The upcoming audacity 1.3.7-1 does not crash if I open the generated file from [0]. According to the Gentoo bug tracker [1] audacity 1.3.6 does not have this bug any more. You can find String_parse::get_nonspace_quoted in version 1.3.7 in lib-src/portsmf/strparse.cpp:
void String_parse::get_nonspace_quoted(string &field)
{
field.clear();
skip_space();
bool quoted = false;
if ((*str)[pos] == '"') {
quoted = true;
field.append(1, '"');
pos = pos + 1;
}
while ((*str)[pos] && (quoted || !isspace((*str)[pos]))) {
if ((*str)[pos] == '"') {
if (quoted) {
field.append(1, '"');
pos = pos + 1;
}
return;
}
if ((*str)[pos] == '\\') {
pos = pos + 1;
}
if ((*str)[pos]) {
field.append(1, (*str)[pos]);
pos = pos + 1;
}
}
}
Cheers,
Benjamin
[0] http://www.milw0rm.com/exploits/7634
[1] https://bugs.gentoo.org/show_bug.cgi?id=253493#c5
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
