Hi Behdad, Thank you so much for your prompt response :)
On Thu, Sep 8, 2011 at 1:43 PM, Behdad Esfahbod <[email protected]> wrote: > Thanks Kenichi, > > The patch looks good. Pushed to master. > > behdad > > On 09/08/11 00:11, Kenichi Ishibashi wrote: > > Hi, > > > > We found that there is an opportunity of out-of-bound read access in old > harfbuzz. > > > > src/harfbuzz-tibetan.c contains tibetanForm table. It looks the table is > > supposed to be referenced in the character range U+0F40-U+0FC0, but > > tibetan_nextSyllableBoundary() could refer the table with characters > whose > > codepoint is out of the range (e.g. U+0F21). Since OOB access could be a > > security issue, we'd like to fix the problem. > > > > Attached a workaround to avoid this problem. I'd appreciate if you could > take > > a look at it. > > > > Thanks, > > > > > > > > _______________________________________________ > > HarfBuzz mailing list > > [email protected] > > http://lists.freedesktop.org/mailman/listinfo/harfbuzz >
_______________________________________________ HarfBuzz mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/harfbuzz
