A valid concern. However, this will definitely not happen – how will
you specify four or even more C function pointers within an
environment variable? [...]
I am not sure if what I am going to say is correct or not. Please correct
me if I get this wrong.
I think what Behdad means is this:
The whole environment variable thing is a string, so a sequence of bytes.
If I set FREETYPE_PROPERTIES to `ot-svg:svg_hooks=asdjkfsjlfdk',
In `ft_svg_property_set', `value' will have the address of letter `a' and thus,
when the types are cast to hooks, weird address will be set and when
the `ot-svg' module calls my hooks, things will crash. I am no expert in
security, but I think this could be a security concern too?