From 74ddd33097d8fe19b7f53133b656302593abeb2b Mon Sep 17 00:00:00 2001 From: Keegan McAllister Date: Tue, 12 May 2015 21:00:36 -0700 Subject: [PATCH] Sanitise web fonts Fixes #3030. --- components/gfx/Cargo.toml | 3 +++ components/gfx/font_cache_task.rs | 17 +++++++++++++---- components/gfx/lib.rs | 1 + components/servo/Cargo.lock | 15 +++++++++++++-- ports/cef/Cargo.lock | 15 +++++++++++++-- ports/gonk/Cargo.lock | 15 +++++++++++++-- 6 files changed, 56 insertions(+), 10 deletions(-) diff --git a/components/gfx/Cargo.toml b/components/gfx/Cargo.toml index a8551de5965a..8f6c59f9e5a6 100644 --- a/components/gfx/Cargo.toml +++ b/components/gfx/Cargo.toml @@ -68,6 +68,9 @@ path = "../script_traits" [dependencies.string_cache] git = "https://github.com/servo/string-cache" +[dependencies.fontsan] +git = "https://github.com/servo/fontsan" + [dependencies] url = "0.2.16" time = "0.1.12" diff --git a/components/gfx/font_cache_task.rs b/components/gfx/font_cache_task.rs index 5732e6a79cf9..dcc99fcf7cf6 100644 --- a/components/gfx/font_cache_task.rs +++ b/components/gfx/font_cache_task.rs @@ -19,6 +19,7 @@ use string_cache::Atom; use style::font_face::Source; use util::str::LowercaseString; use util::task::spawn_named; +use fontsan; /// A list of font templates that make up a given font family. struct FontFamily { @@ -138,12 +139,20 @@ impl FontCache { let url = &url_source.url; let maybe_resource = load_whole_resource(&self.resource_task, url.clone()); match maybe_resource { - Ok((_, bytes)) => { - let family = &mut self.web_families.get_mut(&family_name).unwrap(); - family.add_template(&url.to_string(), Some(bytes)); + Ok((_, bytes)) => match fontsan::process(&bytes) { + Ok(san) => { + let family = &mut self.web_families.get_mut(&family_name).unwrap(); + family.add_template(&url.to_string(), Some(san)); + } + Err(_) => { + // FIXME(servo/fontsan#1): get an error message + debug!("Sanitiser rejected web font: \ + family={:?} url={}", family_name, url); + } }, Err(_) => { - debug!("Failed to load web font: family={:?} url={}", family_name, url); + debug!("Failed to load web font: \ + family={:?} url={}", family_name, url); } } } diff --git a/components/gfx/lib.rs b/components/gfx/lib.rs index 52d5a705de88..31c4bc7896fa 100644 --- a/components/gfx/lib.rs +++ b/components/gfx/lib.rs @@ -36,6 +36,7 @@ extern crate style; extern crate skia; extern crate time; extern crate url; +extern crate fontsan; // Eventually we would like the shaper to be pluggable, as many operating systems have their own // shapers. For now, however, this is a hard dependency. diff --git a/components/servo/Cargo.lock b/components/servo/Cargo.lock index 4a30f09896f2..272b9758fb1d 100644 --- a/components/servo/Cargo.lock +++ b/components/servo/Cargo.lock @@ -286,7 +286,7 @@ version = "0.2.7" source = "registry+https://github.com/rust-lang/crates.io-index" dependencies = [ "libc 0.1.6 (registry+https://github.com/rust-lang/crates.io-index)", - "miniz-sys 0.1.4 (registry+https://github.com/rust-lang/crates.io-index)", + "miniz-sys 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)", ] [[package]] @@ -312,6 +312,16 @@ dependencies = [ "freetype-sys 2.4.11 (git+https://github.com/servo/libfreetype2)", ] +[[package]] +name = "fontsan" +version = "0.1.0" +source = "git+https://github.com/servo/fontsan#7915f5beb7b00ef987ee5adc93c06184beff579b" +dependencies = [ + "gcc 0.3.4 (registry+https://github.com/rust-lang/crates.io-index)", + "libc 0.1.6 (registry+https://github.com/rust-lang/crates.io-index)", + "miniz-sys 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)", +] + [[package]] name = "freetype" version = "0.1.0" @@ -359,6 +369,7 @@ dependencies = [ "core_graphics 0.1.0 (git+https://github.com/servo/rust-core-graphics)", "core_text 0.1.0 (git+https://github.com/servo/rust-core-text)", "fontconfig 0.1.0 (git+https://github.com/servo/rust-fontconfig)", + "fontsan 0.1.0 (git+https://github.com/servo/fontsan)", "freetype 0.1.0 (git+https://github.com/servo/rust-freetype)", "geom 0.1.0 (git+https://github.com/servo/rust-geom)", "harfbuzz 0.1.0 (git+https://github.com/servo/rust-harfbuzz)", @@ -741,7 +752,7 @@ dependencies = [ [[package]] name = "miniz-sys" -version = "0.1.4" +version = "0.1.5" source = "registry+https://github.com/rust-lang/crates.io-index" dependencies = [ "gcc 0.3.4 (registry+https://github.com/rust-lang/crates.io-index)", diff --git a/ports/cef/Cargo.lock b/ports/cef/Cargo.lock index b60f3b5434d8..66561e0a9d22 100644 --- a/ports/cef/Cargo.lock +++ b/ports/cef/Cargo.lock @@ -295,7 +295,7 @@ version = "0.2.7" source = "registry+https://github.com/rust-lang/crates.io-index" dependencies = [ "libc 0.1.6 (registry+https://github.com/rust-lang/crates.io-index)", - "miniz-sys 0.1.4 (registry+https://github.com/rust-lang/crates.io-index)", + "miniz-sys 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)", ] [[package]] @@ -321,6 +321,16 @@ dependencies = [ "freetype-sys 2.4.11 (git+https://github.com/servo/libfreetype2)", ] +[[package]] +name = "fontsan" +version = "0.1.0" +source = "git+https://github.com/servo/fontsan#7915f5beb7b00ef987ee5adc93c06184beff579b" +dependencies = [ + "gcc 0.3.4 (registry+https://github.com/rust-lang/crates.io-index)", + "libc 0.1.6 (registry+https://github.com/rust-lang/crates.io-index)", + "miniz-sys 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)", +] + [[package]] name = "freetype" version = "0.1.0" @@ -368,6 +378,7 @@ dependencies = [ "core_graphics 0.1.0 (git+https://github.com/servo/rust-core-graphics)", "core_text 0.1.0 (git+https://github.com/servo/rust-core-text)", "fontconfig 0.1.0 (git+https://github.com/servo/rust-fontconfig)", + "fontsan 0.1.0 (git+https://github.com/servo/fontsan)", "freetype 0.1.0 (git+https://github.com/servo/rust-freetype)", "geom 0.1.0 (git+https://github.com/servo/rust-geom)", "harfbuzz 0.1.0 (git+https://github.com/servo/rust-harfbuzz)", @@ -743,7 +754,7 @@ dependencies = [ [[package]] name = "miniz-sys" -version = "0.1.4" +version = "0.1.5" source = "registry+https://github.com/rust-lang/crates.io-index" dependencies = [ "gcc 0.3.4 (registry+https://github.com/rust-lang/crates.io-index)", diff --git a/ports/gonk/Cargo.lock b/ports/gonk/Cargo.lock index 1f94f0d944ae..82c9d9d99139 100644 --- a/ports/gonk/Cargo.lock +++ b/ports/gonk/Cargo.lock @@ -282,7 +282,7 @@ version = "0.2.7" source = "registry+https://github.com/rust-lang/crates.io-index" dependencies = [ "libc 0.1.6 (registry+https://github.com/rust-lang/crates.io-index)", - "miniz-sys 0.1.4 (registry+https://github.com/rust-lang/crates.io-index)", + "miniz-sys 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)", ] [[package]] @@ -308,6 +308,16 @@ dependencies = [ "freetype-sys 2.4.11 (git+https://github.com/servo/libfreetype2)", ] +[[package]] +name = "fontsan" +version = "0.1.0" +source = "git+https://github.com/servo/fontsan#7915f5beb7b00ef987ee5adc93c06184beff579b" +dependencies = [ + "gcc 0.3.4 (registry+https://github.com/rust-lang/crates.io-index)", + "libc 0.1.6 (registry+https://github.com/rust-lang/crates.io-index)", + "miniz-sys 0.1.5 (registry+https://github.com/rust-lang/crates.io-index)", +] + [[package]] name = "freetype" version = "0.1.0" @@ -347,6 +357,7 @@ dependencies = [ "core_graphics 0.1.0 (git+https://github.com/servo/rust-core-graphics)", "core_text 0.1.0 (git+https://github.com/servo/rust-core-text)", "fontconfig 0.1.0 (git+https://github.com/servo/rust-fontconfig)", + "fontsan 0.1.0 (git+https://github.com/servo/fontsan)", "freetype 0.1.0 (git+https://github.com/servo/rust-freetype)", "geom 0.1.0 (git+https://github.com/servo/rust-geom)", "harfbuzz 0.1.0 (git+https://github.com/servo/rust-harfbuzz)", @@ -633,7 +644,7 @@ dependencies = [ [[package]] name = "miniz-sys" -version = "0.1.4" +version = "0.1.5" source = "registry+https://github.com/rust-lang/crates.io-index" dependencies = [ "gcc 0.3.4 (registry+https://github.com/rust-lang/crates.io-index)",