On Tue, Nov 17, 2015 at 09:31:18PM +0100, Matthieu Herrb wrote: > On Fri, Nov 13, 2015 at 10:30:32PM +0100, Joerg Jung wrote: > > Hi, > > > > please find attached a port for the new suckless presentation tool sent. > > > > OK to import? > > hmm this code is of low quality for a tool released in 2015. > > http://marc.infœ?t=144772469400002&r=1&w=2 > > As part of the xorg security team I looked at this to see of libXft is > responsible. I found that > > sent /etc/passwd > > will crash because 71 lines (on my machine) don't fit in a single > slide and the code that looks for a small enough font is buggy. It > uses an unsigned 'j' variable in a loop that says (getfontsize() > sent.c:321) : > > for (j = NUMFONTSCALES - 1; j >= 0; j--) { > > so this will happily lead to huge j values, later used as indexes in > an array... > > Even with that fixed, the same getfontsize() function won't be able to > handle the lack of an appropriate font and reference font[-1] with joy > and fireworks. > > Later in the oss-sec thread someone noticed that 'sent empty' with > empty beeing a 0-length file will also produce a memory access > error. Indeed with malloc.conf -> J it happily dereferences a > 0xd0d0d0d0d0d0d0 pointer since there is not such input as line[0] if > the file is empty. > > I looked at this to check if there are bugs in Xft, not as as > potential user of misc/sent. So I won't bother trying to fix it, > sorry.
I think these issues are already fixed in upstream head in the last 24h. Waiting for the next release. > > > > Regards, > > Joerg > > > > > > $ cat pkg/DESCR > > > > Simple plaintext presentation tool. > > > > sent does not need latex, libreoffice or any other fancy file format, it > > uses > > plaintext files and png images. Currently every paragraph represents a > > slide in > > the presentation. Especially for presentations using the Takahashi method > > this > > is very nice and allows you to write down the presentation for a quick > > lightning > > talk within a few minutes. > > > > The presentation is displayed in a simple X11 window colored black on white > > for > > maximum contrast even if the sun shines directly onto the projected image. > > The > > content of each slide is automatically scaled to fit the window so you don't > > have to worry about alignment. Instead you can really concentrate on the > > content. > > > > -- > Matthieu Herrb
