[sane-devel] [BUG] saned: missing input sanitization

Henning Meier-Geinitz henning@meier-geinitz.de
Sat, 16 Oct 2004 16:10:52 +0200


On Sat, Oct 16, 2004 at 04:01:20PM +0200, Johannes Berg wrote:
> I think the problem is that the network layer does not distinguish
> between zero-length strings and NULL pointers -- as far as I can see it
> interprets a zero-length string 

A zero length string is e.g. SANE_String hubba = "";

> (which is only a byte-array after all)

For sane_net a zero-lenth string is 0 0 0 1 0 (Array of length 1 which
only contains a 0 byte as end marker).

> as a NULL string.

I hope it doesn't. A NULL string is encoded as an array of length 0
(and has no data).

zero-length is ok in sane_open, NULL isn't.