|
|
|
|
|
|
by MichaelGG
4139 days ago
|
|
|
The real quote there being: "
It really worries me that the FreeType font library is now being made to accept untrusted content from the web. The library probably wasn't written under the assumption that it would be fed much more than local fonts from trusted vendors who are already installing arbitrary executable on a computer, and it's already had a handful of vulnerabilities found in it shortly after it first saw use in Firefox. It is a very large library that actually includes a virtual machine that has been rewritten from pascal to single-threaded non-reentrant C to reentrant C... The code is extremely hairy and hard to review, especially for the VM. " FreeType's news page http://www.freetype.org/index.html#news - has something very curious. Two fixes for the same CVE, but the second fix 9 months later. A look at the CVEs[1] for it is also interesting that they're all memory safety issues (at least, from a quick glance). So in 2014, it's still difficult to read fonts without exposing yourself to code execution vulnerabilities, eh? I'd imagine better languages would help here. 1: http://web.nvd.nist.gov/view/vuln/search-results?adv_search=... |
|
|