References: STARLabs Advisory STAR-21-1758 In February, Peter found a OOB read vulnerability in libFontParser.dylib. The latest tested version with the vulnerability is macOS Catalina 10.15.4 (19E287). I wrote a guide earlier on setting up a testing environment. Mac Resource Fork Font File References: Font Forge: Macintosh Font Formats Apple: MoreMacintoshToolbx fontTools: macRes It turns out that macOS can load something called a Mac Resource Fork font file.
