zlacker

[return to "Bad Apple Font"]
1. triclo+X1[view] [source] 2023-08-30 03:07:37
>>notmys+(OP)
Obviously the thought comes up of the fact that this feels unsafe to have WASM in font files, but, I'm also aware that font layout engines are already turing complete, which leads me to wonder: have there been any high profile malware font examples? That entire stack feels a lot like an attack surface to me, especially given stuff like the fact that windows used to render fonts in the kernel layer.
◧◩
2. LukeSh+l4[view] [source] 2023-08-30 03:26:57
>>triclo+X1
Font layout engines are only Turing-complete if the stack is unbounded (to be fair: that's true actual computers too: they're not Turing-complete because they don't have infinite RAM), and AFAIK the major font engines all impose a quite strict limit on the stack size.
◧◩◪
3. gpvos+CK[view] [source] 2023-08-30 10:38:41
>>LukeSh+l4
I suppose with WASM you can just write an infinite loop?
[go to top]