Nelson A. de Oliveira (naoliv@xxxxxxxxx) wrote: > On Mon, Jan 24, 2011 at 8:26 AM, Simon Budig <simon@xxxxxxxx> wrote: > > For Gimp itself there is a bug report on this issue at > > https://bugzilla.gnome.org/show_bug.cgi?id=639203 > > > > I guess I'll commit the patch attached to the bugreport soon unless > > someone has a better suggestion. > > But here, for example (from your patch): > > snprintf (fmt_str, sizeof (fmt_str), "%%d %%d %%%lds", sizeof (endbuf) - 1); > if (sscanf (line, fmt_str, &t->majtype, &t->type, end) != 3) > > Won't it still be affected by a very large integer (like the example > that I sent on my initial message) at the first or second position in > the file? Ah sorry, should have mentioned that. The bug report is older than your mail to the list. We had a report on the %s conversion earlier which is what the patch attached to the bug attempts to fix. The %i problems are new to me and I tend to think that these are bugs in the libc and should be fixed there, although it probably would not hurt to add some more length specifiers... Bye, Simon -- simon@xxxxxxxx http://simon.budig.de/ _______________________________________________ Gimp-developer mailing list Gimp-developer@xxxxxxxxxxxxxxxxxxxxxx https://lists.XCF.Berkeley.EDU/mailman/listinfo/gimp-developer
