I reviewed the pmw-4.24 code, and Thorsten Glaser's patch. His analysis and patch is correct. After the patch, the code is correct even in the presence of ASLR.
At least every Debian system, and probably every POSIX system, will unmap page zero to make sure null pointer dereferences are trapped. Since 256 is less than every known page size, these "small integers" are guaranteed not to be valid pointers of the kind created in tables.c to populate out_mftable_ps[]. So after casting this "pointer" to unsigned long (guaranteed by the C standard to fit), the test p < 256 will work as intended. I can't reproduce the later error reported by Ghostscript. - Larry -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
