Hello Mark, hello all, > On 02 May 2018 at 10:20 Mark Rogers <mark.rog...@powermapper.com> wrote: > > > Hi > > That sounds good. > > > if( pEncrypt && m_buffer.GetSize() && IsValid() ) > > As IsValid() contains only a NULL check on the buffer in m_buffer, > > the size check needs to be > 2 if ... > > At the moment buffer.GetSize()=1 produces buffer underflows so changing the > test to > buffer.GetSize()>1 or buffer.GetSize()>2 will prevent heap corruption
I'm sorry I didn't get to this until now: I think it's difficult to test because I don't see when m_buffer.GetSize() could be less than 2 in PdfString ... > > The harder question is when buffer.GetSize()=2 because this may work on some > systems > although it's relying on undefined behaviour. My maxim is: "relying on undefined behaviour is always incorrect". > > Best Regards > Mark Best regards, mabri ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Podofo-users mailing list Podofo-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/podofo-users