2.1 KiB
Prerequisites
You can use your Ubuntu box (>= 8.04. 9.10 is recommended) to test OTS library.
First, install TrueType and OpenType fonts to the Ubuntu box as many as possible.
% sudo apt-get install ttf-.*[^0]$
Then, put malicious TrueType fonts on ~/malicious/. For details, please check
http://code.google.com/p/chromium/issues/detail?id=27139#c2. Currently access
to the issue is limited to chromium-security team members for security reasons.
% cd
% tar xjf ~/ttf-testsuite.tar.bz2
Test
In order to verify that:
- OTS does not reject these unmalicious fonts.
- and transcoded fonts OTS generates can be loaded by a system font renderer (FreeType2).
Run test_unmalicious_fonts.sh script:
% cd /path/to/ots/tests
% ./test_unmalicious_fonts.sh
............................................... (verify that no FAIL: is displayed)
Then in order to verify that:
- OTS can reject malicious fonts
- or transcoded fonts generated by OTS do not crash a system font renderer (FreeType2).
Run test_malicious_fonts.sh script:
% cd /path/to/ots/tests
% ./test_malicious_fonts.sh
............................................... (verify that no FAIL: is displayed)
Command line tools
We have some command line tools for tests. To build them:
-
On Linux:
% gyp --depth=. -f make ots-standalone.gyp % make (tool is located at build/Default directory) -
On Windows (VC++ is needed):
% gyp --depth=. -f msvs ots-standalone.gyp % devenv.exe /build Default ots-standalone.sln /project idempotent.vcproj (tool is located at Default directory) -
On Mac (XCode is needed):
% gyp --depth=. -f xcode ots-standalone.gyp % xcodebuild -configuration Default -project ots-standalone.xcodeproj -target All (tool is located at build/Default directory)
You can use idempotent tool to check whether a font will be rejected or not.
You can also use ot-sanitise tool to get sanitised font (it is available on
Linux for now). See README file in the test directory for more details.