Bug 8028

Summary: Integer overflows in CID font handling in libXfont/Type1
Product: xorg Reporter: Matthieu Herrb <matthieu.herrb>
Component: Lib/XfontAssignee: Matthieu Herrb <matthieu.herrb>
Status: RESOLVED DUPLICATE QA Contact:
Severity: normal    
Priority: high    
Version: unspecified   
Hardware: All   
OS: All   
Whiteboard:
i915 platform: i915 features:
Attachments:
Description Flags
proposed patch none

Description Matthieu Herrb 2006-08-27 06:42:54 UTC 
iDefense discovered 2 integer overflow vulnerabilities in the code handling 
CID fonts in libXfont/Type1.  According to them they are exploitable. 

IDEF 1691 is in src/Type1/scanfont.c, line 1753.

IDEF 1751 is in src/Type1/afm.c, line 121.
Comment 1 Matthieu Herrb 2006-08-27 06:43:37 UTC 
Created attachment 6723 [details] [review]
proposed patch
Comment 2 Matthieu Herrb 2006-08-28 14:17:17 UTC 

*** This bug has been marked as a duplicate of 8000 ***

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.