* [FFmpeg-devel] [PATCH 1/2] avfilter/drawtext: support bitmap (including monochrome) fonts
@ 2025-03-03 2:48 Yogeshwar Velingker via ffmpeg-devel
2025-03-03 2:48 ` [FFmpeg-devel] [PATCH 2/2] avfilter/drawtext: fix memory bugs Yogeshwar Velingker via ffmpeg-devel
2025-03-03 3:37 ` [FFmpeg-devel] [PATCH v2 1/2] avfilter/drawtext: support bitmap (including monochrome) fonts Yogeshwar Velingker via ffmpeg-devel
0 siblings, 2 replies; 3+ messages in thread
From: Yogeshwar Velingker via ffmpeg-devel @ 2025-03-03 2:48 UTC (permalink / raw)
To: ffmpeg-devel; +Cc: Yogeshwar Velingker
Fix segfaults that occur when using a bitmap font. Do not free glyphs on
error in load_glyph - upon detecting a monochrome glyph, the function
would free it while leaving its corresponding node in the glyph tree,
resulting in invalid reads and double frees. Avoid calling
FT_Glyph_To_Bitmap on bitmap glyphs as this returns the same glyph
pointer, which is then stored in the glyph tree resulting in a double
free in uninit.
Also call ff_blend_mask with the appropriate bit depth so that
monochrome (and other pixel format) bitmaps can be drawn.
Signed-off-by: Yogeshwar Velingker <yogi@velingker.com>
---
libavfilter/vf_drawtext.c | 31 +++++++++++++++++--------------
1 file changed, 17 insertions(+), 14 deletions(-)
diff --git a/libavfilter/vf_drawtext.c b/libavfilter/vf_drawtext.c
index e4662f3a45..8bf5a3cd49 100644
--- a/libavfilter/vf_drawtext.c
+++ b/libavfilter/vf_drawtext.c
@@ -794,7 +794,7 @@ static int load_glyph(AVFilterContext *ctx, Glyph **glyph_ptr, uint32_t code, in
}
// Check if a bitmap is needed
- if (shift_x64 >= 0 && shift_y64 >= 0) {
+ if (shift_x64 >= 0 && shift_y64 >= 0 && glyph->glyph->format != FT_GLYPH_FORMAT_BITMAP) {
// Get the bitmap subpixel index (0 -> 15)
int idx = get_subpixel_idx(shift_x64, shift_y64);
shift.x = shift_x64;
@@ -807,11 +807,6 @@ static int load_glyph(AVFilterContext *ctx, Glyph **glyph_ptr, uint32_t code, in
goto error;
}
glyph->bglyph[idx] = (FT_BitmapGlyph)tmp_glyph;
- if (glyph->bglyph[idx]->bitmap.pixel_mode == FT_PIXEL_MODE_MONO) {
- av_log(ctx, AV_LOG_ERROR, "Monocromatic (1bpp) fonts are not supported.\n");
- ret = AVERROR(EINVAL);
- goto error;
- }
}
if (s->borderw && !glyph->border_bglyph[idx]) {
FT_Glyph tmp_glyph = glyph->border_glyph;
@@ -828,11 +823,6 @@ static int load_glyph(AVFilterContext *ctx, Glyph **glyph_ptr, uint32_t code, in
return 0;
error:
- if (glyph && glyph->glyph)
- FT_Done_Glyph(glyph->glyph);
-
- av_freep(&glyph);
- av_freep(&node);
return ret;
}
@@ -1282,7 +1272,7 @@ static int draw_glyphs(DrawTextContext *s, AVFrame *frame,
TextMetrics *metrics,
int x, int y, int borderw)
{
- int g, l, x1, y1, w1, h1, idx;
+ int g, l, x1, y1, w1, h1, idx, l2depth;
int dx = 0, dy = 0, pdx = 0;
GlyphInfo *info;
Glyph dummy = { 0 }, *glyph;
@@ -1324,7 +1314,10 @@ static int draw_glyphs(DrawTextContext *s, AVFrame *frame,
}
idx = get_subpixel_idx(info->shift_x64, info->shift_y64);
- b_glyph = borderw ? glyph->border_bglyph[idx] : glyph->bglyph[idx];
+ if (glyph->glyph->format != FT_GLYPH_FORMAT_BITMAP)
+ b_glyph = borderw ? glyph->border_bglyph[idx] : glyph->bglyph[idx];
+ else
+ b_glyph = (FT_BitmapGlyph)glyph->glyph;
bitmap = b_glyph->bitmap;
x1 = x + info->x + b_glyph->left;
y1 = y + info->y - b_glyph->top + offset_y;
@@ -1357,8 +1350,18 @@ static int draw_glyphs(DrawTextContext *s, AVFrame *frame,
w1 = FFMIN(clip_x - x1, w1 - dx);
h1 = FFMIN(clip_y - y1, h1 - dy);
+ switch (bitmap.pixel_mode) {
+ case FT_PIXEL_MODE_GRAY: l2depth = 3; break;
+ case FT_PIXEL_MODE_MONO: l2depth = 0; break;
+ case FT_PIXEL_MODE_GRAY2: l2depth = 1; break;
+ case FT_PIXEL_MODE_GRAY4: l2depth = 2; break;
+ default:
+ av_log(s, AV_LOG_ERROR, "unsupported pixel format");
+ return AVERROR(EINVAL);
+ }
+
ff_blend_mask(&s->dc, color, frame->data, frame->linesize, clip_x, clip_y,
- bitmap.buffer + pdx, bitmap.pitch, w1, h1, 3, 0, x1, y1);
+ bitmap.buffer + pdx, bitmap.pitch, w1, h1, l2depth, 0, x1, y1);
}
}
--
2.47.2
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
^ permalink raw reply [flat|nested] 3+ messages in thread
* [FFmpeg-devel] [PATCH 2/2] avfilter/drawtext: fix memory bugs
2025-03-03 2:48 [FFmpeg-devel] [PATCH 1/2] avfilter/drawtext: support bitmap (including monochrome) fonts Yogeshwar Velingker via ffmpeg-devel
@ 2025-03-03 2:48 ` Yogeshwar Velingker via ffmpeg-devel
2025-03-03 3:37 ` [FFmpeg-devel] [PATCH v2 1/2] avfilter/drawtext: support bitmap (including monochrome) fonts Yogeshwar Velingker via ffmpeg-devel
1 sibling, 0 replies; 3+ messages in thread
From: Yogeshwar Velingker via ffmpeg-devel @ 2025-03-03 2:48 UTC (permalink / raw)
To: ffmpeg-devel; +Cc: Yogeshwar Velingker
Check for malloc failures, and fix error paths that leak memory.
Signed-off-by: Yogeshwar Velingker <yogi@velingker.com>
---
libavfilter/vf_drawtext.c | 47 +++++++++++++++++++++++++--------------
1 file changed, 30 insertions(+), 17 deletions(-)
diff --git a/libavfilter/vf_drawtext.c b/libavfilter/vf_drawtext.c
index 8bf5a3cd49..62aeb272f3 100644
--- a/libavfilter/vf_drawtext.c
+++ b/libavfilter/vf_drawtext.c
@@ -1447,7 +1447,16 @@ continue_on_failed:
s->line_count = line_count;
s->lines = av_mallocz(line_count * sizeof(TextLine));
+ if (!s->lines) {
+ ret = AVERROR(ENOMEM);
+ goto done;
+ }
+
s->tab_clusters = av_mallocz(s->tab_count * sizeof(uint32_t));
+ if (!s->tab_clusters) {
+ ret = AVERROR(ENOMEM);
+ goto done;
+ }
for (i = 0; i < s->tab_count; ++i) {
s->tab_clusters[i] = -1;
}
@@ -1732,6 +1741,10 @@ static int draw_text(AVFilterContext *ctx, AVFrame *frame)
TextLine *line = &s->lines[l];
HarfbuzzData *hb = &line->hb_data;
line->glyphs = av_mallocz(hb->glyph_count * sizeof(GlyphInfo));
+ if (!line->glyphs) {
+ ret = AVERROR(ENOMEM);
+ goto done;
+ }
for (int t = 0; t < hb->glyph_count; ++t) {
GlyphInfo *g_info = &line->glyphs[t];
@@ -1747,9 +1760,9 @@ static int draw_text(AVFilterContext *ctx, AVFrame *frame)
shift_y64 = ((4 - (((y64 + true_y) >> 4) & 0b0011)) & 0b0011) << 4;
ret = load_glyph(ctx, &glyph, hb->glyph_info[t].codepoint, shift_x64, shift_y64);
- if (ret != 0) {
- return ret;
- }
+ if (ret != 0)
+ goto done;
+
g_info->code = hb->glyph_info[t].codepoint;
g_info->x = (x64 + true_x) >> 6;
g_info->y = ((y64 + true_y) >> 6) + (shift_y64 > 0 ? 1 : 0);
@@ -1809,31 +1822,31 @@ static int draw_text(AVFilterContext *ctx, AVFrame *frame)
if (s->shadowx || s->shadowy) {
if ((ret = draw_glyphs(s, frame, &shadowcolor, &metrics,
- s->shadowx, s->shadowy, s->borderw)) < 0) {
- return ret;
- }
+ s->shadowx, s->shadowy, s->borderw)) < 0)
+ goto done;
}
if (s->borderw) {
if ((ret = draw_glyphs(s, frame, &bordercolor, &metrics,
- 0, 0, s->borderw)) < 0) {
- return ret;
- }
+ 0, 0, s->borderw)) < 0)
+ goto done;
}
if ((ret = draw_glyphs(s, frame, &fontcolor, &metrics, 0,
- 0, 0)) < 0) {
- return ret;
- }
+ 0, 0)) < 0)
+ goto done;
}
+done:
// FREE data structures
- for (int l = 0; l < s->line_count; ++l) {
- TextLine *line = &s->lines[l];
- av_freep(&line->glyphs);
- hb_destroy(&line->hb_data);
+ if (s->lines) {
+ for (int l = 0; l < s->line_count; ++l) {
+ TextLine *line = &s->lines[l];
+ av_freep(&line->glyphs);
+ hb_destroy(&line->hb_data);
+ }
+ av_freep(&s->lines);
}
- av_freep(&s->lines);
av_freep(&s->tab_clusters);
return 0;
--
2.47.2
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
^ permalink raw reply [flat|nested] 3+ messages in thread
* [FFmpeg-devel] [PATCH v2 1/2] avfilter/drawtext: support bitmap (including monochrome) fonts
2025-03-03 2:48 [FFmpeg-devel] [PATCH 1/2] avfilter/drawtext: support bitmap (including monochrome) fonts Yogeshwar Velingker via ffmpeg-devel
2025-03-03 2:48 ` [FFmpeg-devel] [PATCH 2/2] avfilter/drawtext: fix memory bugs Yogeshwar Velingker via ffmpeg-devel
@ 2025-03-03 3:37 ` Yogeshwar Velingker via ffmpeg-devel
1 sibling, 0 replies; 3+ messages in thread
From: Yogeshwar Velingker via ffmpeg-devel @ 2025-03-03 3:37 UTC (permalink / raw)
To: ffmpeg-devel; +Cc: Yogeshwar Velingker
Fix segfaults that occur when using a bitmap font. Do not free glyphs on
error in load_glyph - upon detecting a monochrome glyph, the function
would free it while leaving its corresponding node in the glyph tree,
resulting in invalid reads and double frees. Avoid calling
FT_Glyph_To_Bitmap on bitmap glyphs as this returns the same glyph
pointer, which is then stored in the glyph tree resulting in a double
free in uninit.
Also call ff_blend_mask with the appropriate bit depth so that
monochrome (and other pixel format) bitmaps can be drawn.
Signed-off-by: Yogeshwar Velingker <yogi@velingker.com>
---
libavfilter/vf_drawtext.c | 31 +++++++++++++++++--------------
1 file changed, 17 insertions(+), 14 deletions(-)
diff --git a/libavfilter/vf_drawtext.c b/libavfilter/vf_drawtext.c
index e4662f3a45..5e7e030211 100644
--- a/libavfilter/vf_drawtext.c
+++ b/libavfilter/vf_drawtext.c
@@ -794,7 +794,7 @@ static int load_glyph(AVFilterContext *ctx, Glyph **glyph_ptr, uint32_t code, in
}
// Check if a bitmap is needed
- if (shift_x64 >= 0 && shift_y64 >= 0) {
+ if (shift_x64 >= 0 && shift_y64 >= 0 && glyph->glyph->format != FT_GLYPH_FORMAT_BITMAP) {
// Get the bitmap subpixel index (0 -> 15)
int idx = get_subpixel_idx(shift_x64, shift_y64);
shift.x = shift_x64;
@@ -807,11 +807,6 @@ static int load_glyph(AVFilterContext *ctx, Glyph **glyph_ptr, uint32_t code, in
goto error;
}
glyph->bglyph[idx] = (FT_BitmapGlyph)tmp_glyph;
- if (glyph->bglyph[idx]->bitmap.pixel_mode == FT_PIXEL_MODE_MONO) {
- av_log(ctx, AV_LOG_ERROR, "Monocromatic (1bpp) fonts are not supported.\n");
- ret = AVERROR(EINVAL);
- goto error;
- }
}
if (s->borderw && !glyph->border_bglyph[idx]) {
FT_Glyph tmp_glyph = glyph->border_glyph;
@@ -828,11 +823,6 @@ static int load_glyph(AVFilterContext *ctx, Glyph **glyph_ptr, uint32_t code, in
return 0;
error:
- if (glyph && glyph->glyph)
- FT_Done_Glyph(glyph->glyph);
-
- av_freep(&glyph);
- av_freep(&node);
return ret;
}
@@ -1282,7 +1272,7 @@ static int draw_glyphs(DrawTextContext *s, AVFrame *frame,
TextMetrics *metrics,
int x, int y, int borderw)
{
- int g, l, x1, y1, w1, h1, idx;
+ int g, l, x1, y1, w1, h1, idx, l2depth;
int dx = 0, dy = 0, pdx = 0;
GlyphInfo *info;
Glyph dummy = { 0 }, *glyph;
@@ -1324,7 +1314,10 @@ static int draw_glyphs(DrawTextContext *s, AVFrame *frame,
}
idx = get_subpixel_idx(info->shift_x64, info->shift_y64);
- b_glyph = borderw ? glyph->border_bglyph[idx] : glyph->bglyph[idx];
+ if (glyph->glyph->format != FT_GLYPH_FORMAT_BITMAP)
+ b_glyph = borderw ? glyph->border_bglyph[idx] : glyph->bglyph[idx];
+ else
+ b_glyph = (FT_BitmapGlyph)glyph->glyph;
bitmap = b_glyph->bitmap;
x1 = x + info->x + b_glyph->left;
y1 = y + info->y - b_glyph->top + offset_y;
@@ -1357,8 +1350,18 @@ static int draw_glyphs(DrawTextContext *s, AVFrame *frame,
w1 = FFMIN(clip_x - x1, w1 - dx);
h1 = FFMIN(clip_y - y1, h1 - dy);
+ switch (bitmap.pixel_mode) {
+ case FT_PIXEL_MODE_GRAY: l2depth = 3; break;
+ case FT_PIXEL_MODE_MONO: l2depth = 0; break;
+ case FT_PIXEL_MODE_GRAY2: l2depth = 1; break;
+ case FT_PIXEL_MODE_GRAY4: l2depth = 2; break;
+ default:
+ av_log(s, AV_LOG_ERROR, "unsupported pixel format\n");
+ return AVERROR(EINVAL);
+ }
+
ff_blend_mask(&s->dc, color, frame->data, frame->linesize, clip_x, clip_y,
- bitmap.buffer + pdx, bitmap.pitch, w1, h1, 3, 0, x1, y1);
+ bitmap.buffer + pdx, bitmap.pitch, w1, h1, l2depth, 0, x1, y1);
}
}
--
2.47.2
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-request@ffmpeg.org with subject "unsubscribe".
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2025-03-03 3:38 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2025-03-03 2:48 [FFmpeg-devel] [PATCH 1/2] avfilter/drawtext: support bitmap (including monochrome) fonts Yogeshwar Velingker via ffmpeg-devel
2025-03-03 2:48 ` [FFmpeg-devel] [PATCH 2/2] avfilter/drawtext: fix memory bugs Yogeshwar Velingker via ffmpeg-devel
2025-03-03 3:37 ` [FFmpeg-devel] [PATCH v2 1/2] avfilter/drawtext: support bitmap (including monochrome) fonts Yogeshwar Velingker via ffmpeg-devel
Git Inbox Mirror of the ffmpeg-devel mailing list - see https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
This inbox may be cloned and mirrored by anyone:
git clone --mirror https://master.gitmailbox.com/ffmpegdev/0 ffmpegdev/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 ffmpegdev ffmpegdev/ https://master.gitmailbox.com/ffmpegdev \
ffmpegdev@gitmailbox.com
public-inbox-index ffmpegdev
Example config snippet for mirrors.
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git