G'day,
There are a number of warnings of unlikely, but possible,
buffer overflows, that could lead to undefined behaviour in
the Tecgraf Sci/Tech toolkit. Is there any enthusiasm for
correcting these cases? If so, is there a preferred way to
present patches (e.g. one giant patch versus a dozen or more
focussed patches)?
I'm merely looking at CD-r899 for now, and only at
"-Wformat-overflow=" messages. (As mentioned before, most
of the changes would be careful use of snprintf instead of
sprintf, along with buffer size adjustment.)
So, do I put in this work, or am I wasting my time?
--
s-b etc.
---- (Cut here.) ----
<FUNC> may write a terminating nul past the end of the destination
[-Wformat-overflow=]:
drv/pptx.c:727:[Function:openFile]: '__builtin___sprintf_chk'
<DIRECTIVE> directive writing <BYTECOUNT1> bytes into a region of size between
<BYTECOUNT2> and <BYTECOUNT3> [-Wformat-overflow=]:
svg/cdsvg.c:942:[Function:cdfont]: 'px' 2 0 9
svg/cdsvg.c:[At:940]: 'pt' 2 0 9
drv/pptx.c:1376:[Function:pptxImportMasterSlide]: '%s' 20 0 10239
drv/pptx.c:[At:1376]: '%s' 44 0 10239
drv/pptx.c:[At:1376]: '%s' 33 0 10239
drv/pptx.c:[At:1376]: '%s' 44 0 10239
drv/pptx.c:[At:1376]: '%s' 33 0 10239
drv/pptx.c:690:[Function:pptxOpenSlide]: '/ppt/slides/slide' 17 1 10240
drv/pptx.c:[At:696]: '/ppt/slides/_rels/slide' 23 1 10240
drv/pptx.c:1009:[Function:pptxPattern]: '/ppt/media/media/image' 22 1
10240
drv/pptx.c:1292:[Function:pptxImageRGB]: '/ppt/media/media/image' 22 1
10240
drv/pptx.c:1341:[Function:pptxImageRGBA]: '/ppt/media/media/image' 22 1
10240
<DIRECTIVE> directive writing between <BYTECOUNT1> and <BYTECOUNT2> bytes into
a region of size between <BYTECOUNT3> and <BYTECOUNT4> [-Wformat-overflow=]:
drv/cdps.c:2048:[Function:get_margins_attrib]: '%g' 1 13 8 44
drv/cdpdf.c:1566:[Function:set_opacity_attrib]: '%g' 1 13 10 22
---- (End of extract.) ----
_______________________________________________
Iup-users mailing list
Iup-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/iup-users
