I just meant there are other places where I can call function with NULL buffer and non-zero length to make crash for example "PdfImage::LoadFromData".
On Mon, Oct 29, 2018 at 8:36 AM zyx <[email protected]> wrote: > On Sun, 2018-10-28 at 19:28 +0100, Michal Sudolsky wrote: > > crash with null pointer and non-zero length as in other places in > > podofo. > > Hi, > crash is generally bad, that can lead to CVE issues at the least. > Better is when the code can handle broken inputs gracefully. If it's > the code's issue, then it should be fixed. > > I mean, if you know of places which can crash instead of throw > exception, then feel free to share the reproducer and such, it'll be > highly appreciated. There are still opened some CVEs against PoDoFo, > maybe you face/mean one/some of them. > Bye, > zyx > > > > _______________________________________________ > Podofo-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/podofo-users >
_______________________________________________ Podofo-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/podofo-users
