[Bug 659359] CVE-2010-4259 FontForge: Stack-based buffer overflow by processing specially-crafted CHARSET_REGISTRY font file header

bugzilla at redhat.com bugzilla at redhat.com
Fri Dec 3 21:27:29 UTC 2010

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.


--- Comment #7 from Louis Simard <louis.simard at gmail.com> 2010-12-03 16:27:28 EST ---
Created attachment 464658
  --> https://bugzilla.redhat.com/attachment.cgi?id=464658
fix for CVE-2010-4259 crash

Attached is a unified format patch which should copy strings correctly within
their allocated buffers, for many fields in the BDF file format, including

I have tested FontForge before and after the patch; it does not crash
predictably anymore.

Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

More information about the fonts-bugs mailing list