Follow-up Comment #10, bug #67978 (group groff): [comment #6 comment #6:] > I wouldn't delay the 1.24.0 release for this,
[https://lists.gnu.org/archive/html/groff/2026-01/msg00150.html Collin Funk has taken a contrary position.] I'm working on this problem in a private branch while I wait for a consensus to form. I did want to note one point: > * Complete handling of such inputs would take several weeks. When I did input > fuzzing on the 'xgettext' program, it took me two weeks to fix the various > findings. And for groff, Ingo Schwarze estimates it to be "at least a month > of full-time work", see > https://lists.nongnu.org/archive/html/groff/2019-12/msg00078.html "Complete handling of such inputs" is _not_ within the scope of this ticket, unless you want to lobby for it to become thus. This is a known SEGV. We can fix it without claiming or implying that we have fixed all possible SEGVs in GNU _troff_, be they arisen from failed input validation or otherwise. (I wavered in my subjunctive construction there. I was tempted to say, "arise they from failed input validation", but became uncomfortable because while the subjunctive mood normally employs the infinitive, I seldom see it with verbs other than "to be". So I wussed out and went with a passive subjunctive, with bothers me for style reasons.) _______________________________________________________ Reply to this item at: <https://savannah.gnu.org/bugs/?67978> _______________________________________________ Message sent via Savannah https://savannah.gnu.org/
signature.asc
Description: PGP signature
