Heap Buffer Overflow in listfdb (master, libming 0.4.8 and earlier) #104
This may allow attackers to cause a denial of service or unspecified other impact via a crafted FDB file.
You can find the reproducer here.
This issue is coming from the following code part:
In the case of the reproducer, there is only one glyph, but listfdb is reading two and stores two glyphs in the
I'll submit a fix.