New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
42 crashers #17
Comments
Original comment by |
Original comment by |
Original comment by
|
I have not checked the tarball but reproduced similar panics in truetype package using go-fuzz. Reading the code, a lot of them probably come from not checking offsets before accessing byte arrays. They are tedious but easy to fix. The question is: what is your contribution process for this package? go-review.googlesource.com or something else? And do you accept contributions, even partial ones (ie not fixing all the out of bound access at once)? |
The contribution process is the regular github.com process, not go-review.googlesource.com, although you still need to sign the CLA a la the regular golang.org process. Contributions accepted, although I will be slow to respond in general in the forseeable short-term future (as I have been slow to respond here), due to non-work-related reasons. |
All crashes except "ttf.crashers/9dcbc20080df0e49e3dd90c022eba03aa575c4b6" seen to be fixed with the current version of golang/freetype. |
Original issue reported on code.google.com by
dvyu...@google.com
on 29 Apr 2015 at 10:25Attachments:
The text was updated successfully, but these errors were encountered: