1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
|
=== modified file 'ChangeLog'
--- foomatic-filters/ChangeLog 2010-08-27 18:01:04 +0000
+++ foomatic-filters/ChangeLog 2010-08-27 23:41:04 +0000
@@ -1,5 +1,10 @@
2010-08-27 Till Kamppeter <till.kamppeter@gmail.com>
+ * options.c: Made sure that the unhtmlify() function does not write
+ the zero byte to mark the string end beyond the buffer. Also use a
+ much larger buffer for parsing "*FoomaticRIPOptionPrototype:" in
+ the PPD file (bug #515).
+
* util.c: In strncpy_tochar() use the isempty() function to check
whether the input string is empty (bug #514).
=== modified file 'options.c'
--- foomatic-filters/options.c 2010-07-07 21:49:47 +0000
+++ foomatic-filters/options.c 2010-08-27 23:41:04 +0000
@@ -1088,8 +1088,9 @@
const char *repl;
struct tm *t = localtime(&job->time);
char tmpstr[10];
+ size_t s;
- while (*psrc && pdest - dest < size) {
+ while (*psrc && pdest - dest < size - 1) {
if (*psrc == '&') {
psrc++;
@@ -1154,8 +1155,12 @@
}
if (repl) {
- strncpy(pdest, repl, size - (pdest - dest));
- pdest += strlen(repl);
+ s = size - (pdest - dest) - 1;
+ strncpy(pdest, repl, s);
+ if (s < strlen(repl))
+ pdest += s;
+ else
+ pdest += strlen(repl);
psrc = strchr(psrc, ';') +1;
}
else {
@@ -1601,8 +1606,8 @@
/* "*FoomaticRIPOptionPrototype <option>: <code>"
Used for numerical and string options only */
opt = assure_option(name);
- opt->proto = malloc(128);
- unhtmlify(opt->proto, 128, value->data);
+ opt->proto = malloc(65536);
+ unhtmlify(opt->proto, 65536, value->data);
}
else if (!strcmp(key, "FoomaticRIPOptionRange")) {
/* *FoomaticRIPOptionRange <option>: <min> <max>
|
