Package: xfig
Version: 1:3.2.5-alpha5-3
Severity: normal
I was looking at the xfig source and noticed this:
w_util.c:
static void
convert_gridstr(Widget widget, float mult)
{
double value, numer, denom, diff;
char *sval, fraction[20];
double fracts[] = { 2, 4, 8, 16, 32 };
double tol[] = { 0.05, 0.1, 0.2, 0.3, 0.6};
#define NUM_FRACTS sizeof(fracts)/sizeof(int)
NUM_FRACTS should be sizeof(fracts)/sizeof(double), otherwise the
loops for (i=0; i<NUM_FRACTS; i++) overrun the end of the buffer.
Eric
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.9
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages xfig depends on:
ii libc6 2.3.2.ds1-21 GNU C Library: Shared libraries an
ii libice6 4.3.0.dfsg.1-10 Inter-Client Exchange library
ii libjpeg62 6b-9 The Independent JPEG Group's JPEG
ii libpng12-0 1.2.8rel-1 PNG library - runtime
ii libsm6 4.3.0.dfsg.1-10 X Window System Session Management
ii libx11-6 4.3.0.dfsg.1-10 X Window System protocol client li
ii libxext6 4.3.0.dfsg.1-10 X Window System miscellaneous exte
ii libxi6 4.3.0.dfsg.1-10 X Window System Input extension li
ii libxmu6 4.3.0.dfsg.1-10 X Window System miscellaneous util
ii libxpm4 4.3.0.dfsg.1-10 X pixmap library
ii libxt6 4.3.0.dfsg.1-10 X Toolkit Intrinsics
ii xaw3dg 1.5+E-8 Xaw3d widget set
ii xlibs 4.3.0.dfsg.1-10 X Keyboard Extension (XKB) configu
ii zlib1g 1:1.2.2-4 compression library - runtime
-- no debconf information
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
