Closed Bug 1785991 Opened 2 years ago Closed 2 years ago

Build a COLRv1 fuzzer

Categories

(Core :: Layout: Text and Fonts, task)

Product:
Core
Component:
Layout: Text and Fonts
Platform:
x86_64
Linux
Type:
task

Tracking

()

Status:
RESOLVED FIXED
Milestone:
106 Branch
Tracking Flags:
Tracking Status
firefox-esr91 --- unaffected
firefox-esr102 --- unaffected
firefox104 --- unaffected
firefox105 --- wontfix
firefox106 --- fixed

People

(Reporter: decoder, Assigned: decoder)

References

Details

(Keywords: sec-other, Whiteboard: [post-critsmash-triage][adv-main106-])

Attachments

(1 file, 2 obsolete files)

Bug 1785991 - Add COLRv1 fuzzer. r=jfkthame
48 bytes, text/x-phabricator-request
Details | Review

COLRv1 is a high risk feature that needs fuzzing coverage (likely through FuzzingInterface with libFuzzer). Our implementation is independent of the freetype implementation already tested in oss-fuzz.

Depends on: 1786002
Keywords: sec-other
Depends on: 1788005

Comment on attachment 9292225 [details]
Bug 1785991 - Check for bad outerIndex value. r=lsalzman

Revision D155958 was moved to bug 1788005. Setting attachment 9292225 [details] to obsolete.

Attachment #9292225 - Attachment is obsolete: true
Attachment #9290607 - Attachment description: WIP: Bug 1785991 - Add COLRv1 fuzzer. r=jkew → Bug 1785991 - Add COLRv1 fuzzer. r=jfkthame
Attachment #9290885 - Attachment is obsolete: true
Flags: qe-verify-
Whiteboard: [post-critsmash-triage]
Whiteboard: [post-critsmash-triage] → [post-critsmash-triage][adv-main106-]
Group: core-security-release
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: