Thorsten glaser reported this to the OpenBSD tech mailing list: When trying to use the Dark garden font (http://switch.dl.sourceforge.net/sourceforge/darkgarden/darkgarden-1.1.ttf.zip) as a server-side font, it crashes the X server because gcc's stack protector (Propolice) detects a stack overflow. I've been able to confirm this bug. It appears to be caused by FTGetEnglishName() which doesn't correctly nul-terminate it's output buffer when it truncates it because the input string (here the font's copyright) is too long. This is probably not exploitable, but I'd appreciate if someone else could have a look. The issue is public on OpenBSD's mailing list.
Created attachment 6099 [details] [review] proposed patch
Clearly correct, appplied. Doesn't look exploitable though.
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.