Closed Bug 1694149 Opened 2 years ago Closed 2 years ago

On macOS, @font-face with src:local may access fonts that shouldn't be exposed

Categories

(Core :: Layout: Text and Fonts, defect)

Unspecified
macOS
defect

Tracking

()

RESOLVED FIXED
88 Branch
Tracking Status
firefox88 --- fixed

People

(Reporter: jfkthame, Assigned: jfkthame)

References

Details

Attachments

(1 file)

In gfxMacPlatformFontList::LookupLocalFont, we use platform API to look up a font by name, which saves us maintaining our own tables of the psnames and fullnames of all installed fonts (as we have to do on some platforms).

However, there are a couple of bugs here. First, the Core Graphics API can continue to return a font that has been disabled/uninstalled (e.g. in Font Book), if it was previously in use in the application, but we will then be unable to use that font properly for rendering as it's no longer in our font list. And second, it may return a font that should be excluded from use by the CSS font-visibility setting.

So we need to check the font returned to us by CG to ensure we're actually allowed/able to use it, and if not just fail as though it were not present at all.

Assignee: nobody → jfkthame
Status: NEW → ASSIGNED
Blocks: 1694174
Pushed by jkew@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/967a425c6075
Ensure gfxMacPlatformFontList::LookupLocalFont checks that the returned font is actually available for use. r=lsalzman
Status: ASSIGNED → RESOLVED
Closed: 2 years ago
Resolution: --- → FIXED
Target Milestone: --- → 88 Branch
You need to log in before you can comment on or make changes to this bug.