Closed
Bug 1250945
Opened 8 years ago
Closed 8 years ago
[harfbuzz] Assertion: bool hb_buffer_t::move_to(unsigned int): Assertion 'i <= out_len + (len - idx)' failed.
Categories
(Core :: Graphics: Text, defect)
Core
Graphics: Text
Tracking
()
RESOLVED
WORKSFORME
People
(Reporter: tsmith, Unassigned)
References
(Blocks 1 open bug)
Details
(Keywords: assertion, testcase)
Attachments
(2 files)
hb-buffer.cc:411: bool hb_buffer_t::move_to(unsigned int): Assertion `i <= out_len + (len - idx)' failed. This sounds unpleasant, possibly a sec issue.
Reporter | ||
Comment 1•8 years ago
|
||
Reporter | ||
Comment 2•8 years ago
|
||
Found fuzzing harfbuzz revision 3fe0cf10401875f1e9b8b5fbaf59826e64ea61d2
Comment 3•8 years ago
|
||
Could you please re-test with latest harfbuzz from upstream; in particular, I wonder whether b87e36f6f119fac80b8fd55f3abae563c2c5b798 may have already addressed this?
Flags: needinfo?(twsmith)
Reporter | ||
Comment 4•8 years ago
|
||
(In reply to Jonathan Kew (:jfkthame) from comment #3) > Could you please re-test with latest harfbuzz from upstream; in particular, > I wonder whether b87e36f6f119fac80b8fd55f3abae563c2c5b798 may have already > addressed this? Thanks Jonathan, looks like there was a flood of fixes and I should have updated before I logged this. Verified with revision 23335deaad9d4d9824ff41343264514d3f9f7e37.
Status: NEW → RESOLVED
Closed: 8 years ago
Flags: needinfo?(twsmith)
Resolution: --- → WORKSFORME
Reporter | ||
Comment 5•8 years ago
|
||
Is there a bug open to pick up the latest fixes from upsteam?
Flags: needinfo?(jfkthame)
Updated•6 years ago
|
Group: gfx-core-security
You need to log in
before you can comment on or make changes to this bug.
Description
•