> I'm not sure what exactly points of discussion are, but in HarfBuzz
> we do purposefully ignore position overflows. We use a macro like
> this for that:
>
> #define HB_NO_SANITIZE_SIGNED_INTEGER_OVERFLOW
> __attribute__((no_sanitize("signed-integer-overflow")))
>
> If you want to copy the mac
> @Werner: should I apply it?
Yes, please.
Werner
___
Freetype-devel mailing list
Freetype-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/freetype-devel
I'm not sure what exactly points of discussion are, but in HarfBuzz we do
purposefully ignore position overflows. We use a macro like this for that:
#define HB_NO_SANITIZE_SIGNED_INTEGER_OVERFLOW
__attribute__((no_sanitize("signed-integer-overflow")))
If you want to copy the macro, please copy i
>> Whether with -wrapv or with the unsigned macros, we simply disable
>> some compiler optimizations, perhaps some good optimizations too.
>
> Most certainly, yes. But there are a lot more things that slow down the
> potential performance of FreeType -- C in itself is a trade-off between
> mainta
> Whether with -wrapv or with the unsigned macros, we simply disable some
> compiler optimizations, perhaps some good optimizations too.
Most certainly, yes. But there are a lot more things that slow down the
potential performance of FreeType -- C in itself is a trade-off between
maintainabilit
On Sat, Aug 10, 2019 at 7:32 PM Nikolaus Waxweiler
wrote:
>
> > Undefined does not mean scary.
>
> Actually yes. Have you read e.g.
> http://blog.llvm.org/2011/05/what-every-c-programmer-should-know_14.html?
>
Whether with -wrapv or with the unsigned macros, we simply disable some
compiler optim
Undefined does not mean scary.
Actually yes. Have you read e.g.
http://blog.llvm.org/2011/05/what-every-c-programmer-should-know_14.html?
Why do we even care?
The burden is actually on the compiler to not do anything crazy or
face consequences from users and public. For some reason the b
> This, sadly, brings us back to the current way of dealing with these things;
> adding ugly macros that transfer these operations from UB space into defined
> C space ... Not saying I'm happy with that but I believe this is the
> cleanest solution in the big picture right now.
Undefined doe
>> .. and undo those macros?
>
> Well, if you then can? Signed integer overflow being undefined strikes me as a
> severe deficiency in the C language. This of course makes -wrapv a compiler
> level workaround, which may not be available to every compiler FreeType wants
> to support. Hm.
It's one o
>
> .. and undo those macros?
>
Well, if you then can? Signed integer overflow being undefined strikes me
as a severe deficiency in the C language. This of course makes -wrapv a
compiler level workaround, which may not be available to every compiler
FreeType wants to support. Hm.
>
__
On Fri, Aug 9, 2019 at 2:38 PM Nikolaus Waxweiler wrote:
>
> This makes me wonder if maybe FreeType should be compiled with -wrapv
> by default?
.. and undo those macros? These warnings are OCD in its ugliest. It is
fleetingly rare when they reveal real bugs. We silence them but pay
dearly with c
This makes me wonder if maybe FreeType should be compiled with -wrapv
by default?
___
Freetype-devel mailing list
Freetype-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/freetype-devel
> Thanks for looking into it. FWIW, my commit merely re-enabled an older
code
> path.
NW we've already fixed a lot of those that came up in our own fuzzers :) ...
it's actually harmless but a side product of fuzzers throwing super random
input at apps. Some overflow when facing gigantic glyphs bu
Thanks for looking into it. FWIW, my commit merely re-enabled an older
code path.
___
Freetype-devel mailing list
Freetype-devel@nongnu.org
https://lists.nongnu.org/mailman/listinfo/freetype-devel
eiler
Sent: 06 August 2019 20:08
To: freetype-devel
Subject: [ft-devel] Fwd: Issue 977845 in chromium: pdf_font_fuzzer:
Integer-overflow in compute_glyph_metrics
Forwarding the following message I received regarding a fuzzer find.
I'm not sure what to do about it.
-- Weitergeleitete
Forwarding the following message I received regarding a fuzzer find.
I'm not sure what to do about it.
-- Weitergeleitete Nachricht --
Von: kkal… via monorail
Betreff: Issue 977845 in chromium: pdf_font_fuzzer: Integer-overflow in
compute_glyph_metrics
Datum: Wed, 10 Jul 2019
16 matches
Mail list logo