[
https://issues.apache.org/jira/browse/PDFBOX-4670?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Daniel Gredler updated PDFBOX-4670:
-----------------------------------
Summary: ArrayIndexOutOfBoundsException thrown parsing malformed TTF files
(was: ArrayIndexOutOfBoundsExceptions thrown parsing malformed TTF files)
> ArrayIndexOutOfBoundsException thrown parsing malformed TTF files
> -----------------------------------------------------------------
>
> Key: PDFBOX-4670
> URL: https://issues.apache.org/jira/browse/PDFBOX-4670
> Project: PDFBox
> Issue Type: Bug
> Components: FontBox
> Affects Versions: 2.0.17
> Reporter: Daniel Gredler
> Priority: Minor
> Attachments: fontbox-fuzzing.diff, fuzz-failures.zip
>
>
> I ran some fuzz tests on {{TTFParser}} in order to check the behavior of
> FontBox with respect to untrusted TTF files. In general the results seem good
> (e.g. no {{OutOfMemoryError}}), but there are a few instances of
> {{ArrayIndexOutOfBoundsException}} being thrown.
> I've attached a zip file containing the findings (one .trace file and one
> .ttf file per error), as well as a patch containing the fuzzer used to find
> these issues. It uses the TTF files in the {{src/test/resources/ttf}}
> directory, mutates them randomly, and then tries to parse them. Details of
> any unexpected exceptions are saved to the {{target/fuzz-failures}}
> directory. I ran 100k tests against each file (takes 5 to 10 minutes), but
> the run size is customizable.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
