On 2017.06.05 at 05:56 +0200, Werner LEMBERG wrote: > > >> Ditto for bytecode. Checking every addition, subtraction or > >> multiplication for overflow is something I want to avoid, > > > > Of course, I am only suggesting rejecting input with unreasonably > > large coordinates or metric values. > > This would be ideal, yes, but I don't see how you can do that. For > example, it makes sense to reject, say, PCF properties that exceed the > value 0x7FFF (I added such tests recently). Similar things can be > done for other format too. However, the majority of input data in > most formats are deltas, and here you would have to check after every > addition, subtraction, or multiplication whether you get something > `unreasonable'.
BTW are you aware of gcc's and clang's built-in functions that perform arithmetic with overflow checking? Maybe they could help. https://gcc.gnu.org/onlinedocs/gcc/Integer-Overflow-Builtins.html -- Markus _______________________________________________ Freetype-devel mailing list [email protected] https://lists.nongnu.org/mailman/listinfo/freetype-devel
