Commit: Trying to fix #536 and a bonus :)

Subject: Commit: Trying to fix #536 and a bonus :)
From: Dom Lachowicz (cinamod@hotmail.com)
Date: Sat Mar 10 2001 - 13:37:07 CST

• sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Sam TH: "Re: Suggested bug categories"
• Previous message: Saint-Denis: "Forgotten patch to bug 456"

Patch to fix 536 from dsueiro
CVS: ----------------------------------------------------------------------
CVS: Enter Log. Lines beginning with `CVS:' are removed automatically
CVS:
CVS: Committing in .
CVS:
CVS: Modified Files:
CVS: src/wp/impexp/xp/ie_imp_RTF.cpp
CVS: ----------------------------------------------------------------------

>Hi Dom,
> A bit later than a promised. So, sue me :).
>
>Well, right to the point:
>
>1) The idea of the fix is that once you're in a font info group, every
>opening brace should be closed before the *Font name*. The old version
>supposed that there wasn't any group ( a brace-enclosed string ) inside
>font info. Or something like that.
>
>2) When processing ( inside ReadFontTable ) \panose, the parser, after
>reading the keyword, discarded the next char, before trying to process
>a 20-bytes-long of digits. The problem, in this particular file ( the one
>attached to the bug report ) was that the keyword and the parameter have
>only a space between them, so the discarded char was the first digit.
>That's
>why the loop didn't finish at the closing brace ( the program read it as
>the
>last *digit* ).
>
>3) Fixed a buffer overflow in ReadKeyword. If the parameter was more than
>256 chars long, Abi would start writing after the end of the buffer. As
>I don't expect any keyword would have a parameter so long, I assume it's
>a bogus file ( and abort the load accordingly ).
>
>4) The same problem happens with the keyword buffer. As it was a parameter
>and not an auto variable, the fix would be a bit more involved. If you
>agree
>with the solution I propose, I can send you a patch for this also:
>
>- There's no point in using sometimes a 256-chars and one 4 times that in
>other occasions. Think 256 is enough ( we can add a static const unsigned
>at
>file scope for that ).
>- I may add a parameter to ReadKeyword to indicate the size of the buffer.
>If the next char to be read overflows it, the rtf would be assumed to be
>bogus.
>Of course, using the global constant is not an option :).
>
>Diego

_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com

• application/x-gunzip attachment: patch_536.gz

• Next message: Sam TH: "Re: Suggested bug categories"
• Previous message: Saint-Denis: "Forgotten patch to bug 456"

This archive was generated by hypermail 2b25 : Sat Mar 10 2001 - 13:37:13 CST