[sane-devel] sane-backends CVS snapshot dated 2007 Oct 24

Johannes Meixner jsmeix at suse.de
Thu Oct 25 12:24:36 UTC 2007


Hello,

right now I packaged sane-backends CVS snapshot dated 2007 Oct 24
and I have still two patches where I think they should be included
upstream.

For your information I attached the patches as gzipped files.

1) fix-buffer-overflow.patch
has a fix for an "array subscript is above array bounds"
error in niash.c, see
https://bugzilla.novell.com/show_bug.cgi?id=246654
and a fix for an "array subscript is above array bounds"
error in sanei_ab306.c, see
https://bugzilla.novell.com/show_bug.cgi?id=239953
and fixes of possible strncat buffer overflows and strncpy
unterminated string errors in as6e.c (no Suse bug for this)

2) fix-uninitialized-variables.patch
fixes an uninitialized variable in teco2.c, see
https://bugzilla.novell.com/show_bug.cgi?id=205451

The issues are detectde by checking the complier warnings
and report "things of interest".
Even if the code may be actually o.k. the patches would
at least help to let it look o.k. even for the compiler ;-)


Kind Regards
Johannes Meixner
-- 
SUSE LINUX Products GmbH, Maxfeldstrasse 5, 90409 Nuernberg, Germany
AG Nuernberg, HRB 16746, GF: Markus Rex
-------------- next part --------------
A non-text attachment was scrubbed...
Name: fix-buffer-overflow.patch.gz
Type: application/x-gzip
Size: 861 bytes
Desc: fix-buffer-overflow.patch.gz
Url : http://lists.alioth.debian.org/pipermail/sane-devel/attachments/20071025/0aae5c75/attachment.bin 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: fix-uninitialized-variables.patch.gz
Type: application/x-gzip
Size: 256 bytes
Desc: fix-uninitialized-variables.patch.gz
Url : http://lists.alioth.debian.org/pipermail/sane-devel/attachments/20071025/0aae5c75/attachment-0001.bin 


More information about the sane-devel mailing list