freetype-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [ft-devel] Fwd: Issue 977845 in chromium: pdf_font_fuzzer: Integer-o


From: armin
Subject: Re: [ft-devel] Fwd: Issue 977845 in chromium: pdf_font_fuzzer: Integer-overflow in compute_glyph_metrics
Date: Wed, 7 Aug 2019 21:59:58 +0100

> Thanks for looking into it. FWIW, my commit merely re-enabled an older
code
> path.

NW we've already fixed a lot of those that came up in our own fuzzers :) ...
it's actually harmless but a side product of fuzzers throwing super random
input at apps.  Some overflow when facing gigantic glyphs but no one who's
truly interested in rendered results would ever use FreeType with such
inputs.  The idea is to keep the overflow as it is, but have it done in
`unsigned' world where it is actually "defined" behaviour (resulting in the
same value most likely tho).

I left a comment at
https://bugs.chromium.org/p/chromium/issues/detail?id=977845#c7 which would
help me figure out the exact line of peril much more quickly :)

Armin




reply via email to

[Prev in Thread] Current Thread [Next in Thread]