Re: new compiler warnings in freetype 2.10.2 32-bit

2020-07-24 Thread Werner LEMBERG
> A better answer is to actually get rid of strcpy() / strcat() /
> sprintf() because there will always be compilers complaining about
> them.
> 
> Here's a patch that does that for freetype2-demos, please take a
> look.

Applied with massaging and splitting into smaller chunks, thanks!

I've also added some fixes to make your code actually work.  Honestly,
I can't believe that this ever worked with `ftview', for example :-)

I've skipped the declarations of `GrTextWriter' et al.; this looks
like it belongs to another patch.


Werner



Re: new compiler warnings in freetype 2.10.2 32-bit

2020-07-24 Thread David Turner
Le ven. 24 juil. 2020 à 05:58, Vincent Torri  a
écrit :

> hello
>
> some comments:
>
> strcasecmp does not exist when compiling with Visual Studio (_stricmp
> does though and is doing the same job). mingw-w64 use a #define for
> that.Why not adding ft_strcasecmp like ft_strdup ?
>
> note that using strdup with Visual Studio and passing
> _CRT_NONSTDC_NO_DEPRECATE removes the warning.
>
> I think that in this case, it is actually simpler to re-implement the
function rather than trying to fight the compiler and build system with the
right set options :-)
Very fortunately, this is not part of a critical performance loop,
otherwise, we would do things differently.


> Vincent Torri
>
> On Fri, Jul 24, 2020 at 5:02 AM David Turner  wrote:
> >
> > A better answer is to actually get rid of strcpy() / strcat() /
> sprintf() because there will always be compilers complaining about them.
> >
> > Here's a patch that does that for freetype2-demos, please take a look.
> >
> > Le jeu. 23 juil. 2020 à 13:16, Werner LEMBERG  a écrit :
> >>
> >> > There seems to be a new warning in 2.10.2 (compared to 2.10.1) when
> >> > compiling for 32-bit: [...]
> >>
> >> Fixed in git, thanks.
> >>
> >> > Also have had a bunch of strncat related warning (probably gcc 1
> specific, or some compiler switch specific) in ft2-demos, for a while:
> >> >
> >> > ===
> >> > inlined from 'RunIns' at src/ttdebug.c:2105:11:
> >> > /usr/include/bits/string_fortified.h:136:10: warning:
> >> > '__builtin___strncat_chk' output may be truncated copying 31 bytes
> >> > from a string of length 31 [-Wstringop-truncation]
> >>
> >> (The problematic calls of strncat are in function `Cur_U_Line'.)
> >>
> >> Hmm.  The answer to
> >>
> >>
> https://stackoverflow.com/questions/50198319/gcc-8-wstringop-truncation-what-is-the-good-practice
> >>
> >> recommends to switch off the warning if the code does exactly ...
> >>
> >>
> >> Werner
> >>
>


Re: new compiler warnings in freetype 2.10.2 32-bit

2020-07-24 Thread Werner LEMBERG


> strcasecmp does not exist when compiling with Visual Studio
> (_stricmp does though and is doing the same job).  mingw-w64 uses a
> #define for that.  Why not adding ft_strcasecmp like ft_strdup ?

There is already

  #ifdef _WIN32
  #define strcasecmp  _stricmp
  #endif

in `ftcommon.c`...


Werner



Re: new compiler warnings in freetype 2.10.2 32-bit

2020-07-23 Thread Vincent Torri
hello

some comments:

strcasecmp does not exist when compiling with Visual Studio (_stricmp
does though and is doing the same job). mingw-w64 use a #define for
that.Why not adding ft_strcasecmp like ft_strdup ?

note that using strdup with Visual Studio and passing
_CRT_NONSTDC_NO_DEPRECATE removes the warning.

Vincent Torri

On Fri, Jul 24, 2020 at 5:02 AM David Turner  wrote:
>
> A better answer is to actually get rid of strcpy() / strcat() / sprintf() 
> because there will always be compilers complaining about them.
>
> Here's a patch that does that for freetype2-demos, please take a look.
>
> Le jeu. 23 juil. 2020 à 13:16, Werner LEMBERG  a écrit :
>>
>> > There seems to be a new warning in 2.10.2 (compared to 2.10.1) when
>> > compiling for 32-bit: [...]
>>
>> Fixed in git, thanks.
>>
>> > Also have had a bunch of strncat related warning (probably gcc 1 specific, 
>> > or some compiler switch specific) in ft2-demos, for a while:
>> >
>> > ===
>> > inlined from 'RunIns' at src/ttdebug.c:2105:11:
>> > /usr/include/bits/string_fortified.h:136:10: warning:
>> > '__builtin___strncat_chk' output may be truncated copying 31 bytes
>> > from a string of length 31 [-Wstringop-truncation]
>>
>> (The problematic calls of strncat are in function `Cur_U_Line'.)
>>
>> Hmm.  The answer to
>>
>>   
>> https://stackoverflow.com/questions/50198319/gcc-8-wstringop-truncation-what-is-the-good-practice
>>
>> recommends to switch off the warning if the code does exactly ...
>>
>>
>> Werner
>>



Re: new compiler warnings in freetype 2.10.2 32-bit

2020-07-23 Thread David Turner
A better answer is to actually get rid of strcpy() / strcat() / sprintf()
because there will always be compilers complaining about them.

Here's a patch that does that for freetype2-demos, please take a look.

Le jeu. 23 juil. 2020 à 13:16, Werner LEMBERG  a écrit :

> > There seems to be a new warning in 2.10.2 (compared to 2.10.1) when
> > compiling for 32-bit: [...]
>
> Fixed in git, thanks.
>
> > Also have had a bunch of strncat related warning (probably gcc 1
> specific, or some compiler switch specific) in ft2-demos, for a while:
> >
> > ===
> > inlined from 'RunIns' at src/ttdebug.c:2105:11:
> > /usr/include/bits/string_fortified.h:136:10: warning:
> > '__builtin___strncat_chk' output may be truncated copying 31 bytes
> > from a string of length 31 [-Wstringop-truncation]
>
> (The problematic calls of strncat are in function `Cur_U_Line'.)
>
> Hmm.  The answer to
>
>
> https://stackoverflow.com/questions/50198319/gcc-8-wstringop-truncation-what-is-the-good-practice
>
> recommends to switch off the warning if the code does exactly ...
>
>
> Werner
>
>
From dc5dae42212453f9a7850f201ad82c39e041e698 Mon Sep 17 00:00:00 2001
From: David Turner 
Date: Sun, 17 May 2020 21:37:09 +0200
Subject: [build] Remove strncat / strcpy() / sprintf() from sources.

This removes all uses of these potentially unsafe functions from
the sources, mostly to avoid dealing with overzealous
compiler warnings, and preventing buffer overflow issues.

This is done through several steps:

+ common.h: Add ft_strdup() to implement a proper strdup()
  function that also works on Windows.

+ strbuf.h: New header and associated source file, providing
  a trivial data type and functions to safely perform formatted
  string concatenation on a fixed-size buffer, while ensuring
  the result is always properly zero-terminated.

  Usage is pretty simple, and documented in the header.

+ Update the other sources to use ft_debug(), stdbuf_xxx()
  and snprintf() instead of sprintf() in order to get rid of
  any potential for buffer overflow / unterminated strings.
---
 Makefile   |   2 +
 src/common.c   |  22 +++-
 src/common.h   |   9 +++-
 src/ftbench.c  |  32 ++--
 src/ftcommon.c | 133 +++---
 src/ftcommon.h |  34 
 src/ftdiff.c   |  22 
 src/ftdump.c   |   4 +-
 src/ftgamma.c  |   4 +-
 src/ftgrid.c   |  39 --
 src/ftmulti.c  |  68 
 src/ftsbit.c   |   2 +-
 src/ftstring.c |   9 ++--
 src/ftview.c   |  88 +++
 src/strbuf.c   | 139 +
 src/strbuf.h   | 117 +
 src/ttdebug.c  | 131 ++
 17 files changed, 600 insertions(+), 255 deletions(-)
 create mode 100644 src/strbuf.c
 create mode 100644 src/strbuf.h

diff --git a/Makefile b/Makefile
index e6ad0af..851c4f7 100644
--- a/Makefile
+++ b/Makefile
@@ -333,9 +333,11 @@ else
   # Rules for compiling object files for text-only demos.
   #
   $(OBJ_DIR_2)/common.$(SO): $(SRC_DIR)/common.c
+  $(OBJ_DIR_2)/strbuf.$(SO): $(SRC_DIR)/strbuf.c
   $(OBJ_DIR_2)/output.$(SO): $(SRC_DIR)/output.c
   $(OBJ_DIR_2)/mlgetopt.$(SO): $(SRC_DIR)/mlgetopt.c
   COMMON_OBJ := $(OBJ_DIR_2)/common.$(SO) \
+$(OBJ_DIR_2)/strbuf.$(SO) \
 $(OBJ_DIR_2)/output.$(SO) \
 $(OBJ_DIR_2)/mlgetopt.$(SO)
 
diff --git a/src/common.c b/src/common.c
index 1960165..3eed8ef 100644
--- a/src/common.c
+++ b/src/common.c
@@ -5,7 +5,7 @@
 #include 
 #include 
 #include 
-
+#include 
 
   char*
   ft_basename( const char*  name )
@@ -36,6 +36,25 @@
   }
 
 
+  char*
+  ft_strdup( const char* str )
+  {
+char*   result;
+size_t  len;
+
+
+if ( !str )
+  return NULL;
+
+len= strlen( str );
+result = (char*)malloc( len + 1 );
+if (result)
+  memcpy( result, str, len + 1);
+
+return result;
+  }
+
+
   void
   Panic( const char*  fmt,
  ... )
@@ -105,5 +124,4 @@
 return -1;
   }
 
-
 /* End */
diff --git a/src/common.h b/src/common.h
index afa5f70..0cf4fea 100644
--- a/src/common.h
+++ b/src/common.h
@@ -1,7 +1,6 @@
 #ifndef COMMON_H_
 #define COMMON_H_
 
-
 #ifdef __cplusplus
   extern "C" {
 #endif
@@ -26,6 +25,14 @@
   utf8_next( const char**  pcursor,
  const char*   end );
 
+  /*
+   * Implement strdup() which is POSIX, but not C89 or even C11, and
+   * Microsoft insists on renaming it _strdup() instead. Platform
+   * auto-detection is complicated, so just provide a re-implementation.
+   */
+  extern char*
+  ft_strdup( const char* name );
+
 #ifdef __cplusplus
   }
 #endif
diff --git a/src/ftbench.c b/src/ftbench.c
index 58a7741..28b3d70 100644
--- a/src/ftbench.c
+++ b/src/ftbench.c
@@ -835,27 +835,27 @@
 
 /* we expect that at least one interpreter version is available */
 if ( num_tt_interpreter_versions == 2 )
-  

Re: new compiler warnings in freetype 2.10.2 32-bit

2020-07-23 Thread Werner LEMBERG
> There seems to be a new warning in 2.10.2 (compared to 2.10.1) when
> compiling for 32-bit: [...]

Fixed in git, thanks.

> Also have had a bunch of strncat related warning (probably gcc 1 specific, or 
> some compiler switch specific) in ft2-demos, for a while:
>
> ===
> inlined from 'RunIns' at src/ttdebug.c:2105:11:
> /usr/include/bits/string_fortified.h:136:10: warning:
> '__builtin___strncat_chk' output may be truncated copying 31 bytes
> from a string of length 31 [-Wstringop-truncation]

(The problematic calls of strncat are in function `Cur_U_Line'.)

Hmm.  The answer to

  
https://stackoverflow.com/questions/50198319/gcc-8-wstringop-truncation-what-is-the-good-practice

recommends to switch off the warning if the code does exactly ...


Werner



new compiler warnings in freetype 2.10.2 32-bit

2020-07-21 Thread Hin-Tak Leung via FreeType development
Hi,

There seems to be a new warning in 2.10.2 (compared to 2.10.1) when compiling 
for 32-bit:

===
freetype-2.10.2/src/sfnt/sfwoff2.c:327:39: warning: passing argument 3 of 
'BrotliDecoderDecompress' from incompatible pointer type 
[-Wincompatible-pointer-types]
  327 |   _size,
  |   ^~
  |   |
  |   FT_ULong * {aka long unsigned int 
*}
===

Also have had a bunch of strncat related warning (probably gcc 10 specific, or 
some compiler switch specific) in ft2-demos, for a while: 

===
inlined from 'RunIns' at src/ttdebug.c:2105:11:
/usr/include/bits/string_fortified.h:136:10: warning: '__builtin___strncat_chk' 
output may be truncated copying 31 bytes from a string of length 31 
[-Wstringop-truncation]
  136 |   return __builtin___strncat_chk (__dest, __src, __len, __bos (__dest));
--
inlined from 'RunIns' at src/ttdebug.c:2105:11:
/usr/include/bits/string_fortified.h:136:10: warning: '__builtin___strncat_chk' 
output may be truncated copying 8 bytes from a string of length 31 
[-Wstringop-truncation]
  136 |   return __builtin___strncat_chk (__dest, __src, __len, __bos (__dest));
--
inlined from 'RunIns' at src/ttdebug.c:2105:11:
/usr/include/bits/string_fortified.h:136:10: warning: '__builtin___strncat_chk' 
output may be truncated copying 8 bytes from a string of length 31 
[-Wstringop-truncation]
  136 |   return __builtin___strncat_chk (__dest, __src, __len, __bos (__dest));
--
inlined from 'RunIns' at src/ttdebug.c:2105:11:
/usr/include/bits/string_fortified.h:136:10: warning: '__builtin___strncat_chk' 
output may be truncated copying 8 bytes from a string of length 31 
[-Wstringop-truncation]
  136 |   return __builtin___strncat_chk (__dest, __src, __len, __bos (__dest));
--
inlined from 'RunIns' at src/ttdebug.c:2105:11:
/usr/include/bits/string_fortified.h:136:10: warning: '__builtin___strncat_chk' 
output may be truncated copying 8 bytes from a string of length 31 
[-Wstringop-truncation]
  136 |   return __builtin___strncat_chk (__dest, __src, __len, __bos (__dest));
--
inlined from 'RunIns' at src/ttdebug.c:2105:11:
/usr/include/bits/string_fortified.h:136:10: warning: '__builtin___strncat_chk' 
output may be truncated copying 8 bytes from a string of length 31 
[-Wstringop-truncation]
  136 |   return __builtin___strncat_chk (__dest, __src, __len, __bos (__dest));
--
inlined from 'RunIns' at src/ttdebug.c:2105:11:
/usr/include/bits/string_fortified.h:136:10: warning: '__builtin___strncat_chk' 
output may be truncated copying 8 bytes from a string of length 31 
[-Wstringop-truncation]
  136 |   return __builtin___strncat_chk (__dest, __src, __len, __bos (__dest));
--
inlined from 'FTDemo_Install_Font' at src/ftcommon.c:534:5:
/usr/include/bits/string_fortified.h:106:10: warning: '__builtin___strncpy_chk' 
specified bound depends on the length of the source argument 
[-Wstringop-overflow=]
  106 |   return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest));
--
===

Argh, that's just one line in ttdebug which generates multiple warnings, plus 
another one in ftcommon.c

I haven't gotten round to look at either, just in case somebody are bothered 
enough to have a look...

Hin-Tak