Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Limit the buffer size and execution time #12

Open
brawer opened this issue Apr 11, 2019 · 0 comments
Open

Limit the buffer size and execution time #12

brawer opened this issue Apr 11, 2019 · 0 comments

Comments

@brawer
Copy link

brawer commented Apr 11, 2019
edited
Loading

To prevent attacks, impose an upper limit on buffer size and execution time when shaping text. For example, increment a counter on the number of executed OpenType lookups and give up when it gets excessive, and make sure that the rendering buffer does not get excessively large; check out how HarfBuzz does this. See test case GSUB-3.
@brawer brawer changed the title Limit the execution time Limit the buffer size and execution time Apr 11, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@brawer