On Fri, Apr 25, 2014 at 10:22 AM, Denis Oliver Kropp <d...@directfb.org> wrote: > On 03/27/14 00:41, Frédéric Basse wrote: >> >> * CWE-787: Out-of-bounds Write >> 'count' can exceed 'dst' buffer size. >> => >> http://git.directfb.org/?p=core/DirectFB.git;a=blob;f=proxy/dispatcher/idirectfbsurface_dispatcher.c;h=6e99cbba8a8430869b318936ed63a80f44b83201;hb=HEAD#l1676 >> => >> http://git.directfb.org/?p=core/DirectFB.git;a=blob;f=proxy/dispatcher/idirectfbsurface_dispatcher.c;h=6e99cbba8a8430869b318936ed63a80f44b83201;hb=HEAD#l1626 > > Does it mean that 'count' has to be checked against 'num', as done for 'out'? Yes, but this may be a bit more complex, like: count+out < num
> > -- > Denis Oliver Kropp > CEO > DirectFB integrated media GmbH > _______________________________________________ > directfb-dev mailing list > directfb-dev@directfb.org > http://mail.directfb.org/cgi-bin/mailman/listinfo/directfb-dev _______________________________________________ directfb-dev mailing list directfb-dev@directfb.org http://mail.directfb.org/cgi-bin/mailman/listinfo/directfb-dev