Re: Very large font size crashing X Font Server and Grounding Server to a Halt (was: remote DoS in Mozilla 1.0)

From: Melchior FRANZ (a8603365@unet.univie.ac.at)
Date: Thu Jun 13 2002 - 11:53:53 EST


* rjh@world.std.com -- Thursday 13 June 2002 18:33:
> It resulted in an almost infinite size malloc() request.

No. AFAIK it is caused in the file xc/lib/font/Type1/t1font.c
by wrong RAM requirement estimation heuristics. Not too much
memory is requested but too few! And if XFree actually needs
more memory than it had originally estimated and requested, it
simply aborts.

m.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Sat Jun 15 2002 - 22:00:28 EST