On Jun 4, 2017, at 16:32, Werner LEMBERG <[email protected]> wrote: >>> Yes and yes. They are ugly, and I wonder whether I should drop the >>> `OVERFLOW_' part of its names to get `SUB_LONG', `ADD_INT32', etc. >> >> Please drop OVERFLOW. > > OK. > >> I see them as a red flag to rethink the code. > > I disagree, at least partially, since... > >> The add and sub overflows should not be happening on 32 bits because >> we limit ourselves to 1Gb bitmaps aka 32768x32768. Even at 1/256 >> pixel resolution there is plenty of space to avoid overflows. > > this means that malformed fonts can > create arbitrarily large values very easily. Ditto for bytecode. > Checking every addition, subtraction or multiplication for overflow is > something I want to avoid,
Of course, I am only suggesting rejecting input with unreasonably large coordinates or metric values. _______________________________________________ Freetype-devel mailing list [email protected] https://lists.nongnu.org/mailman/listinfo/freetype-devel
