| -----Original Message-----
| From: Tom [mailto:[EMAIL PROTECTED]]
| Sent: Monday, June 10, 2002 4:20 AM
| To: [EMAIL PROTECTED]
| Subject: remote DoS in Mozilla 1.0
|
[...]
|
| Vendor Contact
| ==============
[...]
| also filed with the XFree86 team, no reaction so far
|
|
There is chatter but the same type of question regarding "at what point [is]
a request for a font ... clearly invalid" is being asked.
---------- Forwarded message ----------
Date: Thu, 13 Jun 2002 09:46:56 +0100
From: Juliusz Chroboczek <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Re: [Xpert]abort() in libXfont 4.2.0 (was FW: remote DoS in
Mozilla 1.0)
From: Juliusz Chroboczek <[EMAIL PROTECTED]>
Subject: Re: [bugtraq] remote DoS in Mozilla 1.0
To: [EMAIL PROTECTED]
Date: 12 Jun 2002 08:51:49 +0100
MH> Interesting problem reported on bugtraq:
MH> <http://online.securityfocus.com/archive/1/276120>
I see. Two bugs here.
One is the dodgy error-handling in the Type 1 backend, which gives up
by calling abort() (see the very end of curves.c). I agree that this
is a bug; however, as I'm hoping to phase out the current Type 1
backend in favour of one based on FreeType 2 in time for 4.3.0, I do
not intend to fix it.
The other problem is that we do not fail a priori requests for very
large fonts. I do agree that this should be done, and I think it
should be done at the common layer (above the font backends); could
anyone suggest at what point a request for a font is clearly invalid?
Juliusz
_______________________________________________
Xpert mailing list
[EMAIL PROTECTED]
http://XFree86.Org/mailman/listinfo/xpert
