FLTK logo

STR #2398

FLTK matrix user chat room
(using Element browser app)   FLTK gitter user chat room   GitHub FLTK Project   FLTK News RSS Feed  
  FLTK Apps      FLTK Library      Forums      Links     Login 
 Home  |  Articles & FAQs  |  Bugs & Features  |  Documentation  |  Download  |  Screenshots  ]
 

Return to Bugs & Features | Roadmap 2.0 | Post Text | Post File | SVN ⇄ GIT ]

STR #2398

Application:FLTK Library
Status:5 - New
Priority:2 - Low, e.g. a documentation error or undocumented side-effect
Scope:3 - Applies to all machines and operating systems
Subsystem:Unassigned
Summary:potentially unsafe behaviour for images
Version:2.0-current
Created By:bgbnbigben
Assigned To:Unassigned
Fix Version:Unassigned
Update Notification:

Receive EMails Don't Receive EMails

Trouble Report Files:

Post File ]
Name/Time/Date Filename/Size  
 
#1 bgbnbigben
22:11 Jul 12, 2010
streamlinedTests.patch
4k
 
     

Trouble Report Comments:

Post Text ]
Name/Time/Date Text  
 
#1 bgbnbigben
22:11 Jul 12, 2010
This isn't an overly critical patch to the image test functions (which are spread as thinly and over as many files as last night's pumpkin soup.....), but, as far as I'm aware, there's no standard to suggests that memcmp() *has* to stop when it reaches a null character, or even when it meets the first differing character (IIRC, it's allowed to compare all n characters if the implementation is done that way, or could potentially compare garbage data to be equal and continue). Whilst this is done sensibly in most implementations, I believe that it's a safer option to keep these as strncmp() and let the compiler deal with it's own implementation (in most cases, especially with gcc, AFAIK strncmp is turned into a memcmp anyway, so it's not going to create much of a difference in most systems).

Beyond this, gifImage::test() had only a half-test for a GIF file, jpegImage had no size check and could thus segfault on an overly small file with a user-read header, xpmFileImage::test() also only had a half-test for an XPM image as well as no size checking, so on.

Tested and working on my i386 ubuntu; not that I'd expect otherwise given the small fixes this patch makes.
It certainly makes the code far more logical though.....
 
     

Return to Bugs & Features | Post Text | Post File ]

 
 

Comments are owned by the poster. All other content is copyright 1998-2024 by Bill Spitzak and others. This project is hosted by The FLTK Team. Please report site problems to 'erco@seriss.com'.