platform/upstream/harfbuzz - Domain: UI Framework / Fonts;

diff options

author	Behdad Esfahbod <behdad@behdad.org>	2023-02-06 14:51:25 -0700
committer	Bowon Ryu <bowon.ryu@samsung.com>	2023-06-20 14:12:35 +0900
commit	6aafe3e54f611bc28eb2eab9de9386a4d46d3d0f (patch)
tree	de8c13993e77de126c81af42b2a939ec5c73b70f /src/hb-private.hh
parent	e6340fb871e5c683d476319a9d572c470c0f3a79 (diff)
download	harfbuzz-tizen_6.5.tar.gz harfbuzz-tizen_6.5.tar.bz2 harfbuzz-tizen_6.5.zip

[Tizen] [GPOS] Avoid O(n^2) behavior in mark-attachmentaccepted/tizen/6.5/unified/20230622.095624 tizen_6.5 accepted/tizen_6.5_unified

Better implementation; avoids arbitrary limit on look-back. [CVE-2023-25193] hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks. https://nvd.nist.gov/vuln/detail/CVE-2023-25193 Change-Id: I778490c8c94aae046e38cb07f04753cbc26b8e6a

Diffstat (limited to 'src/hb-private.hh')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: