oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Large amount of uninitialized values in svg parsing and processing

From: Gustavo Grieco <gustavo.grieco () gmail com>
Date: Mon, 11 Apr 2016 19:37:51 +0200
Hi,

A large amount of uninitialized values in the parsing and processing of svg
files using librsvg and related libraries (e.g, libcairo) are causing
undefined behaviors. Some of these issues are originated in librsvg, some
in libcairo and others (libpixman maybe). Some relevant technical details
are available here:

https://bugs.freedesktop.org/show_bug.cgi?id=92904

As a result of this, just browsing svg files using the open dialog of
Firefox/Chromium can lead to unexpected or undefined behavior. Other
applications using librsvg are likely affected.

Regards,
Gus.
Previous By Date Next
Previous By Thread Next

Current thread: