id,summary,reporter,owner,description,type,status,priority,component,version,resolution,keywords,cc,game 11966,SCI: Buffer overflow when loading Korean font,sluicebox,sluicebox,"Support for Korean fan translations was recently added. The font-loading code for 8x16 fonts writes out of bounds and corrupts memory. I'd fix this but I don't know the file format. (or Korean!) {{{ bool FontKoreanSVM::loadData(const char *fontFile) { ... _fontData8x16Size = numChars8x16 * 16; _fontData8x16 = new uint8[numChars8x16 * 16]; assert(_fontData8x16); for (uint i=0; i < _fontData8x16Size; i++) data->read(&_fontData8x16[i], 2); // buffer overflow on final iteration }}} To reproduce, display Korean text in at least SQ4CD or GK1CD. Introduced in: https://github.com/scummvm/scummvm/commit/b7664c24dcc798e5210b215232f4cf21c1e87f23",defect,closed,normal,Engine: SCI,,fixed,korean,,