Red Hat Bugzilla – Bug 66658
xfs security issue with large fonts
Last modified: 2007-04-18 12:43:09 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 Galeon/1.2.0 (X11; Linux i686; U;) Gecko/20020501
Description of problem:
xfs consumes excessive amounts of memory when large fonts are used. The problem
manifests itself when using Mozilla 0.9.9 on XFree86-4.2.0. The URL to use is
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Open Mozilla
2. Go to: http://www.adeliesolutions.com/Projects/
Actual Results: System becomes non-responsive and xfs crashes.
Expected Results: xfs should know about cheap tricks like this.
Unfortunately, the problem leaked into public before it had a chance to be
fixed, thanks to some irresponsible people at Register. See:
I've been investigating this issue since the problem was first discovered.
Unfortunately there currently is no fix available, and properly fixing it
seems to be a non-trivial amount of work. The upstream maintainer of
the code in question does not plan on fixing the code, which leaves things
in a very sticky situation for the time being.
We'll be tracking this issue closely, and working along with other distribution
and OS vendors to hopefully come up with a solution as soon as possible.
I get a "connection refused" when I visit this URL, so I cannot verify the
problem; but I seem to be having this same problem when I load a very complex
web page. XFS seems to use up 100% of the system, and xmms starts skipping
(this is an Athlon XP1700 with 512MB of RAM) and the whole computer is
unresponsive for seconds on end. It eventually recovers, but it is annoying.
Fixing this problem is currently very complex and requires a lot
of effort. The XFree86 team does not plan on resolving this issue
for current releases, and is instead removing the faulty codepaths
and using entirely new code in XFree86 4.3.0.
I'm not sure how we'll handle this issue for 4.2.0, so I'm defering
this for the future. In the interim, if any public solution surfaces,
we will investigate it and consider releasing erratum.
*** Bug 74297 has been marked as a duplicate of this bug. ***
*** Bug 74228 has been marked as a duplicate of this bug. ***
Since this bugzilla report was filed, there have been several major
updates to the X Window System, which may resolve this issue. Users
who have experienced this problem are encouraged to upgrade to the
latest version of Fedora Core, which can be obtained from:
If this issue turns out to still be reproduceable in the latest
version of Fedora Core, please file a bug report in the X.Org
bugzilla located at http://bugs.freedesktop.org in the "xorg"
Once you've filed your bug report to X.Org, if you paste the new
bug URL here, Red Hat will continue to track the issue in the
centralized X.Org bug tracker, and will review any bug fixes that
become available for consideration in future updates.
Setting status to "CURRENTRELEASE".