[sane-devel] bug #303798: possible buffer overflow in fujitsu.c

m. allan noah anoah at pfeiffer.edu
Fri Sep 1 18:06:33 UTC 2006

>> right now I submitted
>> https://alioth.debian.org/tracker/?group_id=30186&atid=410366&func=detail&aid=303798
>> But this does not mean that s->hw_ink_remain contains what is
>> really intended - I don't know anything about Fujitsu scanners.
> oh, how embarassing :) yes, that buffer should be 11 or 12 bytes long. i will 
> commit a fix and close the bug report.

hmm, not as simple as that, afterall. johannes, i think your fix of asking 
for 11 bytes will cause some older models of scanner to choke, as they 
only provide 10 bytes. the current sane cvs can handle this, but sane 
1.0.18 version of fujitsu backend will probably fail.

i recommend that you change your fix to return that buffer to 10 bytes 
long, and comment out:

s->hw_ink_remain = get_HW_ink_remain(buffer);

the ink level is of no use currently anyway, since the endorser is 


More information about the sane-devel mailing list