[sane-devel] sane-backends CVS snapshot dated 2007 Oct 24

Julien BLACHE jb at jblache.org
Thu Oct 25 13:30:03 UTC 2007


Johannes Meixner <jsmeix at suse.de> wrote:

Hi,

> 1) fix-buffer-overflow.patch
> has a fix for an "array subscript is above array bounds"
> error in niash.c, see
> https://bugzilla.novell.com/show_bug.cgi?id=246654

I think the fix isn't appropriate, though there is something fishy in
the way the options are disabled by moving the optLast member of the
enum around.

Please get the niash maintainer to fix this one properly :)

> and a fix for an "array subscript is above array bounds"
> error in sanei_ab306.c, see
> https://bugzilla.novell.com/show_bug.cgi?id=239953

That one is correct and committed.

> and fixes of possible strncat buffer overflows and strncpy
> unterminated string errors in as6e.c (no Suse bug for this)

Committed too.

> 2) fix-uninitialized-variables.patch
> fixes an uninitialized variable in teco2.c, see
> https://bugzilla.novell.com/show_bug.cgi?id=205451

That code looks fishy, size is used to initialize an element of cdb
and then is initialized with another element of cdb.

Setting it to 0 should be OK but I'll leave that up to someone more
familiar with the backend.

JB.

-- 
Julien BLACHE                                   <http://www.jblache.org> 
<jb at jblache.org>                                  GPG KeyID 0xF5D65169



More information about the sane-devel mailing list