Sponsor:

Your company here — click to reach over 10,000 unique daily visitors

ots-validator-checker - Man Page

font validation checker

Synopsis

ots-validator-checker FONT_FILE

Description

ots-validator-checker is a program which is intended to validate malformed fonts. If the program detects that the font is invalid, it prints “OK” and returns with 0 (success). If it couldn’t detect any errors, the program then opens the transcoded font and renders some characters using FreeType:

transcoded_font = ValidateAndTranscode(malicious_font);
if (validation_error)
  Print("OK");
OpenAndRenderSomeCharacters(transcoded_font);  # may cause SIGSEGV
Print("OK");

If SEGV doesn’t raise inside FreeType library, the program prints “OK” and returns with 0 as well. You should run this tool under the catchsegv(1) or valgrind(1) command so that you can easily verify that all transformed fonts don’t crash the library (see the example below).

Examples

$ for f in malformed/*.ttf ; do catchsegv ./ots-validator-checker "$f" ; done
OK: the malicious font was filtered: malformed/1.ttf
OK: the malicious font was filtered: malformed/2.ttf
OK: FreeType2 didn't crash: malformed/3.ttf
OK: the malicious font was filtered: malformed/4.ttf

Reporting Bugs

Report bugs to  <https://github.com/khaledhosny/ots/issues>

See Also

ots-idempotent(1), ots-perf(1), ots-sanitize(1), ots-side-by-side(1)

Referenced By

ots-idempotent(1), ots-perf(1), ots-sanitize(1), ots-side-by-side(1).

May 2021 OpenType Sanitizer