| .TH OTS-VALIDATOR-CHECKER "1" "May 2021" "OpenType Sanitizer" "User Commands" |
| .SH NAME |
| ots-validator-checker \- font validation checker |
| .SH SYNOPSIS |
| .B ots-validator-checker |
| \fI\,FONT_FILE\/\fR |
| .SH DESCRIPTION |
| .PP |
| ots-validator-checker is a program which is intended to validate malformed fonts. |
| If the program detects that the font is invalid, it prints \(lqOK\(rq and |
| returns with 0 (success). |
| If it couldn’t detect any errors, the program then opens the transcoded font |
| and renders some characters using FreeType: |
| .PP |
| .RS |
| .nf |
| transcoded_font\ =\ ValidateAndTranscode(malicious_font); |
| if\ (validation_error) |
| \ \ Print("OK"); |
| OpenAndRenderSomeCharacters(transcoded_font);\ \ #\ may\ cause\ SIGSEGV |
| Print("OK"); |
| .fi |
| .RE |
| .PP |
| If SEGV doesn\(cqt raise inside FreeType library, the program prints \(lqOK\(rq |
| and returns with 0 as well. |
| You should run this tool under the |
| .BR catchsegv (1) |
| or |
| .BR valgrind (1) |
| command so that you can easily verify that all transformed fonts don\(cqt |
| crash the library (see the example below). |
| .SH EXAMPLES |
| .RS |
| .nf |
| $ for f in malformed/*.ttf ; do catchsegv ./ots-validator-checker "$f" ; done |
| OK: the malicious font was filtered: malformed/1.ttf |
| OK: the malicious font was filtered: malformed/2.ttf |
| OK: FreeType2 didn't crash: malformed/3.ttf |
| OK: the malicious font was filtered: malformed/4.ttf |
| .fi |
| .RE |
| .SH "REPORTING BUGS" |
| Report bugs to <https://github.com/khaledhosny/ots/issues> |
| .SH "SEE ALSO" |
| .BR ots-idempotent (1), |
| .BR ots-perf (1), |
| .BR ots-sanitize (1), |
| .BR ots-side-by-side (1) |