Meet BrokenType – the font fuzzing toolset that helped me find 39 vulns in the Windows kernel and user-mode Uniscribe library in 2015-2017. It includes a font mutator, generator and loader. Now on GitHub:https://github.com/google/BrokenType …
-
-
It is still useful if someone adds support to Graphite tables Silf, Glat, Gloc, Feat, Sil. eg: my font fuzzer used fonttools with a custom mutator in libFuzzer that was quite useful in Mozilla Firefox.
-
Indeed, I'm not playing with fonts anymore but I'm hoping the code can be useful to others to build a more effective fuzzer or use it to test software other than Windows
-
Same here :), thanks for sharing
End of conversation
New conversation -
-
-
They did font rendering in the kernel???
-
Yes, it was a holdover from a much earlier version of the NT kernel for performance reasons of I remember correctly
-
This legacy of bad decisions also prevented user-installed, user-scoped fonts until RS5https://blogs.windows.com/windowsexperience/2018/06/27/announcing-windows-10-insider-preview-build-17704/ …
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.