Hello, right now I packaged sane-backends CVS snapshot dated 2007 Oct 24 and I have still two patches where I think they should be included upstream.
For your information I attached the patches as gzipped files. 1) fix-buffer-overflow.patch has a fix for an "array subscript is above array bounds" error in niash.c, see https://bugzilla.novell.com/show_bug.cgi?id=246654 and a fix for an "array subscript is above array bounds" error in sanei_ab306.c, see https://bugzilla.novell.com/show_bug.cgi?id=239953 and fixes of possible strncat buffer overflows and strncpy unterminated string errors in as6e.c (no Suse bug for this) 2) fix-uninitialized-variables.patch fixes an uninitialized variable in teco2.c, see https://bugzilla.novell.com/show_bug.cgi?id=205451 The issues are detectde by checking the complier warnings and report "things of interest". Even if the code may be actually o.k. the patches would at least help to let it look o.k. even for the compiler ;-) Kind Regards Johannes Meixner -- SUSE LINUX Products GmbH, Maxfeldstrasse 5, 90409 Nuernberg, Germany AG Nuernberg, HRB 16746, GF: Markus Rex -------------- next part -------------- A non-text attachment was scrubbed... Name: fix-buffer-overflow.patch.gz Type: application/x-gzip Size: 861 bytes Desc: fix-buffer-overflow.patch.gz Url : http://lists.alioth.debian.org/pipermail/sane-devel/attachments/20071025/0aae5c75/attachment.bin -------------- next part -------------- A non-text attachment was scrubbed... Name: fix-uninitialized-variables.patch.gz Type: application/x-gzip Size: 256 bytes Desc: fix-uninitialized-variables.patch.gz Url : http://lists.alioth.debian.org/pipermail/sane-devel/attachments/20071025/0aae5c75/attachment-0001.bin
