Re: 1.0/1.1 bug in LoadFlt
Michael Jones (mtj++at++babar)
Wed, 26 Jan 1994 08:12:22 -0800
On Jan 26, 5:46pm, Ran Yakir wrote:
> Subject: 1.0/1.1 bug in LoadFlt
:
:Actualy, not in LoadFlt buf in one of its static functions named -
:getTexture (and resides in pfflt/geom.c).
:getTexture attepts to read the attributes file (.attr) using the line
:
: read(ifd, (char*)&texAttr, stbuf.st_size);
:
:where :
:1. stbuf is the buffer returned by stat(), and stbuf.st_size containts
: the attributes file size.
:2. texAttr is a structure that will contain the full contents of the file.
:
:If, for some reason, the .attr file is larger then its minimal size,
:the read command will run over texAttr right into the rest of the stack, and
:mess things up. You won't notice it at first, but then some malloc() will
:core you dump (or dump your core).
:
:What should be done (and is easy to do on-site) is replacing the line
:with :
:
: read(ifd, (char*)&texAttr, sizeof texAttr);
Good observation. This was indeed a bug in LoadFlt() and the fix given
by Ran Yakir is the right one.
--
Be seeing you, mtj++at++sgi.com 415.390.1455 M/S 7L-590
Michael Jones Silicon Graphics, Advanced Graphics Division
2011 N. Shoreline Blvd., Mtn. View, CA 94039-7311
This archive was generated by hypermail 2.0b2
on Mon Aug 10 1998 - 17:50:09 PDT