OpenType bug in FontForge and a lack of funky-font fail-safes in other applications
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
fontforge (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
Binary package hint: fontforge
Fonts with a wrong usFirstCharIndex give serious faulty behavior in a lot of applications. I'm pretty sure faulty fonts of this kind has made my computer crash and burn at several occasions, but I don't know what exact chain of events that triggers the crashes and I don't feel like experimenting as I am very dependent on my computer. But finding the source of the faulty fonts is easier: FontForge.
The same malfunction in FontForge has already been patched for TrueType, as so, the same source file will generate a correct TrueType font. I found these descriptions of the old TrueType bug through google:
https:/
http://
FontForge generate an invalid usFirstCharIndex (http://
This bug gets propagated from the OpenType fonts to other applications and documents. E.g. this kind of faulty fonts makes Abiword behave somewhat funny (I belive it is Pango that is at faults), but Abiword is still almost functional until a document containing the faulty font gets printed. Printed to a PDF-file the glyphs get scrambled when that PDF is viewed with Evince (it displays wrong glyphs, but with the metrics of the right glyphs (propably because CUPS insert the right metrics directly into the PDF, but still injects a faulty glyph-index into the PDF)). At least with my printer (Samsung 3051ND), when printing a Abiword document with faulty fonts, it makes a printout with different sized rectangles instead of glyphs (propably because CUPS fail to embed the glyphs into the PostScript code, it looks like beautiful abstract art).
In addition to this, somebody should also revise all the fonts used in Ubuntu. They contain a lot of other bugs. E.g. the Nimbus font delivered with CUPS has the BlueValues unordered. Even a simple check with fontlint (from the maker of FontForge) would expose a lot of buggy fonts.
ProblemType: Bug
Architecture: amd64
Date: Tue Feb 23 08:36:24 2010
DistroRelease: Ubuntu 9.10
InstallationMedia: Xubuntu 9.10 "Karmic Koala" - Release amd64 (20091027)
Package: fontforge 0.0.20090622-1
ProcEnviron:
LANG=sv_SE.UTF-8
SHELL=/bin/bash
ProcVersionSign
SourcePackage: fontforge
Uname: Linux 2.6.31-19-generic x86_64
XsessionErrors: (polkit-
visibility: | private → public |
Thanks for taking the time to report this bug and helping to make Ubuntu better. We appreciate the difficulties you are facing, but this appears to be a "regular" (non-security) bug. I have unmarked it as a security issue since this bug does not show evidence of allowing attackers to cross privilege boundaries nor directly cause loss of data/privacy. Please feel free to report any other bugs you may find.