tag | f0dec3d9aec3223988e44c09e6e93e91b56a7d1b | |
---|---|---|
tagger | Khaled Hosny <khaledhosny@eglug.org> | Mon Oct 12 15:06:37 2020 |
object | e6ac199dda34e069f8e67f40f85364063675293c |
Version 8.1.0 * Update lz4 and brotli. * Remove various spurious checks against glyph count. * Sanitize PS names more strictly than the spec requires. * Fix up bad entrySelector in the table directory. * Allow for new flags in Graphite Feat table. * If variation tables are dropped don't parse any other variation tables. * Remove variation tables that don't parse. * Fix up sfntVersion instead of rejecting the font. * Make sure sfntVersion is always either 0x000010000 or OTTO. * If font has both glyf/loca and CFF[2], drop CFF[2]. * Set post table version to 3 if the font have CFF table, instead of rejecting. * Various oss-fuzz fixes.
commit | e6ac199dda34e069f8e67f40f85364063675293c | [log] [tgz] |
---|---|---|
author | Khaled Hosny <khaledhosny@eglug.org> | Mon Oct 12 15:01:34 2020 |
committer | Khaled Hosny <khaledhosny@eglug.org> | Mon Oct 12 15:01:34 2020 |
tree | c96aa74446a63fec89eb7e86c9ad1a38b5329706 | |
parent | da5aecf0c3bca13601c74824540b2aa40c1ebabe [diff] |
[ci] New token for AppVeyor
The OpenType Sanitizer (OTS) parses and serializes OpenType files (OTF, TTF) and WOFF and WOFF2 font files, validating them and sanitizing them as it goes.
The C library is integrated into Chromium and Firefox, and also simple command line tools to check files offline in a Terminal.
The CSS font-face property is great for web typography. Having to use images in order to get the correct typeface is a great sadness; one should be able to use vectors.
However, on many platforms the system-level TrueType font renderers have never been part of the attack surface before, and putting them on the front line is a scary proposition... Especially on platforms like Windows, where it's a closed-source blob running with high privilege.
Instructions below are for building standalone OTS utilities, if you want to use OTS as a library then the recommended way is to copy the source code and integrate it into your existing build system. Our build system does not build a shared library intentionally.
Build OTS:
$ meson build $ ninja -C build
Run the tests (if you wish):
$ ninja -C build test
See docs
Thanks to Alex Russell for the original idea.