[sane-devel] bug #303798: possible buffer overflow in fujitsu.c
m. allan noah
anoah at pfeiffer.edu
Thu Aug 31 13:22:27 UTC 2006
On Thu, 31 Aug 2006, Johannes Meixner wrote:
>
> Hello,
>
> right now I submitted
> https://alioth.debian.org/tracker/?group_id=30186&atid=410366&func=detail&aid=303798
>
> I am not sure how to fix it.
>
> For the compiler it would be o.k. to simply use
> unsigned char buffer[11];
> so that
> s->hw_ink_remain = get_HW_ink_remain(buffer);
> which is actually after expansion of the define
> s->hw_ink_remain = buffer[10];
> is o.k. for the compiler.
>
> But this does not mean that s->hw_ink_remain contains what is
> really intended - I don't know anything about Fujitsu scanners.
oh, how embarassing :) yes, that buffer should be 11 or 12 bytes long. i
will commit a fix and close the bug report.
thanks!
allan
>
>
> Kind Regards
> Johannes Meixner
>
--
"so don't tell us it can't be done, putting down what you don't know.
money isn't our god, integrity will free our souls" - Max Cavalera
More information about the sane-devel
mailing list