8028 – Integer overflows in CID font handling in libXfont/Type1

Bug 8028 - Integer overflows in CID font handling in libXfont/Type1

Summary: Integer overflows in CID font handling in libXfont/Type1

Status:	RESOLVED DUPLICATE of bug 8000

Alias:	None

Product:	xorg
Classification:	Unclassified
Component:	Lib/Xfont (show other bugs)
Version:	unspecified
Hardware:	All All

Importance:	high normal
Assignee:	Matthieu Herrb
QA Contact:

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2006-08-27 06:42 UTC by Matthieu Herrb
Modified:	2019-11-19 08:52 UTC (History)
CC List:	0 users

See Also:
i915 platform:
i915 features:

Attachments
proposed patch (2.17 KB, patch) 2006-08-27 06:43 UTC, Matthieu Herrb	no flags	Details \| Splinter Review
Show Obsolete (1) View All

Description Matthieu Herrb 2006-08-27 06:42:54 UTC

iDefense discovered 2 integer overflow vulnerabilities in the code handling 
CID fonts in libXfont/Type1.  According to them they are exploitable. 

IDEF 1691 is in src/Type1/scanfont.c, line 1753.

IDEF 1751 is in src/Type1/afm.c, line 121.

Comment 1 Matthieu Herrb 2006-08-27 06:43:37 UTC

Created attachment 6723 [details] [review]
proposed patch

Comment 2 Matthieu Herrb 2006-08-28 14:17:17 UTC


*** This bug has been marked as a duplicate of 8000 ***

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.