Hi! On Mon, Jan 24, 2011 at 8:26 AM, Simon Budig <simon@xxxxxxxx> wrote: > For Gimp itself there is a bug report on this issue at > https://bugzilla.gnome.org/show_bug.cgi?id=639203 > > I guess I'll commit the patch attached to the bugreport soon unless > someone has a better suggestion. But here, for example (from your patch): snprintf (fmt_str, sizeof (fmt_str), "%%d %%d %%%lds", sizeof (endbuf) - 1); if (sscanf (line, fmt_str, &t->majtype, &t->type, end) != 3) Won't it still be affected by a very large integer (like the example that I sent on my initial message) at the first or second position in the file? I get this when trying to load an example with the the big number: ===== Plug-in crashed: "sphere-designer" (/usr/lib/gimp/2.0/plug-ins/sphere-designer) The dying plug-in may have messed up GIMP's internal state. You may want to save your images and restart GIMP to be on the safe side. ===== But I can't say how bad or ignorable it is. Best regards, Nelson _______________________________________________ Gimp-developer mailing list Gimp-developer@xxxxxxxxxxxxxxxxxxxxxx https://lists.XCF.Berkeley.EDU/mailman/listinfo/gimp-developer
