commit 2a3be4b384b9 Author: Jonathan Kew Date: Mon Sep 26 18:05:14 2016 +0100 Bug 757366 - Don't cast pointers to 'name'-table data to uint16_t*, as they may not be 16-bit-aligned. r=jrmuizel --- gfx/thebes/gfxFontUtils.cpp | 26 ++++++++++++++------------ 1 file changed, 14 insertions(+), 12 deletions(-) diff --git gfx/thebes/gfxFontUtils.cpp gfx/thebes/gfxFontUtils.cpp index 526e17d..cb505e8 100644 --- mozilla/gfx/thebes/gfxFontUtils.cpp +++ mozilla/gfx/thebes/gfxFontUtils.cpp @@ -918,16 +918,18 @@ IsValidSFNTVersion(uint32_t version) version == TRUETYPE_TAG('t','r','u','e'); } -// copy and swap UTF-16 values, assume no surrogate pairs, can be in place +// Copy and swap UTF-16 values, assume no surrogate pairs, can be in place. +// aInBuf and aOutBuf are NOT necessarily 16-bit-aligned, so we should avoid +// accessing them directly as uint16_t* values. +// aLen is count of UTF-16 values, so the byte buffers are twice that. static void -CopySwapUTF16(const uint16_t *aInBuf, uint16_t *aOutBuf, uint32_t aLen) +CopySwapUTF16(const char* aInBuf, char* aOutBuf, uint32_t aLen) { - const uint16_t *end = aInBuf + aLen; + const char* end = aInBuf + aLen * 2; while (aInBuf < end) { - uint16_t value = *aInBuf; - *aOutBuf = (value >> 8) | (value & 0xff) << 8; - aOutBuf++; - aInBuf++; + uint8_t b0 = *aInBuf++; + *aOutBuf++ = *aInBuf++; + *aOutBuf++ = b0; } } @@ -1446,13 +1448,13 @@ gfxFontUtils::DecodeFontName(const char *aNameData, int32_t aByteLen, if (csName[0] == 0) { // empty charset name: data is utf16be, no need to instantiate a converter uint32_t strLen = aByteLen / 2; -#ifdef IS_LITTLE_ENDIAN aName.SetLength(strLen); - CopySwapUTF16(reinterpret_cast(aNameData), - reinterpret_cast(aName.BeginWriting()), strLen); +#ifdef IS_LITTLE_ENDIAN + CopySwapUTF16(aNameData, reinterpret_cast(aName.BeginWriting()), + strLen); #else - aName.Assign(reinterpret_cast(aNameData), strLen); -#endif + memcpy(aName.BeginWriting(), aNameData, strLen * 2); +#endif return true; }