Hi, Many thanks for the feedback. >> cmsTakeProductDesc() is risking buffer overflow into Name[] when calling >> cmsReadICCText()
I don't think so, 1.16 has a modified cmsReadICCText() which would take LCMS_DESC_MAX chars at most. This value is 512. Maybe I'm wrong, and still there is a vulnerability, could please explain where? > also when compiling with VS2005Pro I get > > cmsintrp.c(425) : warning C4740: flow in or out of inline asm code > suppresses global optimization Yep, that's not very nice. Unfortunately, Borland 5.5 needs such construct in order to work, and since it is just a warning I left it unchanged. I realize there is not many people is using BC 5.5 right now, but dropping support for a (historic!) compiler is not nice too. Anyway, I will try to get rid of the warning by other means. Regards Marti. ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Lcms-user mailing list Lcms-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/lcms-user
