Package: fontforge Version: 0.0.20120101+git-2 Usertags: goto-cc While building the package using our research compiler infrastructure, which also performs more strict type checking, we noticed the following problem that possibly triggers undefined behaviour: In fontforge/scripting.c, the function bExpandStroke stores user input values (of type double) in a field of type enum linecap (first appears in line 4653, but also occurs multiple other times). As there is no sanitization of input in place, the assignment may result in arbitrary values being set. Best, Michael
Attachment:
pgpihlVBBiFuf.pgp
Description: PGP signature