Hi Thomas!

> would you mind to wait for the next release, which should be due in
> about two to four weeks? Bug #890016 is triggered by a pointer in an
> object struct which is left un-initialized in read1_3.c. The code in
> read1_3.c is full of these things and needs more proper initializing
> and sanitizing.

No problem with waiting.  I know, that you are already working on some
input sanitizing for fig2dev, and I only forwarded the two new bugs to
you to have it documented in the Debian BTS correctly and to give you
more test files to check whether you found all code blocks where input
sanitizing is necessary...

It's great to hear, that you seem to have some progress with this,
since it's only two to four weeks now.

Tell me, if I can support you in some way.


Reply via email to