Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Limit GSUB buffer size #97

Open
brawer opened this issue Nov 1, 2023 · 2 comments
Open

Limit GSUB buffer size #97

brawer opened this issue Nov 1, 2023 · 2 comments

Comments

@brawer
Copy link

brawer commented Nov 1, 2023

Allsorts 0.14.0 is vulnerable to an OpenType version of the billion laughs attack. The attack vector is a font with a malicious but well-formed GSUB table.

Failing test case: https://rawgit.com/unicode-org/text-rendering-tests/master/reports/Allsorts.html#GSUB-3
Test suite: https://github.com/unicode-org/text-rendering-tests
@wezm
Copy link
Contributor

wezm commented Nov 1, 2023

Hi @brawer are you just creating these issues to track the failures or make us aware of them? If it's the latter just want to note that we are aware of them as I was the one that added the Allsorts implementation for the text-rendering-tests.

@brawer
Copy link
Author

brawer commented Nov 2, 2023

Just to make you aware. Sorry for filing a security problem as a public bug, I didn't know how to reach you in private.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@wezm @brawer