This repository has been archived by the owner on Jun 4, 2022. It is now read-only.
global-buffer-overflow in /lib/support/unicodeconv/unicodeconv.c:40:2 #59
Comments
|
Do you have a more detailed stack trace for this? |
|
FYI, here is the result on my machine when building with ASAN and debug. Similar crashes happens with inputs such as |
|
I am curious about that why you are filing these bugs since I am deprecating otfcc (I have an internal TypeScript lib to deal with OTFs). Are you (or someone else) using it? |
|
Not exactly, I just saw some CVE entries and would like to find interesting projects to analyze |
|
CVE? |
|
The crash site is sds (a string library) 's allocation func. |
|
Hmm your file crashes TTX too. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Test Version
dev version, git clone https://github.com/caryll/otfcc.git
Test Program
otfcc/bin/release-x64/otfccdump [infile]
Asan Debug Information
POC file
https://github.com/moonAgirl/Bugs/blob/master/otfcc/2018-12-30-01-global-buffer-overflow.otf/
The text was updated successfully, but these errors were encountered: