Folks,
has anyone more information on the recent exploit for the iPhone, reportedly caused by a problem within FreeType's `t1_decoder_parse_charstrings'? Extracting the buggy font from http://www.jailbreakme.com/saffron/_/iPod_4.3.3_8J2.pdf and testing the current ftview (from the git repository, but rather the same as with version 2.4.5) with valgrind on my GNU/Linux box, I get a bunch of Conditional jump or move depends on uninitialised value(s) but nothing else (and I'll fix these problems in due course). I must admit that I'm rather poor at understanding such exploits, but AFAIK, a conditional jump can't be abused for executing arbitrary code, right? Please correct me if I'm wrong. Werner _______________________________________________ Freetype-devel mailing list Freetype-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/freetype-devel