From: Juliusz Chroboczek <[EMAIL PROTECTED]> Subject: Re: [bugtraq] remote DoS in Mozilla 1.0 To: [EMAIL PROTECTED] Date: 12 Jun 2002 08:51:49 +0100
MH> Interesting problem reported on bugtraq: MH> <http://online.securityfocus.com/archive/1/276120> I see. Two bugs here. One is the dodgy error-handling in the Type 1 backend, which gives up by calling abort() (see the very end of curves.c). I agree that this is a bug; however, as I'm hoping to phase out the current Type 1 backend in favour of one based on FreeType 2 in time for 4.3.0, I do not intend to fix it. The other problem is that we do not fail a priori requests for very large fonts. I do agree that this should be done, and I think it should be done at the common layer (above the font backends); could anyone suggest at what point a request for a font is clearly invalid? Juliusz _______________________________________________ Xpert mailing list [EMAIL PROTECTED] http://XFree86.Org/mailman/listinfo/xpert
