)face->psaux;
525 
526 
527     if ( FT_NEW_ARRAY( face->subrs, cid->num_dicts ) )
528       goto Exit;
529 
530     subr = face->subrs;
531     for ( n = 0; n < cid->num_dicts; n++, subr++ )
532     {
533       CID_FaceDict  dict  = cid->font_dicts + n;
534       FT_Int        lenIV = dict->private_dict.lenIV;
535       FT_UInt       count, num_subrs = dict->num_subrs;
536       FT_ULong      data_len;
537       FT_Byte*      p;
538 
539 
540       if ( !num_subrs )
541         continue;
542 
543       /* reallocate offsets array if needed */
544       if ( num_subrs + 1 > max_offsets )
545       {
546         FT_UInt  new_max = FT_PAD_CEIL( num_subrs + 1, 4 );
547 
548 
549         if ( new_max <= max_offsets )
550         {
551           error = FT_THROW( Syntax_Error );
552           goto Fail;
553         }
554 
555         if ( FT_QRENEW_ARRAY( offsets, max_offsets, new_max ) )
556           goto Fail;
557 
558         max_offsets = new_max;
559       }
560 
561       /* read the subrmap's offsets */
562       if ( FT_STREAM_SEEK( cid->data_offset + dict->subrmap_offset ) ||
563            FT_FRAME_ENTER( ( num_subrs + 1 ) * dict->sd_bytes )      )
564         goto Fail;
565 
566       p = (FT_Byte*)stream->cursor;
567       for ( count = 0; count <= num_subrs; count++ )
568         offsets[count] = cid_get_offset( &p, dict->sd_bytes );
569 
570       FT_FRAME_EXIT();
571 
572       /* offsets must be ordered */
573       for ( count = 1; count <= num_subrs; count++ )
574         if ( offsets[count - 1] > offsets[count] )
575         {
576           FT_ERROR(( "cid_read_subrs: offsets are not ordered\n" ));
577           error = FT_THROW( Invalid_File_Format );
578           goto Fail;
579         }
580 
581       if ( offsets[num_subrs] > stream->size - cid->data_offset )
582       {
583         FT_ERROR(( "cid_read_subrs: too large `subrs' offsets\n" ));
584         error = FT_THROW( Invalid_File_Format );
585         goto Fail;
586       }
587 
588       /* now, compute the size of subrs charstrings, */
589       /* allocate, and read them                     */
590       data_len = offsets[num_subrs] - offsets[0];
591 
592       if ( FT_QNEW_ARRAY( subr->code, num_subrs + 1 ) ||
593            FT_QALLOC( subr->code[0], data_len )       )
594         goto Fail;
595 
596       if ( FT_STREAM_SEEK( cid->data_offset + offsets[0] ) ||
597            FT_STREAM_READ( subr->code[0], data_len )       )
598         goto Fail;
599 
600       /* set up pointers */
601       for ( count = 1; count <= num_subrs; count++ )
602       {
603         FT_ULong  len;
604 
605 
606         len               = offsets[count] - offsets[count - 1];
607         subr->code[count] = subr->code[count - 1] + len;
608       }
609 
610       /* decrypt subroutines, but only if lenIV >= 0 */
611       if ( lenIV >= 0 )
612       {
613         for ( count = 0; count < num_subrs; count++ )
614         {
615           FT_ULong  len;
616 
617 
618           len = offsets[count + 1] - offsets[count];
619           psaux->t1_decrypt( subr->code[count], len, 4330 );
620         }
621       }
622 
623       subr->num_subrs = (FT_Int)num_subrs;
624     }
625 
626   Exit:
627     FT_FREE( offsets );
628     return error;
629 
630   Fail:
631     if ( face->subrs )
632     {
633       for ( n = 0; n < cid->num_dicts; n++ )
634       {
635         if ( face->subrs[n].code )
636           FT_FREE( face->subrs[n].code[0] );
637 
638         FT_FREE( face->subrs[n].code );
639       }
640       FT_FREE( face->subrs );
641     }
642     goto Exit;
643   }
644 
645 
646   static void
cid_init_loader(CID_Loader * loader,CID_Face face)647   cid_init_loader( CID_Loader*  loader,
648                    CID_Face     face )
649   {
650     FT_UNUSED( face );
651 
652     FT_ZERO( loader );
653   }
654 
655 
656   static  void
cid_done_loader(CID_Loader * loader)657   cid_done_loader( CID_Loader*  loader )
658   {
659     CID_Parser*  parser = &loader->parser;
660 
661 
662     /* finalize parser */
663     cid_parser_done( parser );
664   }
665 
666 
667   static FT_Error
cid_hex_to_binary(FT_Byte * data,FT_ULong data_len,FT_ULong offset,CID_Face face,FT_ULong * data_written)668   cid_hex_to_binary( FT_Byte*   data,
669                      FT_ULong   data_len,
670                      FT_ULong   offset,
671                      CID_Face   face,
672                      FT_ULong*  data_written )
673   {
674     FT_Stream  stream = face->root.stream;
675     FT_Error   error;
676 
677     FT_Byte    buffer[256];
678     FT_Byte   *p, *plimit;
679     FT_Byte   *d = data, *dlimit;
680     FT_Byte    val;
681 
682     FT_Bool    upper_nibble, done;
683 
684 
685     if ( FT_STREAM_SEEK( offset ) )
686       goto Exit;
687 
688     dlimit = d + data_len;
689     p      = buffer;
690     plimit = p;
691 
692     upper_nibble = 1;
693     done         = 0;
694 
695     while ( d < dlimit )
696     {
697       if ( p >= plimit )
698       {
699         FT_ULong  oldpos = FT_STREAM_POS();
700         FT_ULong  size   = stream->size - oldpos;
701 
702 
703         if ( size == 0 )
704         {
705           error = FT_THROW( Syntax_Error );
706           goto Exit;
707         }
708 
709         if ( FT_STREAM_READ( buffer, 256 > size ? size : 256 ) )
710           goto Exit;
711         p      = buffer;
712         plimit = p + FT_STREAM_POS() - oldpos;
713       }
714 
715       if ( ft_isdigit( *p ) )
716         val = (FT_Byte)( *p - '0' );
717       else if ( *p >= 'a' && *p <= 'f' )
718         val = (FT_Byte)( *p - 'a' + 10 );
719       else if ( *p >= 'A' && *p <= 'F' )
720         val = (FT_Byte)( *p - 'A' + 10 );
721       else if ( *p == ' '  ||
722                 *p == '\t' ||
723                 *p == '\r' ||
724                 *p == '\n' ||
725                 *p == '\f' ||
726                 *p == '\0' )
727       {
728         p++;
729         continue;
730       }
731       else if ( *p == '>' )
732       {
733         val  = 0;
734         done = 1;
735       }
736       else
737       {
738         error = FT_THROW( Syntax_Error );
739         goto Exit;
740       }
741 
742       if ( upper_nibble )
743         *d = (FT_Byte)( val << 4 );
744       else
745       {
746         *d = (FT_Byte)( *d + val );
747         d++;
748       }
749 
750       upper_nibble = (FT_Byte)( 1 - upper_nibble );
751 
752       if ( done )
753         break;
754 
755       p++;
756     }
757 
758     error = FT_Err_Ok;
759 
760   Exit:
761     *data_written = (FT_ULong)( d - data );
762     return error;
763   }
764 
765 
766   FT_LOCAL_DEF( FT_Error )
cid_face_open(CID_Face face,FT_Int face_index)767   cid_face_open( CID_Face  face,
768                  FT_Int    face_index )
769   {
770     CID_Loader   loader;
771     CID_Parser*  parser;
772     FT_Memory    memory = face->root.memory;
773     FT_Error     error;
774     FT_UInt      n;
775 
776     CID_FaceInfo  cid = &face->cid;
777 
778     FT_ULong  binary_length;
779 
780 
781     cid_init_loader( &loader, face );
782 
783     parser = &loader.parser;
784     error = cid_parser_new( parser, face->root.stream, face->root.memory,
785                             (PSAux_Service)face->psaux );
786     if ( error )
787       goto Exit;
788 
789     error = cid_parse_dict( face, &loader,
790                             parser->postscript,
791                             parser->postscript_len );
792     if ( error )
793       goto Exit;
794 
795     if ( face_index < 0 )
796       goto Exit;
797 
798     if ( FT_NEW( face->cid_stream ) )
799       goto Exit;
800 
801     if ( parser->binary_length )
802     {
803       if ( parser->binary_length >
804              face->root.stream->size - parser->data_offset )
805       {
806         FT_TRACE0(( "cid_face_open: adjusting length of binary data\n" ));
807         FT_TRACE0(( "               (from %lu to %lu bytes)\n",
808                     parser->binary_length,
809                     face->root.stream->size - parser->data_offset ));
810         parser->binary_length = face->root.stream->size -
811                                 parser->data_offset;
812       }
813 
814       /* we must convert the data section from hexadecimal to binary */
815       if ( FT_QALLOC( face->binary_data, parser->binary_length )   ||
816            FT_SET_ERROR( cid_hex_to_binary( face->binary_data,
817                                             parser->binary_length,
818                                             parser->data_offset,
819                                             face,
820                                             &binary_length ) )     )
821         goto Exit;
822 
823       FT_Stream_OpenMemory( face->cid_stream,
824                             face->binary_data, binary_length );
825       cid->data_offset = 0;
826     }
827     else
828     {
829       *face->cid_stream = *face->root.stream;
830       cid->data_offset  = loader.parser.data_offset;
831     }
832 
833     /* sanity tests */
834 
835     if ( cid->gd_bytes == 0 )
836     {
837       FT_ERROR(( "cid_face_open:"
838                  " Invalid `GDBytes' value\n" ));
839       error = FT_THROW( Invalid_File_Format );
840       goto Exit;
841     }
842 
843     /* allow at most 32bit offsets */
844     if ( cid->fd_bytes > 4 || cid->gd_bytes > 4 )
845     {
846       FT_ERROR(( "cid_face_open:"
847                  " Values of `FDBytes' or `GDBytes' larger than 4\n" ));
848       FT_ERROR(( "               "
849                  " are not supported\n" ));
850       error = FT_THROW( Invalid_File_Format );
851       goto Exit;
852     }
853 
854     binary_length = face->cid_stream->size - cid->data_offset;
855 
856     if ( cid->cidmap_offset > binary_length )
857     {
858       FT_ERROR(( "cid_face_open: Invalid `CIDMapOffset' value\n" ));
859       error = FT_THROW( Invalid_File_Format );
860       goto Exit;
861     }
862 
863     /* the initial pre-check prevents the multiplication overflow */
864     if ( cid->cid_count > FT_ULONG_MAX / 8                    ||
865          cid->cid_count * ( cid->fd_bytes + cid->gd_bytes ) >
866            binary_length - cid->cidmap_offset                 )
867     {
868       FT_ERROR(( "cid_face_open: Invalid `CIDCount' value\n" ));
869       error = FT_THROW( Invalid_File_Format );
870       goto Exit;
871     }
872 
873 
874     for ( n = 0; n < cid->num_dicts; n++ )
875     {
876       CID_FaceDict  dict = cid->font_dicts + n;
877 
878 
879       /* the upper limits are ad-hoc values */
880       if ( dict->private_dict.blue_shift > 1000 ||
881            dict->private_dict.blue_shift < 0    )
882       {
883         FT_TRACE2(( "cid_face_open:"
884                     " setting unlikely BlueShift value %d to default (7)\n",
885                     dict->private_dict.blue_shift ));
886         dict->private_dict.blue_shift = 7;
887       }
888 
889       if ( dict->private_dict.blue_fuzz > 1000 ||
890            dict->private_dict.blue_fuzz < 0    )
891       {
892         FT_TRACE2(( "cid_face_open:"
893                     " setting unlikely BlueFuzz value %d to default (1)\n",
894                     dict->private_dict.blue_fuzz ));
895         dict->private_dict.blue_fuzz = 1;
896       }
897 
898       if ( dict->num_subrs && dict->sd_bytes == 0 )
899       {
900         FT_ERROR(( "cid_face_open: Invalid `SDBytes' value\n" ));
901         error = FT_THROW( Invalid_File_Format );
902         goto Exit;
903       }
904 
905       if ( dict->sd_bytes > 4 )
906       {
907         FT_ERROR(( "cid_face_open:"
908                    " Values of `SDBytes' larger than 4"
909                    " are not supported\n" ));
910         error = FT_THROW( Invalid_File_Format );
911         goto Exit;
912       }
913 
914       if ( dict->subrmap_offset > binary_length )
915       {
916         FT_ERROR(( "cid_face_open: Invalid `SubrMapOffset' value\n" ));
917         error = FT_THROW( Invalid_File_Format );
918         goto Exit;
919       }
920 
921       /* the initial pre-check prevents the multiplication overflow */
922       if ( dict->num_subrs > FT_UINT_MAX / 4      ||
923            dict->num_subrs * dict->sd_bytes >
924              binary_length - dict->subrmap_offset )
925       {
926         FT_ERROR(( "cid_face_open: Invalid `SubrCount' value\n" ));
927         error = FT_THROW( Invalid_File_Format );
928         goto Exit;
929       }
930     }
931 
932     /* we can now safely proceed */
933     error = cid_read_subrs( face );
934 
935   Exit:
936     cid_done_loader( &loader );
937     return error;
938   }
939 
940 
941 /* END */
942